www.varian.com Open in urlscan Pro
151.101.38.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.hr-internal.co/Compensation/800e9345c0?l=10
Effective URL:
https://www.varian.com/you-have-been-phished-vit
Submission: On June 25 via manual (June 25th 2019, 8:15:45 am UTC) from SG

Summary HTTP 117 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 24 domains to perform 117 HTTP transactions. The main IP is 151.101.38.133, located in Amsterdam, Netherlands and belongs to FASTLY - Fastly, US. The main domain is www.varian.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 2nd 2018. Valid for: a year.

This is the only time www.varian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	52.31.150.82 52.31.150.82	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
8	52.216.17.88 52.216.17.88	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a02:26f0:6c0... 2a02:26f0:6c00:19d::196	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.222.149.202 52.222.149.202	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
38	151.101.38.133 151.101.38.133	54113 (FASTLY) (FASTLY - Fastly)
2	2606:4700::68... 2606:4700::6813:c597	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2a04:4e42::621 2a04:4e42::621	54113 (FASTLY) (FASTLY - Fastly)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a00:1450:400... 2a00:1450:4001:820::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.18.99.155 52.18.99.155	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2606:4700:20:... 2606:4700:20::6819:8a76	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	52.222.157.214 52.222.157.214	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.232.28.189 18.232.28.189	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	34.242.212.186 34.242.212.186	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 3	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1 1	2a05:f500:11:... 2a05:f500:11:101::b93f:9001	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1	52.222.157.132 52.222.157.132	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	52.214.119.15 52.214.119.15	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.222.157.125 52.222.157.125	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	34.95.92.78 34.95.92.78	15169 (GOOGLE) (GOOGLE - Google LLC)
5	54.76.203.99 54.76.203.99	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	34.194.52.254 34.194.52.254	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	52.222.149.144 52.222.149.144	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.72.143.230 54.72.143.230	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
117	25

37 52.31.150.82 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com

www.hr-internal.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dataentry.eu.threatsim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.216.17.88 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com

tslp.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:19d::196 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

java.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.202 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-149-202.fra53.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 151.101.38.133 (Amsterdam, Netherlands)

ASN54113 (FASTLY - Fastly, US)

www.varian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42::621 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.99.155 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-18-99-155.eu-west-1.compute.amazonaws.com

consent.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6819:8a76 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.157.214 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-214.fra53.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.232.28.189 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: pi0-lba1-6-ue1.aws.pardot.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.212.186 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-242-212-186.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:f500:11:101::b93f:9005 (Ireland) 2 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:11:101::b93f:9001 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.157.132 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-132.fra53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.119.15 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-214-119-15.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.157.125 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-125.fra53.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.92.78 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 78.92.95.34.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.76.203.99 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-76-203-99.eu-west-1.compute.amazonaws.com

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.52.254 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-194-52-254.compute-1.amazonaws.com

us2.siteimprove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.144 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-149-144.fra53.r.cloudfront.net

d6tizftlrpuof.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.143.230 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-143-230.eu-west-1.compute.amazonaws.com

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	varian.com www.varian.com	983 KB
33	threatsim.com dataentry.eu.threatsim.com	563 B
8	amazonaws.com tslp.s3.amazonaws.com	157 KB
6	trustarc.com consent.trustarc.com consent-pref.trustarc.com	23 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com	2 KB
4	jsdelivr.net cdn.jsdelivr.net	50 KB
4	google-analytics.com www.google-analytics.com	18 KB
4	hr-internal.co www.hr-internal.co	10 KB
2	bidr.io 2 redirects match.prod.bidr.io	707 B
2	company-target.com api.company-target.com segments.company-target.com	2 KB
2	pardot.com pi.pardot.com	4 KB
2	cloudflare.com cdnjs.cloudflare.com	18 KB
2	cloudfront.net d2wy8f7a9ursnm.cloudfront.net d6tizftlrpuof.cloudfront.net	6 KB
1	siteimprove.com us2.siteimprove.com	406 B
1	rlcdn.com id.rlcdn.com	40 B
1	usabilla.com w.usabilla.com	10 KB
1	licdn.com snap.licdn.com	5 KB
1	demandbase.com scripts.demandbase.com	15 KB
1	siteimproveanalytics.com siteimproveanalytics.com	8 KB
1	truste.com consent.truste.com	2 KB
1	googletagmanager.com www.googletagmanager.com	25 KB
1	aspnetcdn.com ajax.aspnetcdn.com	32 KB
1	googleapis.com ajax.googleapis.com	33 KB
1	java.com java.com	18 KB
117	24

	Domain	Requested by
38	www.varian.com	www.hr-internal.co www.varian.com ajax.aspnetcdn.com
33	dataentry.eu.threatsim.com	ajax.googleapis.com www.hr-internal.co
8	tslp.s3.amazonaws.com	www.hr-internal.co
5	consent.trustarc.com	consent.truste.com
4	cdn.jsdelivr.net	www.varian.com ajax.aspnetcdn.com
4	www.google-analytics.com	www.hr-internal.co www.varian.com
4	www.hr-internal.co	www.hr-internal.co
3	px.ads.linkedin.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	pi.pardot.com	www.varian.com pi.pardot.com
2	cdnjs.cloudflare.com	www.varian.com
1	consent-pref.trustarc.com	consent.trustarc.com
1	d6tizftlrpuof.cloudfront.net	www.varian.com
1	us2.siteimprove.com
1	id.rlcdn.com
1	segments.company-target.com
1	api.company-target.com	scripts.demandbase.com
1	www.linkedin.com	1 redirects
1	w.usabilla.com	www.varian.com
1	snap.licdn.com	www.varian.com
1	scripts.demandbase.com	www.varian.com
1	siteimproveanalytics.com	www.varian.com
1	consent.truste.com	www.varian.com
1	www.googletagmanager.com	www.varian.com
1	ajax.aspnetcdn.com	www.varian.com
1	ajax.googleapis.com	www.hr-internal.co
1	d2wy8f7a9ursnm.cloudfront.net	www.hr-internal.co
1	java.com	www.hr-internal.co
117	28

This site contains links to these domains. Also see Links.

Domain
www.myvarian.com
patient.varian.com
investors.varian.com
medicalaffairs.varian.com
newsroom.varian.com
www.linkedin.com
twitter.com
www.facebook.com
teamup.varian.com
www.wssfn-congress.org

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-11-07` - `2020-02-07`	a year	crt.sh
www.java.com DigiCert ECC Extended Validation Server CA	`2018-02-21` - `2020-02-21`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
*.eu.threatsim.com COMODO RSA Domain Validation Secure Server CA	`2018-01-07` - `2020-01-07`	2 years	crt.sh
varian.com DigiCert SHA2 Secure Server CA	`2018-10-02` - `2019-10-03`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-02` - `2019-09-08`	6 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-29` - `2020-04-23`	a year	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2018-03-30` - `2020-03-30`	2 years	crt.sh
*.truste.com Go Daddy Secure Certificate Authority - G2	`2018-01-26` - `2021-03-06`	3 years	crt.sh
ssl379359.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-05-27` - `2019-12-03`	6 months	crt.sh
*.demandbase.com Go Daddy Secure Certificate Authority - G2	`2018-09-20` - `2020-11-19`	2 years	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.pardot.com DigiCert SHA2 Secure Server CA	`2019-01-21` - `2020-01-22`	a year	crt.sh
w.usabilla.com Amazon	`2019-05-08` - `2020-06-08`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2017-08-18` - `2019-08-18`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2017-07-18` - `2020-07-17`	3 years	crt.sh
*.siteimprove.com DigiCert SHA2 Secure Server CA	`2018-01-03` - `2020-03-11`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.varian.com/you-have-been-phished-vit
Frame ID: 15623CAF13FBAA19B31BB8491FCF9A11
Requests: 114 HTTP requests in this frame

Frame: https://w.usabilla.com/43d051c3eef2.js?lv=1
Frame ID: 49ACA40C5A0BC470B70F268E7AADAA5C
Requests: 1 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/varian-medical-systems-button-3714f7c9eb6a13e2258af0815eeb493a.png
Frame ID: ED80C8D11E00527D0E23FED25A659DEE
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=varian&site=varian.com&action=notice&country=de&locale=en&behavior=expressed&layout=default_eu&from=https://consent.trustarc.com/
Frame ID: F5B6D5DF2C729D6AF47D1AAC47F30B3C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.hr-internal.co/Compensation/800e9345c0?l=10 Page URL
https://www.varian.com/you-have-been-phished-vit Page URL

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

script /drupal\.js/i
meta generator /^Drupal(?:\s([\d.]+))?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /drupal\.js/i
meta generator /^Drupal(?:\s([\d.]+))?/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Apache Traffic Server (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /ATS\/?([\d.]+)?/i

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

117
Requests

95 %
HTTPS

37 %
IPv6

24
Domains

28
Subdomains

25
IPs

5
Countries

1418 kB
Transfer

2757 kB
Size

0
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.myvarian.com/s/webinars
Title: Webinars

Search URL Search Domain Scan URL

URL: https://patient.varian.com/
Title: For Patients

Search URL Search Domain Scan URL

URL: http://investors.varian.com/
Title: Investors

Search URL Search Domain Scan URL

URL: http://investors.varian.com/index.php?s=120
Title: Annual Reports

Search URL Search Domain Scan URL

URL: http://investors.varian.com/index.php?s=122
Title: Stock Information

Search URL Search Domain Scan URL

URL: http://investors.varian.com/presentations
Title: Presentations

Search URL Search Domain Scan URL

URL: http://investors.varian.com/index.php?s=19
Title: News & Events

Search URL Search Domain Scan URL

URL: http://investors.varian.com/index.php?s=64
Title: Corporate Governance

Search URL Search Domain Scan URL

URL: http://investors.varian.com/ShareholderServices
Title: Shareholder Services

Search URL Search Domain Scan URL

URL: http://investors.varian.com/index.php?s=11
Title: Investor Contacts

Search URL Search Domain Scan URL

URL: http://medicalaffairs.varian.com/
Title: Medical Affairs

Search URL Search Domain Scan URL

URL: http://newsroom.varian.com/pressreleases
Title: Press Releases

Search URL Search Domain Scan URL

URL: http://newsroom.varian.com/index.php?s=31899
Title: Image Gallery

Search URL Search Domain Scan URL

URL: https://www.myvarian.com/
Title: MyVarian

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?title=You%20have%20been%20phished%20by%20VIT!%20Varian%20Medical%20Systems&url=https://www.varian.com/you-have-been-phished-vit

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=You%20have%20been%20phished%20by%20VIT!%20Varian%20Medical%20Systems%20https://www.varian.com/you-have-been-phished-vit

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.varian.com/you-have-been-phished-vit&p[title]=You%20have%20been%20phished%20by%20VIT!%20Varian%20Medical%20Systems&display=popup

Search URL Search Domain Scan URL

URL: https://teamup.varian.com/sites/forms/SitePages/Security%20Incident.aspx
Title: Report Information Incident

Search URL Search Domain Scan URL

URL: https://www.wssfn-congress.org/2019/Pages/default.aspx
Title: 18th Biennial Meeting of the World Society for Stereotactic & Functional Surgery

Search URL Search Domain Scan URL

URL: https://www.facebook.com/VarianMedicalSystems

Search URL Search Domain Scan URL

URL: https://twitter.com/VarianMedSys

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/varian-medical-systems

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.hr-internal.co/Compensation/800e9345c0?l=10 Page URL
https://www.varian.com/you-have-been-phished-vit Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 48

http://www.google-analytics.com/r/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1217687453&gjid=2094604528&cid=909832172.1561450529&tid=UA-83403-17&_gid=1122588473.1561450529&_r=1&z=1923579710 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1217687453&gjid=2094604528&cid=909832172.1561450529&tid=UA-83403-17&_gid=1122588473.1561450529&_r=1&z=1923579710

Request Chain 49

http://www.google-analytics.com/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=909832172.1561450529&uid=800e9345c0&tid=UA-83403-17&_gid=1122588473.1561450529&z=1000928449 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=909832172.1561450529&uid=800e9345c0&tid=UA-83403-17&_gid=1122588473.1561450529&z=1000928449

Request Chain 103

https://px.ads.linkedin.com/collect/?time=1561450532158&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1 HTTP 302
https://px.ads.linkedin.com/collect/?time=1561450532158&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1561450532158%26pid%3D942233%26url%3Dhttps%253A%252F%252Fwww.varian.com%252Fyou-have-been-phished-vit%26fmt%3Djs%26s%3D1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect/?time=1561450532158&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1&cookiesTest=true&liSync=true

Request Chain 105

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AACnAE66I7AAABdZKq7YAg

117 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set 800e9345c0 Show response
www.hr-internal.co/Compensation/ 4 KB
2 KB 96ms
43ms Document
text/html 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://www.hr-internal.co/Compensation/800e9345c0?l=10

Protocol

HTTP/1.1

Server

52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-31-150-82.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

83d9d25db58445a39ce1bcc25bc76238d134d4dbe32df02af66dea9942794712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.hr-internal.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 25 Jun 2019 08:15:27 GMT
ETag: W/"56bc86fa7a03eb57f0bcbbee050d57f4"
Server: ThreatSim-Web-Server
Set-Cookie: EXFILGUID=800e9345c0; path=/ link_clicked_800e9345c0=1; path=/
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Host-Info: lw-prd-eu-i-0e94783aa8879f99b ; b5f9df22b132fa3c0285bdf01cdd13effa33f984
X-Request-Id: 81aa96ed-e1f3-4c3b-bedb-320f5d0ef756
X-Runtime: 0.009238
X-XSS-Protection: 1; mode=block
Content-Length: 950
Connection: keep-alive

GET
H/1.1 200
OK alt_pixel_click_800e9345c0.gif
www.hr-internal.co/ 0
652 B 75ms
38ms Image
image/gif 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co:49152/alt_pixel_click_800e9345c0.gif?correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10

Protocol

HTTP/1.1

Security

, ,

Server

52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-31-150-82.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.008306
Date: Tue, 25 Jun 2019 08:15:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-073776b9e669c622a, ; b5f9df22b132fa3c0285bdf01cdd13effa33f984
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: fd315a51-ccc7-4565-b992-11b10b942b77

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 425ms
110ms Script
text/javascript 52.216.17.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: CFE4317BF8C80FC4
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
Content-Length: 50085
Accept-Ranges: bytes
x-amz-version-id: null
x-amz-id-2: hc7N6eetZDe0ui7J5vVeWe3xQDVdvlEadKIY89Np4hsXRxaUAyq0mePibG62B1wfMefWstIuaq8=

GET
H/1.1 200
OK java.js Show response
tslp.s3.amazonaws.com/detect/ 50 KB
50 KB 426ms
111ms Script
text/javascript 52.216.17.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/java.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
Server: AmazonS3
x-amz-request-id: 1E6FF6AB97AC16A9
ETag: "2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type: text/javascript
Content-Length: 50717
Accept-Ranges: bytes
x-amz-version-id: null
x-amz-id-2: jvBpYbTsNbt52xtO/iNrI2c5B1OR8GsXpu5rKoJRUN3byvyC6espDz+StQtyDp/AOqlqeF7KqLY=

GET
H2 200 deployJava.js Show response
java.com/js/ 18 KB
18 KB 99ms
13ms Script
application/javascript 2a02:26f0:6c00:19d::196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://java.com/js/deployJava.js

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:19d::196 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Oracle-HTTP-Server /

Resource Hash

358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:28 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename=deployJava.js;filename*=UTF-8''deployJava.js
server-timing: cdn-cache; desc=HIT, edge; dur=0
content-length: 18444
x-xss-protection: 1
mdt-type: abinary;charset=UTF-8
last-modified: Fri, 07 Jul 2017 23:29:07 GMT
server: Oracle-HTTP-Server
x-frame-options: SAMEORIGIN
x-oracle-dms-ecid: 005Kza_yrKd9Tcw70Fm3UF0003QU009rYR
content-type: application/javascript
expires: Wed, 26 Jun 2019 08:15:28 GMT
cache-control: max-age=86400
x-oracle-dms-rid: 0:1

GET
H/1.1 200
OK flash.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 431ms
116ms Script
text/javascript 52.216.17.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/flash.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
Server: AmazonS3
x-amz-request-id: ED819856FF73529E
ETag: "f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type: text/javascript
Content-Length: 6680
Accept-Ranges: bytes
x-amz-version-id: null
x-amz-id-2: PaheYXDKv3VRsJTmnYLppzhJXoPfVrqIOyISCfyI2oDewdlJpwISWEKhuxlGzqosDhkw+j4ZS3w=

GET
H/1.1 200
OK pdf.js Show response
tslp.s3.amazonaws.com/detect/ 22 KB
23 KB 431ms
113ms Script
text/javascript 52.216.17.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/pdf.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
Server: AmazonS3
x-amz-request-id: 67C8C156B8F9C582
ETag: "0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type: text/javascript
Content-Length: 22855
Accept-Ranges: bytes
x-amz-version-id: null
x-amz-id-2: LGCLaV9DVEkFnWqTrFV5a0ABq0CRndCFG1ZA+NZJ5sktzrIbC5N+dCVS8fEUk46ua7fCHc7GznE=

GET
H/1.1 200
OK quicktime.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 433ms
115ms Script
text/javascript 52.216.17.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
Server: AmazonS3
x-amz-request-id: 0E5CE51CEB7DD7B7
ETag: "ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type: text/javascript
Content-Length: 6999
Accept-Ranges: bytes
x-amz-version-id: null
x-amz-id-2: at4ArWicDk1QFQpVmXx45J/3dvtgS+g2KfkySHsCZaCl4JFDzC8KfPaTwbIq4YnW9ZTc0/iosqk=

GET
H/1.1 200
OK realplayer.js Show response
tslp.s3.amazonaws.com/detect/ 10 KB
10 KB 434ms
115ms Script
text/javascript 52.216.17.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
Server: AmazonS3
x-amz-request-id: 623FAAD297377521
ETag: "3d7be656672c16a34806c13388410325"
Content-Type: text/javascript
Content-Length: 9775
Accept-Ranges: bytes
x-amz-version-id: null
x-amz-id-2: rDzS86nxWxwvDNtepl/yBDA/2yK0XBY8AFtnJXX0N8tYushtV/1mcZ3tb49DFPY2hf+7oVhI+kc=

GET
H/1.1 200
OK silverlight.js Show response
tslp.s3.amazonaws.com/detect/ 4 KB
5 KB 108ms
99ms Script
text/javascript 52.216.17.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
Server: AmazonS3
x-amz-request-id: 36C1F92A387F76C3
ETag: "e6dd596d2bc204ea573b868b92028c26"
Content-Type: text/javascript
Content-Length: 4234
Accept-Ranges: bytes
x-amz-version-id: null
x-amz-id-2: Fnd/4MNePZ0o8kcp4IccudA1U1+ckM7XbrH56RDI7agFwytOtNYIll5uolbKJY1eH7dUQbUpGZg=

GET
H/1.1 200
OK wmp.js Show response
tslp.s3.amazonaws.com/detect/ 6 KB
6 KB 112ms
104ms Script
text/javascript 52.216.17.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/wmp.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
Server: AmazonS3
x-amz-request-id: 52C66EA7266823C8
ETag: "ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type: text/javascript
Content-Length: 5941
Accept-Ranges: bytes
x-amz-version-id: null
x-amz-id-2: q+Hl6lXQ/dHl76pk7R7eb173/5R8HOoLUkp6qPchIyS7zAlXvlyYTz6Vs0gAZPqKQ5hA3ouu1CE=

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 86ms
7ms Script
application/javascript 52.222.149.202
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: , ,
Server: 52.222.149.202 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-149-202.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 02 Jun 2019 00:52:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 199185
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 59574f77a7cf2d23d64904db278e5711.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
X-Amz-Cf-Pop: FRA53
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: A5P3DgfjYOPzjfKApsEo2c-xRDM1VXyQ_aUHOhcFNf3-zjUxmZBTmw==

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 19 Jun 2019 18:27:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 481659
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 33018
X-XSS-Protection: 0
Expires: Thu, 18 Jun 2020 18:27:49 GMT

GET
H/1.1 200
OK google-tracking.js Show response
www.hr-internal.co/assets/ 455 B
707 B 35ms
30ms Script
application/javascript 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hr-internal.co/assets/google-tracking.js?g=800e9345c0
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: , ,
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 May 2019 16:12:27 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 316
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.js Show response
www.hr-internal.co/assets/ 28 KB
7 KB 73ms
34ms Script
application/javascript 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hr-internal.co/assets/all.js?g=800e9345c0
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: , ,
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: fc3a60612727fc66e47e47d4de4b1d4e5d46021f8d779ee1e9880a1ebf508359

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:28 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 May 2019 14:17:35 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 7152
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:809::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 May 2019 23:53:44 GMT
server: Golfe2
age: 5302
date: Tue, 25 Jun 2019 06:47:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17595
expires: Tue, 25 Jun 2019 08:47:07 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

POST
H/1.1 200
OK browser_post Show response
dataentry.eu.threatsim.com/secure/ 0
563 B 220ms
38ms XHR
image/gif 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://dataentry.eu.threatsim.com/secure/browser_post

Requested by

Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-31-150-82.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Origin: http://www.hr-internal.co
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-Runtime: 0.006455
Date: Tue, 25 Jun 2019 08:15:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-0e94783aa8879f99b, ; b5f9df22b132fa3c0285bdf01cdd13effa33f984
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 9c7838f5-5eea-4135-81d3-1440b22cadd6

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 183ms
32ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 192ms
43ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 193ms
38ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 195ms
39ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 245ms
45ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20browser_version%20%3D%2074&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 39ms
37ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 44ms
41ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20os_version%20%3D%2010.14.5&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 41ms
38ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 34ms
31ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 70ms
30ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 45ms
36ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 39ms
32ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 36ms
30ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 39ms
33ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=java_version_pl%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 56ms
31ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 32ms
30ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=java_version_jres%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 42ms
38ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=java_version%20%3D%20undefined&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 34ms
31ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20flash%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 38ms
36ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=flash%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 37ms
35ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20pdf%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 33ms
32ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 38ms
32ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=pdf%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 43ms
40ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20quicktime%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 36ms
34ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=quicktime%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 36ms
33ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20RealPlayer%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 37ms
34ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=realplayer%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 52ms
51ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20Silverlight%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 43ms
35ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=silverlight%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 59ms
31ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 67ms
40ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=wmp%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 68ms
41ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=redirecting%20to%20https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H2

200

collect
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp...
https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&v...

35 B
111 B

16ms
15ms

Image
image/gif

2a00:1450:4001:809::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1217687453&gjid=2094604528&cid=909832172.1561450529&tid=UA-83403-17&_gid=1122588473.1561450529&_r=1&z=1923579710

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jun 2019 08:15:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1217687453&gjid=2094604528&cid=909832172.1561450529&tid=UA-83403-17&_gid=1122588473.1561450529&_r=1&z=1923579710
Non-Authoritative-Reason: HSTS

GET
H2

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1...
https://www.google-analytics.com/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=...

35 B
108 B

6ms
6ms

Image
image/gif

2a00:1450:4001:809::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=909832172.1561450529&uid=800e9345c0&tid=UA-83403-17&_gid=1122588473.1561450529&z=1000928449

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jun 2019 00:00:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 980126
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=909832172.1561450529&uid=800e9345c0&tid=UA-83403-17&_gid=1122588473.1561450529&z=1000928449
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 43ms
42ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=browser_post_successful&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H2 200 Primary Request you-have-been-phished-vit Show response
www.varian.com/ 91 KB
15 KB 171ms
96ms Document
text/html 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/you-have-been-phished-vit

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/assets/all.js?g=800e9345c0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

ecdc18734af595c6a1ef67d15cf3f83ee490025a0bc25e60217f4f0edf6f3d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=900
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.varian.com
:scheme: https
:path: /you-have-been-phished-vit
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10

Response headers

status: 200
cache-control: public, max-age=10800
content-encoding: gzip
content-language: en
content-type: text/html; charset=utf-8
etag: "1561442727-1"
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Tue, 25 Jun 2019 06:05:27 GMT
link: <https://www.varian.com/you-have-been-phished-vit>; rel="canonical",<https://www.varian.com/node/71371>; rel="shortlink"
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-drupal-cache: HIT
x-frame-options: SAMEORIGIN
x-generator: Drupal 7 (https://www.drupal.org)
x-platform-server: i-05e86949aa238c1c7
x-request-id: xbg76istkjnv2tyiggfdwbdu
via: 1.1 varnish 1.1 varnish
accept-ranges: bytes
date: Tue, 25 Jun 2019 08:15:30 GMT
age: 7637
x-served-by: cache-iad2137-IAD, cache-ams21030-AMS
x-cache: HIT, HIT
x-cache-hits: 6, 1
vary: Cookie, Accept-Encoding
strict-transport-security: max-age=900
content-length: 15120

GET
H2 200 css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css
www.varian.com/sites/default/files/css/ 3 KB
1 KB 29ms
27ms Stylesheet
text/css 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/default/files/css/css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

9506997e3569c0ffe818da9db56092a494f510ca9774c894f387a42cbc509dce

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 1159657
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 3
strict-transport-security: max-age=900
content-length: 1046
x-request-id: ykmwxcedppbvmoqoazcbnpu3
x-served-by: cache-iad2128-IAD, cache-ams21030-AMS
last-modified: Tue, 14 May 2019 08:05:03 GMT
etag: "5cda76af-416"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Thu, 30 May 2019 09:49:03 GMT

GET
H2 200 css_agZGe2JJulOVesmAwsRiWw4h7p0nQU4coTnkS_WQtRA.css
www.varian.com/sites/default/files/css/ 18 KB
4 KB 28ms
27ms Stylesheet
text/css 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/default/files/css/css_agZGe2JJulOVesmAwsRiWw4h7p0nQU4coTnkS_WQtRA.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

6a06467b6249ba53957ac980c2c4625b0e21ee9d27414e1ca139e44bf590b510

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 1111094
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 3996
x-request-id: gjq2pkg5gvcxkuck3lz33xyo
x-served-by: cache-iad2141-IAD, cache-ams21030-AMS
last-modified: Tue, 14 May 2019 08:05:03 GMT
etag: "5cda76af-f9c"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Wed, 12 Jun 2019 11:37:05 GMT

GET
H2 200 css_5-ZSonHe8e0CRCx-HUUuCfzkovcWJdGFxPtiOU5-83I.css
www.varian.com/sites/default/files/css/ 5 KB
2 KB 27ms
26ms Stylesheet
text/css 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/default/files/css/css_5-ZSonHe8e0CRCx-HUUuCfzkovcWJdGFxPtiOU5-83I.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

e7e652a271def1ed02442c7e1d452e09fce4a2f71625d185c4fb62394e7ef372

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 407368
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 1508
x-request-id: wojzw5gi44u42w4zenmezl7w
x-served-by: cache-iad2131-IAD, cache-ams21030-AMS
last-modified: Thu, 13 Jun 2019 08:38:38 GMT
etag: "5d020b8e-5e4"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Thu, 04 Jul 2019 15:06:01 GMT

GET
H2 200 jquery.qtip.min.css
cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/ 9 KB
2 KB 25ms
22ms Stylesheet
text/css 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/jquery.qtip.min.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1132573cc6851509b093bbc0ae558a50adcfaffb3ce09df37e25c2f373e2db18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:25:16 GMT
server: cloudflare
etag: W/"5afd4a7c-240a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Sun, 14 Jun 2020 08:15:30 GMT
cache-control: public, max-age=30672000
cf-ray: 4ec57e7609b796ce-FRA
served-in-seconds: 0.035

GET
H2 200 css_LqzqgCscQm_7Ncub_pT57LHyUKa_IBGUCayp2f3XkVI.css
www.varian.com/sites/default/files/css/ 687 B
521 B 26ms
24ms Stylesheet
text/css 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/default/files/css/css_LqzqgCscQm_7Ncub_pT57LHyUKa_IBGUCayp2f3XkVI.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

2eacea802b1c426ffb35cb9bfe94f9ecb1f250a6bf20119409aca9d9fdd79152

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 407368
x-cache: HIT, HIT
status: 200
x-cache-hits: 6, 702
strict-transport-security: max-age=900
content-length: 324
x-request-id: yz4wukdes353e4sx4a6yfg7f
x-served-by: cache-iad2145-IAD, cache-ams21030-AMS
last-modified: Thu, 13 Jun 2019 08:38:38 GMT
etag: "5d020b8e-144"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Thu, 04 Jul 2019 15:06:01 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/bootstrap/3.3.7/css/ 118 KB
19 KB 8ms
5ms Stylesheet
text/css 2a04:4e42::621
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
status: 200
date: Tue, 25 Jun 2019 08:15:30 GMT
content-length: 19740
x-served-by: cache-ams21036-AMS, cache-fra19154-FRA
etag: W/"1d970-ZSfYvz4ek2i6uMe2D1a8Afo6/Wg"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 drupal-bootstrap.min.css
cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.3.1/7.x-3.x/ 13 KB
3 KB 21ms
19ms Stylesheet
text/css 2a04:4e42::621
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.3.1/7.x-3.x/drupal-bootstrap.min.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

8df03bcf9f789b2985e22d3126245b64ea863898d6f45a9454fbb7a606773ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
status: 200
date: Tue, 25 Jun 2019 08:15:30 GMT
content-length: 3216
x-served-by: cache-ams21041-AMS, cache-fra19154-FRA
etag: W/"33c6-cJMaJha/fM38xNtzJuDgevbSnmI"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
www.varian.com/sites/default/files/css/ 675 KB
112 KB 28ms
24ms Stylesheet
text/css 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

e24c4cf2a491d2345863a7a7f3cbb8dd1296061c46078507e0545edf4e29952b

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 598486
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 114267
x-request-id: usgcv7ari2qvwlw34htcyj4u
x-served-by: cache-iad2132-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:44:00 GMT
etag: "5d07b540-1be5b"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 02 Jul 2019 10:00:45 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 91 KB
32 KB 167ms
3ms Script
application/javascript 152.199.19.160
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.10.2.min.js

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (frc/8F47) /

Resource Hash

0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 32915
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:10:49 GMT
server: ECAcc (frc/8F47)
etag: "80228f4cc33d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery-extend-3.4.0.js Show response
www.varian.com/misc/ 3 KB
2 KB 43ms
13ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/misc/jquery-extend-3.4.0.js?v=1.10.2

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

c54103ba57ee210ca55c052e70415402707548a4e6a68dd6efb3895019bee392

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 149
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 1416
x-request-id: uqkjyukueoiticskqexw3min
x-served-by: cache-iad2148-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:02 GMT
etag: W/"5d07b506-d57"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 01:45:09 GMT

GET
H2 200 jquery.once.js Show response
www.varian.com/misc/ 3 KB
1 KB 44ms
14ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/misc/jquery.once.js?v=1.2

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

1430f42c0d760ba8e05bb3762480502e541f654fec5739ee40625ab22dc38c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 149
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 1135
x-request-id: evvve7sgbkz5wl5iinkeieqi
x-served-by: cache-iad2120-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:02 GMT
etag: W/"5d07b506-b9e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Thu, 20 Jun 2019 22:36:27 GMT

GET
H2 200 drupal.js Show response
www.varian.com/misc/ 20 KB
8 KB 45ms
16ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/misc/drupal.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

5968e6fd2bb447f04cfccd4629a337a9668e8ca1731bf03eefd2ed9840d9a43d

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 7891
x-request-id: x3oj4d7tcnd2zbs74yw3lmjx
x-served-by: cache-iad2128-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:02 GMT
etag: W/"5d07b506-4efb"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:05 GMT

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/bootstrap/3.3.7/js/ 36 KB
10 KB 39ms
4ms Script
application/javascript 2a04:4e42::621
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cache: MISS, HIT
status: 200
date: Tue, 25 Jun 2019 08:15:30 GMT
content-length: 9832
x-served-by: cache-ams21048-AMS, cache-fra19154-FRA
etag: W/"90b5-QwpEPXSDD+m+Ju/KQx9EjBs3QPk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 fancyfiledelete.js Show response
www.varian.com/sites/all/modules/contrib/fancy_file_delete/js/ 265 B
326 B 50ms
15ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/modules/contrib/fancy_file_delete/js/fancyfiledelete.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

4690e8b7c7c1d07d0f3b8fd2e00231ac8ac67a7a821a0cde1cdee8fba89b870b

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 193
x-request-id: jwjmhl6htxykopoic7ao47b4
x-served-by: cache-iad2131-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:03 GMT
etag: W/"5d07b507-109"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:07 GMT

GET
H2 200 fancybox.js Show response
www.varian.com/sites/all/modules/contrib/fancybox/ 1 KB
528 B 48ms
14ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/modules/contrib/fancybox/fancybox.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

62baaba65b3849ef119a1a63b9ffa5cb188c99bc72a9c585650dfe00c6677160

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 403
x-request-id: 5ppp6xu5sp6jwmmvr73zwmwu
x-served-by: cache-iad2128-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:03 GMT
etag: W/"5d07b507-454"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:07 GMT

GET
H2 200 jquery.fancybox.pack.js Show response
www.varian.com/sites/all/libraries/fancybox/source/ 23 KB
10 KB 50ms
16ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/libraries/fancybox/source/jquery.fancybox.pack.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 9692
x-request-id: sa2im642tiacuoj4vhaez4er
x-served-by: cache-iad2133-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:03 GMT
etag: W/"5d07b507-5a5f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:09 GMT

GET
H2 200 jquery.mousewheel-3.0.6.pack.js Show response
www.varian.com/sites/all/libraries/fancybox/lib/ 1 KB
882 B 48ms
15ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/libraries/fancybox/lib/jquery.mousewheel-3.0.6.pack.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 724
x-request-id: vnqwlzcxle75n6iank2pzusc
x-served-by: cache-iad2126-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:03 GMT
etag: W/"5d07b507-568"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:09 GMT

GET
H2 200 jquery.qtip.min.js Show response
cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/ 43 KB
16 KB 110ms
77ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/jquery.qtip.min.js

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

322afd5c4ad9ff1122d7eac8414a69ee716764bb097d44b7db9894bc70d4a726

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:25:16 GMT
server: cloudflare
etag: W/"5afd4a7c-ad08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 14 Jun 2020 08:15:30 GMT
cache-control: public, max-age=30672000
cf-ray: 4ec57e764a0996ce-FRA
served-in-seconds: 0.022

GET
H2 200 views-bootstrap-carousel.js Show response
www.varian.com/sites/all/modules/contrib/views_bootstrap/js/ 842 B
517 B 56ms
23ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/modules/contrib/views_bootstrap/js/views-bootstrap-carousel.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

e5b51901312c47d085a0ec9880e52b73cd8cb8b1c2f0103bf66405a1325dbdd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 351
x-request-id: l4r6xquzjlv6vtx2itv6cdzt
x-served-by: cache-iad2147-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: W/"5d07b508-34a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:09 GMT

GET
H2 200 googleanalytics.js Show response
www.varian.com/sites/all/modules/contrib/google_analytics/ 6 KB
2 KB 53ms
20ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/modules/contrib/google_analytics/googleanalytics.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

312d73c2d350568c141e8b4eb5b3a2eca40d64b56ecf50eb80e37a1f70e1fc2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 240
x-cache: MISS, HIT
status: 200
x-cache-hits: 0, 2
strict-transport-security: max-age=900
content-length: 2052
x-request-id: mrc24q5vjwhtc5m4zihjvok3
x-served-by: cache-iad2140-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:03 GMT
etag: W/"5d07b507-1874"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 07:49:23 GMT

GET
H2 200 qtip.js Show response
www.varian.com/sites/all/modules/contrib/qtip/js/ 2 KB
1007 B 53ms
20ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/modules/contrib/qtip/js/qtip.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

2a6a8d7c39d6c358f0b98b7572a56dd1c37ce00a2f906d016aa1468e522f408a

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 863
x-request-id: 7qiarx562fb4pci63fswywdl
x-served-by: cache-iad2132-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:03 GMT
etag: W/"5d07b507-8ce"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:09 GMT

GET
H2 200 jquery.hoverIntent.js Show response
www.varian.com/sites/all/themes/varian_bootstrap/js/build/ 1 KB
789 B 62ms
30ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/jquery.hoverIntent.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

d7a65482b04e0c1cec1e03112dc893864ad730fd473b37ce424f259193425fdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 3, 2
strict-transport-security: max-age=900
content-length: 591
x-request-id: o2bgdsuygcc2fjnkdmftljln
x-served-by: cache-iad2139-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: W/"5d07b508-567"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:09 GMT

GET
H2 200 jquery.lazyload.js Show response
www.varian.com/sites/all/themes/varian_bootstrap/js/build/ 3 KB
1 KB 62ms
30ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/jquery.lazyload.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

9f3c3c551c86975bab0c70f0d3fe75d14b6496198636b6004423e0a1b5cef28a

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 1294
x-request-id: 6idan4zmwaudie3nhbsd7v2g
x-served-by: cache-iad2127-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: W/"5d07b508-cf8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:09 GMT

GET
H2 200 jquery.isonscreen.min.js Show response
www.varian.com/sites/all/themes/varian_bootstrap/js/build/ 451 B
448 B 62ms
31ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/jquery.isonscreen.min.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

bd94d3ffc2629e2f302dcb3ca1aec5ea0e9a1d86cb2d2b2599712d89f065af0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 283
x-request-id: xbzcfq2csze4hxcskm54u5qc
x-served-by: cache-iad2151-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: W/"5d07b508-1c3"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:09 GMT

GET
H2 200 ekko-lightbox.min.js Show response
www.varian.com/sites/all/themes/varian_bootstrap/js/build/ 14 KB
5 KB 55ms
24ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/ekko-lightbox.min.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

5d644f1a2d803750758d828a83ac7418c1753001cd446e4fa39aee33f6d26483

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-052edb9d6808215c1
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 4889
x-request-id: 5l3qwozyesxpfwvjilb2neih
x-served-by: cache-iad2150-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: W/"5d07b508-3934"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:09 GMT

GET
H2 200 varian.js Show response
www.varian.com/sites/all/themes/varian_bootstrap/js/build/ 44 KB
13 KB 62ms
31ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/varian.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

e388c79096e39a793cdf1dc4a442b29884ae1665e79970950f44744c6c674608

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 13009
x-request-id: derrudmdv32cxgd6v2d6zm2q
x-served-by: cache-iad2129-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: W/"5d07b508-af0a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:09 GMT

GET
H2 200 logoWhiteSmall.png
www.varian.com/sites/all/themes/varian_bootstrap/images/ 20 KB
20 KB 60ms
30ms Image
image/png 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/images/logoWhiteSmall.png

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

393c82aadf1d1b263a352cd66d8385de31e711b745d01be8b0ab4e3aed30aafd

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-0a340618b900f1e59
age: 281
x-cache: HIT, HIT
status: 200
content-length: 20386
x-request-id: czaoxwbxxnsorjytb3npvh22
x-served-by: cache-iad2130-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: "5d07b508-4fa2"
strict-transport-security: max-age=900
content-type: image/png
expires: Fri, 21 Jun 2019 22:26:58 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 1, 2

GET
H2 200 lazy.gif
www.varian.com/sites/all/themes/varian_bootstrap/images/ 42 B
200 B 113ms
100ms Image
image/gif 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/images/lazy.gif

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-052edb9d6808215c1
age: 271
x-cache: HIT, HIT
status: 200
content-length: 42
x-request-id: cjxsr4ps324hd24wifjrnkyq
x-served-by: cache-iad2124-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: "5d07b508-2a"
strict-transport-security: max-age=900
content-type: image/gif
expires: Sun, 23 Jun 2019 17:20:09 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 1, 2

GET
H2 200 phishing_small.jpg
www.varian.com/sites/default/files/ 58 KB
58 KB 31ms
13ms Image
image/jpeg 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varian.com/sites/default/files/phishing_small.jpg

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

6b03344710b3004beecb8645a7679bb057d65bf1faf1cb41f542ba74a09eb76f

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-05e86949aa238c1c7
age: 169
x-cache: HIT, HIT
status: 200
content-length: 59440
x-request-id: o7xsji4lunyxa4y7d3wdl4yl
x-served-by: cache-iad2142-IAD, cache-ams21030-AMS
last-modified: Mon, 27 Aug 2018 17:04:46 GMT
etag: "5b842f2e-e830"
strict-transport-security: max-age=900
content-type: image/jpeg
expires: Tue, 25 Jun 2019 06:08:08 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 1, 2

GET
H2 200 phish_circle.jpg
www.varian.com/sites/default/files/ 16 KB
16 KB 17ms
15ms Image
image/jpeg 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varian.com/sites/default/files/phish_circle.jpg

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

e6b29b31a54468f48b1d9afca085ff9519528225005003fe6c61d7d9b5e98606

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-05e86949aa238c1c7
age: 169
x-cache: HIT, HIT
status: 200
content-length: 16665
x-request-id: eaawfjynz5czdyy6z3o666sy
x-served-by: cache-iad2147-IAD, cache-ams21030-AMS
last-modified: Mon, 27 Aug 2018 17:05:19 GMT
etag: "5b842f4f-4119"
strict-transport-security: max-age=900
content-type: image/jpeg
expires: Tue, 25 Jun 2019 06:08:08 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 1, 2

GET
H2 200 logoFooter.png
www.varian.com/sites/all/themes/varian_bootstrap/images/ 23 KB
24 KB 14ms
13ms Image
image/png 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/images/logoFooter.png

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

a6c60b251a29da5144ea1a00e54507aea9d39280482c2810f3539b2786b60b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-0a340618b900f1e59
age: 271
x-cache: HIT, HIT
status: 200
content-length: 24014
x-request-id: iw7jgusigmepmeygegf4font
x-served-by: cache-iad2124-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: "5d07b508-5dce"
strict-transport-security: max-age=900
content-type: image/png
expires: Sun, 23 Jun 2019 22:06:43 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 1, 70

GET
H2 200 bootstrap.js Show response
www.varian.com/sites/all/themes/bootstrap/js/ 10 KB
3 KB 32ms
12ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/bootstrap/js/bootstrap.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

0c8a4fa988b7615aa50d5322931e3031ca3d79fdbda4fe47d5dd2eeed05a3d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-052edb9d6808215c1
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 3142
x-request-id: emflakzwr5wq75uaw56ahj66
x-served-by: cache-iad2137-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: W/"5d07b508-26bb"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:09 GMT

GET
H2 200 analytics.js Show response
www.varian.com/sites/default/files/googleanalytics/ 43 KB
17 KB 27ms
26ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/default/files/googleanalytics/analytics.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 239
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 17595
x-request-id: yqgmh6prfktqdzrmr7f7cian
x-served-by: cache-iad2141-IAD, cache-ams21030-AMS
last-modified: Wed, 29 May 2019 07:04:04 GMT
etag: "5cee2ee4-44bb"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:09 GMT

GET
H2 200 fontawesome-webfont.woff2
www.varian.com/sites/all/themes/varian_bootstrap/webfonts// 70 KB
70 KB 18ms
18ms Font
font/woff2 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/webfonts//fontawesome-webfont.woff2?v=4.6.2

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

2932abf996373e87fbf2e950876b1962f1b57db954a1643ea68831d9fbb74da4

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
Origin: https://www.varian.com

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-05e86949aa238c1c7
age: 192
x-cache: HIT, HIT
status: 200
content-length: 71760
x-request-id: 2qn2g43cyzk2ul6uru3v3qau
x-served-by: cache-iad2146-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: "5d07b508-11850"
strict-transport-security: max-age=900
content-type: font/woff2
expires: Sat, 22 Jun 2019 16:31:42 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 1, 2

GET
H2 200 298938_C_0.woff
www.varian.com/sites/all/themes/varian_bootstrap/webfonts/ 70 KB
70 KB 30ms
29ms Font
font/woff 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/webfonts/298938_C_0.woff

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

39d78049b553bf7900010de8b76ebb17c7bd5b885ff4f432365c85ab9694329d

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
Origin: https://www.varian.com

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-0a340618b900f1e59
age: 241
x-cache: HIT, HIT
status: 200
content-length: 71780
x-request-id: nac5ld7fbnk7wwxnemgcxt6t
x-served-by: cache-iad2142-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: "5d07b508-11864"
strict-transport-security: max-age=900
content-type: font/woff
expires: Sat, 22 Jun 2019 22:23:08 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 1, 2

GET
H2 200 298938_D_0.woff
www.varian.com/sites/all/themes/varian_bootstrap/webfonts/ 76 KB
76 KB 31ms
30ms Font
font/woff 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/webfonts/298938_D_0.woff

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

93f28432edd5197c0a4b4bae5953e57c0179bcd1cb8941c7ab564aaa1642518c

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
Origin: https://www.varian.com

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-0a340618b900f1e59
age: 192
x-cache: HIT, HIT
status: 200
content-length: 77756
x-request-id: 2qrp2zddgsjblg3qta2nn37s
x-served-by: cache-iad2146-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: "5d07b508-12fbc"
strict-transport-security: max-age=900
content-type: font/woff
expires: Sun, 23 Jun 2019 20:13:53 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 1, 2

GET
H2 200 glyphicons-halflings-regular.woff2
www.varian.com/sites/all/themes/varian_bootstrap/bootstrap/fonts/ 18 KB
18 KB 31ms
30ms Font
font/woff2 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/bootstrap/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
Origin: https://www.varian.com

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-05e86949aa238c1c7
age: 192
x-cache: HIT, HIT
status: 200
content-length: 18028
x-request-id: dyjmgtx5kvmcqttxrgratkuw
x-served-by: cache-iad2132-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: "5d07b508-466c"
strict-transport-security: max-age=900
content-type: font/woff2
expires: Sat, 22 Jun 2019 07:02:24 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 1, 2

GET
H2 200 298938_E_0.woff
www.varian.com/sites/all/themes/varian_bootstrap/webfonts/ 66 KB
66 KB 27ms
27ms Font
font/woff 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/webfonts/298938_E_0.woff

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

8811a5e2337b921c7c4aebe8000a1b82cabd24c1f5c50873c57067558cf3eaf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
Origin: https://www.varian.com

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-052edb9d6808215c1
age: 130
x-cache: HIT, HIT
status: 200
content-length: 67614
x-request-id: sxrrddx7bd4bbda66o2rldp4
x-served-by: cache-iad2137-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: "5d07b508-1081e"
strict-transport-security: max-age=900
content-type: font/woff
expires: Fri, 21 Jun 2019 20:37:23 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 1, 2

GET
H2 200 298938_B_0.woff
www.varian.com/sites/all/themes/varian_bootstrap/webfonts/ 82 KB
82 KB 42ms
26ms Font
font/woff 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/webfonts/298938_B_0.woff

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

4811efd696ea2d6877a357cd875b59848221d215a12e1f2fe5407a0dae43518c

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
Origin: https://www.varian.com

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-052edb9d6808215c1
age: 16
x-cache: HIT, HIT
status: 200
content-length: 83458
x-request-id: xocakl6e5sx7bkgg4xkl5hr3
x-served-by: cache-iad2120-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: "5d07b508-14602"
strict-transport-security: max-age=900
content-type: font/woff
expires: Sun, 23 Jun 2019 14:57:39 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 1, 2

GET
H2 200 298938_0_0.woff
www.varian.com/sites/all/themes/varian_bootstrap/webfonts/ 40 KB
40 KB 35ms
20ms Font
font/woff 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/webfonts/298938_0_0.woff

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

77b4a3f56116e4faabbe3bdaa79755afb2ff75fd1afdcd2bbddeda531f29f5c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
Origin: https://www.varian.com

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-052edb9d6808215c1
age: 29
x-cache: HIT, HIT
status: 200
content-length: 40683
x-request-id: btw52myoubgm7xzhlfsncuca
x-served-by: cache-iad2142-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: "5d07b508-9eeb"
strict-transport-security: max-age=900
content-type: font/woff
expires: Sun, 23 Jun 2019 16:15:24 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 1, 2

GET
H2 200 298938_A_0.woff
www.varian.com/sites/all/themes/varian_bootstrap/webfonts/ 85 KB
85 KB 17ms
17ms Font
font/woff 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/webfonts/298938_A_0.woff

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

c5d155a87e3dbc7c782700ecdbd7afa57930358aa98dfcc52e9ef317e6f3c3f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
Origin: https://www.varian.com

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-052edb9d6808215c1
age: 241
x-cache: HIT, HIT
status: 200
content-length: 86566
x-request-id: nzme76d2dp2vtml256d4hjtk
x-served-by: cache-iad2147-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: "5d07b508-15226"
strict-transport-security: max-age=900
content-type: font/woff
expires: Sat, 22 Jun 2019 15:42:49 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 1, 2

GET
H2 200 glyphicons-halflings-regular.woff2
cdn.jsdelivr.net/bootstrap/3.3.7/fonts/ 18 KB
18 KB 52ms
9ms Font
font/woff2 2a04:4e42::621
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.10.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://cdn.jsdelivr.net/bootstrap/3.3.7/css/bootstrap.min.css
Origin: https://www.varian.com

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
etag: W/"466c-yjW2l9mcrk0bYPLWD803dxmH6wc"
vary: Accept-Encoding
x-cache: HIT, HIT
content-type: font/woff2
status: 200
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
date: Tue, 25 Jun 2019 08:15:31 GMT
accept-ranges: bytes
timing-allow-origin: *
content-length: 18028
x-served-by: cache-ams21038-AMS, cache-fra19174-FRA

GET
H2 200 you-have-been-phished-vit Show response
www.varian.com/ 91 KB
15 KB 105ms
100ms XHR
text/html 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/you-have-been-phished-vit

Requested by

Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.10.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

ecdc18734af595c6a1ef67d15cf3f83ee490025a0bc25e60217f4f0edf6f3d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=900
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.varian.com/you-have-been-phished-vit
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:31 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 7639
x-cache: HIT, MISS
status: 200
strict-transport-security: max-age=900
content-length: 15120
x-request-id: xbg76istkjnv2tyiggfdwbdu
x-served-by: cache-iad2132-IAD, cache-ams21030-AMS
last-modified: Tue, 25 Jun 2019 06:05:27 GMT
cache-control: public, max-age=10800
x-frame-options: SAMEORIGIN
etag: "1561442727-1"
vary: Cookie, Accept-Encoding
content-language: en
via: 1.1 varnish, 1.1 varnish
x-generator: Drupal 7 (https://www.drupal.org)
expires: Sun, 19 Nov 1978 05:00:00 GMT
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
content-type: text/html; charset=utf-8
link: <https://www.varian.com/you-have-been-phished-vit>; rel="canonical",<https://www.varian.com/node/71371>; rel="shortlink"
x-drupal-cache: HIT
x-cache-hits: 1, 0

GET
H2 200 BRAND_001_960x196_BG_6.png
www.varian.com/sites/default/files/default_images/ 140 KB
140 KB 20ms
13ms Image
image/png 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varian.com/sites/default/files/default_images/BRAND_001_960x196_BG_6.png

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

da301bacb049c1300be61603ed1bbab216c9c2c089c89ad65bc14571a5ccb1bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:31 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-0a340618b900f1e59
age: 272
x-cache: HIT, HIT
status: 200
content-length: 143490
x-request-id: suiqbnjz3k3oryjeuofb4kso
x-served-by: cache-iad2148-IAD, cache-ams21030-AMS
last-modified: Thu, 24 Sep 2015 17:54:28 GMT
etag: "560438d4-23082"
strict-transport-security: max-age=900
content-type: image/png
expires: Tue, 25 Jun 2019 05:06:34 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 1, 2

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 13ms
12ms Image
image/gif 2a00:1450:4001:809::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=334395692&t=pageview&_s=1&dl=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&dr=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&dt=You%20have%20been%20phished%20by%20VIT!%20%7C%20Varian%20Medical%20Systems&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1274180200&gjid=720372710&cid=1811604910.1561450532&tid=UA-3907074-1&_gid=1847268196.1561450532&_r=1&z=1584563401

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jun 2019 08:15:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 65 KB
25 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:820::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-5118829

Requested by

Host: www.varian.com
URL: https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/varian.js?ptn4wd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fcbe798451bb65737d70860b3296282cba11e22a39c82c56110974d2f7ade4a0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:31 GMT
content-encoding: br
last-modified: Mon, 24 Jun 2019 23:34:50 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 25485
x-xss-protection: 0
expires: Tue, 25 Jun 2019 08:15:31 GMT

GET
H2 200 notice Show response
consent.truste.com/ 4 KB
2 KB 185ms
43ms Script
text/javascript 52.18.99.155
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.truste.com/notice?domain=varian.com&c=teconsent&js=bb&noticeType=bb
Requested by: Host: www.varian.com
URL: https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/varian.js?ptn4wd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.99.155 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-99-155.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0346e559090fa2241bd7a16d7d2904ec0855fd2f4bf8f7324812a3cfa91993e6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.varian.com/you-have-been-phished-vit
Origin: https://www.varian.com

Response headers

date: Tue, 25 Jun 2019 08:15:32 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: no-cache
content-length: 1523
expires: Tue, 25 Jun 2019 08:15:31 GMT

GET
H2 200 siteanalyze_6121624.js Show response
siteimproveanalytics.com/js/ 22 KB
8 KB 144ms
12ms Script
application/javascript 2606:4700:20::6819:8a76
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_6121624.js
Requested by: Host: www.varian.com
URL: https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/varian.js?ptn4wd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:8a76 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef253b4fecc2d7667e7c5039fdb44dc14b0a34b42d5ccda9fd6e3a761973429e

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Mar 2018 13:00:23 GMT
server: cloudflare
x-amz-request-id: A991659680557E1C
etag: W/"f402b801c78bd1911de9e16af506b979"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=86400
cf-ray: 4ec57e81baf2d6d1-FRA
x-amz-id-2: NIKPoaC98Pf3suXwYQP7lVzC9G5aUgQ4wTGwKTcnWmzhF30yXCaX5gYxx67TiJJPuPmpnCL2N6o=
expires: Wed, 26 Jun 2019 08:15:32 GMT

GET
H2 200 jTxiSeMj.min.js Show response
scripts.demandbase.com/ 56 KB
15 KB 119ms
33ms Script
application/javascript 52.222.157.214
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.demandbase.com/jTxiSeMj.min.js
Requested by: Host: www.varian.com
URL: https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/varian.js?ptn4wd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.157.214 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-157-214.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c9254715ba595a1e0e29fd31826a11a21dcfcb9aedde1155cdb5f5f81ba38d5

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Jun 2019 18:43:28 GMT
content-encoding: gzip
last-modified: Thu, 20 Jun 2019 18:41:29 GMT
server: AmazonS3
age: 1285
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: ELS4p3ASSMUI2R19s2LrcbB6bQrVkJ2Q
status: 200
cache-control: public, max-age=3600
x-amz-cf-pop: FRA53
content-type: application/javascript
x-amz-cf-id: 62ZIXz98dussWv1UF_IdxzBxk4_ZGh5bjQRtSJrk-zjwH-zG8xIFAA==
via: 1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 15 KB
5 KB 129ms
46ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.varian.com
URL: https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/varian.js?ptn4wd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Dec 2018 23:03:30 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=22383
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4571

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 430ms
97ms Script
application/javascript 18.232.28.189
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.varian.com
URL: https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/varian.js?ptn4wd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: pi0-lba1-6-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: f6652dacc3641651bf842bb18861c6fbb66581a3dd2c41dde3226764740684b6

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:32 GMT
Content-Encoding: gzip
X-Pardot-Route: ea50fcd3dcf777490e1499615b883deb
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
Last-Modified: Mon, 29 Oct 2018 21:18:00 GMT
Server: PardotServer
ETag: "13e7-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 1817
Expires: Thu, 24 Jun 2021 08:15:32 GMT

GET
H2 200 43d051c3eef2.js Show response
w.usabilla.com/ Frame 49AC 33 KB
10 KB 207ms
37ms Script
text/javascript 34.242.212.186
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/43d051c3eef2.js?lv=1
Requested by: Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.212.186 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-242-212-186.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ae524921f0513d59c9cc710a5311b2acab60c16e4033b1a92653e06205b6f685

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jun 2019 08:15:32 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "758c206832ebe509a18dc595a48f7f49"
content-type: text/javascript
status: 200
cache-control: public,max-age=0
content-length: 10458

GET
H2

200

/ Show response
px.ads.linkedin.com/collect/
Redirect Chain

https://px.ads.linkedin.com/collect/?time=1561450532158&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1
https://px.ads.linkedin.com/collect/?time=1561450532158&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1561450532158%26pid%3D942233%26url%3Dhttps%253A%252F%252Fwww.varian.com%252Fyou-have-been-phishe...
https://px.ads.linkedin.com/collect/?time=1561450532158&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1&cookiesTest=true&liSync=true

0
78 B

180ms
179ms

Script
application/javascript

2a05:f500:11:101::b93f:9005
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/collect/?time=1561450532158&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1&cookiesTest=true&liSync=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:32 GMT
content-encoding: gzip
server: Play
vary: Accept-Encoding
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 20
x-li-uuid: TwfnIv1iqxXADMIttSoAAA==

Redirect headers

date: Tue, 25 Jun 2019 08:15:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 302
x-li-pop: prod-tln1
content-length: 20
x-li-uuid: hHv8BP1iqxVAU59aoCsAAA==
pragma: no-cache
server: Play
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect/?time=1561450532158&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1&cookiesTest=true&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 431 B
942 B 156ms
59ms XHR
application/json 52.222.157.132
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&page=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&page_title=You%20have%20been%20phished%20by%20VIT!%20%7C%20Varian%20Medical%20Systems&key=a8cb2c9b2d96cb0beed4a0cd63c66c7a&src=tag
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/jTxiSeMj.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.157.132 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-157-132.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 5681a635435dcde4f1fba658a58f5c804ea58e754288d89e214a616b0d8ce0f7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.varian.com/you-have-been-phished-vit
Origin: https://www.varian.com

Response headers

date: Tue, 25 Jun 2019 08:15:32 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53
x-cache: Miss from cloudfront
status: 200
access-control-max-age: 1728000
request-id: ce9cbfa6-97cf-4be3-999b-df07da10faaa
content-length: 242
x-amz-cf-id: GhsxoUsPQ3aUgrV6jKA3JHUNHOi3Feoz8aONlrUuuXamALz6EQV7WA==
pragma: no-cache
access-control-allow-origin: https://www.varian.com
server: nginx
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 ac27d939fa02703c4b28926f53f95083.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
identification-source: STANDARD
expires: Mon, 24 Jun 2019 08:15:32 GMT

GET
H/1.1

200
OK

log
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AACnAE66I7AAABdZKq7YAg

26 B
667 B

292ms
182ms

Image
image/gif

52.222.157.125
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/log?vendor=choca&user_id=AACnAE66I7AAABdZKq7YAg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.157.125 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-157-125.fra53.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:32 GMT
Via: 1.1 44d7d28132a47c2b5760c4ec3dd7aa89.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 26
X-Amz-Cf-Id: apiIVhX28ekzsiqzv1eDuMF4Bu8InU8JH4g11lx7XvDZ1rI12cRYmw==

Redirect headers

location: https://segments.company-target.com/log?vendor=choca&user_id=AACnAE66I7AAABdZKq7YAg
Date: Tue, 25 Jun 2019 08:15:32 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 204 464526.gif
id.rlcdn.com/ 0
40 B 156ms
109ms Image
text/plain 34.95.92.78
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.92.78 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 78.92.95.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Tue, 25 Jun 2019 08:15:32 GMT
via: 1.1 google
alt-svc: clear

GET
H2 200 v1.7-2 Show response
consent.trustarc.com/asset/notice.js/v/ 55 KB
19 KB 147ms
56ms Script
text/javascript 54.76.203.99
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-2

Requested by

Host: consent.truste.com
URL: https://consent.truste.com/notice?domain=varian.com&c=teconsent&js=bb&noticeType=bb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.203.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-76-203-99.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

ee50c67d5eceaa52cd7a377d69af2dac37a554cc572d53ab22c38598bfeb63c2

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.varian.com/you-have-been-phished-vit
Origin: https://www.varian.com

Response headers

pragma: public
date: Tue, 25 Jun 2019 08:15:32 GMT
content-encoding: gzip
last-modified: Mon, 17 Jun 2019 07:12:11 GMT
server: nginx
access-control-allow-origin: *
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=2592000
expires: Thu, 25 Jul 2019 08:15:32 GMT

GET
H/1.1 200
OK image.aspx
us2.siteimprove.com/ 34 B
406 B 441ms
108ms Image
image/gif 34.194.52.254
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us2.siteimprove.com/image.aspx?url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&ref=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&title=You%20have%20been%20phished%20by%20VIT!%20%7C%20Varian%20Medical%20Systems&res=1600x1200&accountid=6121624&rt=2204&prev=1561450548422&luid=c459c871-a10b-da92-405c-7ce20a3321cc&rnd=9478
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.52.254 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-194-52-254.compute-1.amazonaws.com
Software: / ASP.NET
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:29 GMT
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP="NOI OUR IND COM NAV INT"
Cache-Control: private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 34
Expires: Tue, 25 Jun 2019 08:14:29 GMT

GET
H/1.1 200
OK varian-medical-systems-button-3714f7c9eb6a13e2258af0815eeb493a.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame ED80 2 KB
2 KB 127ms
9ms Image
image/png 52.222.149.144
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d6tizftlrpuof.cloudfront.net/themes/production/varian-medical-systems-button-3714f7c9eb6a13e2258af0815eeb493a.png
Requested by: Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.149.144 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-149-144.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f532e06ce3c3b7df87c829a48ca396d73d782d815b23638de1b2fd6764ef1d6a

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 05 May 2019 05:40:01 GMT
Via: 1.1 2f43d3215923fbce97b22ee733b0401f.cloudfront.net (CloudFront)
Last-Modified: Mon, 30 Oct 2017 13:57:07 GMT
Server: AmazonS3
Age: 4415731
ETag: "3714f7c9eb6a13e2258af0815eeb493a"
X-Cache: Hit from cloudfront
x-amz-version-id: 8DnKtE0mPJwCIzbGtGGO3_kx_75aW1WZ
Cache-Control: max-age=315360000, no-transform, public
X-Amz-Cf-Pop: FRA53
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1731
X-Amz-Cf-Id: iDdLzdvbCvj01uiJ_nivkI2HWApeufohNR0N-MEVITRv27iUxCGTyg==

GET
H2 200 /
consent-pref.trustarc.com/ Frame F5B6 0
0 120ms
33ms Document
text/html 54.72.143.230
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/?type=varian&site=varian.com&action=notice&country=de&locale=en&behavior=expressed&layout=default_eu&from=https://consent.trustarc.com/
Requested by: Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.143.230 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-72-143-230.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: consent-pref.trustarc.com
:scheme: https
:path: /?type=varian&site=varian.com&action=notice&country=de&locale=en&behavior=expressed&layout=default_eu&from=https://consent.trustarc.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.varian.com/you-have-been-phished-vit
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.varian.com/you-have-been-phished-vit

Response headers

status: 200
date: Tue, 25 Jun 2019 08:15:32 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
etag: W/"5700-1558354312000"
last-modified: Mon, 20 May 2019 12:11:52 GMT
content-encoding: gzip

GET
H2 200 get
consent.trustarc.com/ 2 KB
2 KB 100ms
35ms Image
image/png 54.76.203.99
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=trustarc_cookiepreferences.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.203.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-76-203-99.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4b0e644f809d6096b56f9e2c923959b6851fa72a59e5eeddfd2534e8ec38a114

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 25 Jun 2019 08:15:32 GMT
server: nginx
access-control-allow-origin: *
x-frame-options: ALLOWALL
content-type: image/png
status: 200
cache-control: max-age=2592000
content-length: 2016
expires: Thu, 25 Jul 2019 08:15:32 GMT

GET
H2 200 get
consent.trustarc.com/ 95 B
282 B 99ms
33ms Image
image/png 54.76.203.99
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=transparent.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.203.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-76-203-99.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 25 Jun 2019 08:15:32 GMT
server: nginx
access-control-allow-origin: *
x-frame-options: ALLOWALL
content-type: image/png
status: 200
cache-control: max-age=2592000
content-length: 95
expires: Thu, 25 Jul 2019 08:15:32 GMT

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
205 B 99ms
34ms Image
image/gif 54.76.203.99
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/noticemsg?action=consent&domain=varian.com&behavior=expressed&country=de&language=en&rand=0.36564222066583585
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.203.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-76-203-99.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jun 2019 08:15:32 GMT
server: nginx
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache
content-length: 43
expires: Tue, 25 Jun 2019 08:15:31 GMT

GET
H2 200 get
consent.trustarc.com/ 923 B
1 KB 92ms
35ms Image
image/png 54.76.203.99
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=trans.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.203.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-76-203-99.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

2606b91cca1f76efe9c503aaef5b7956ef6415a9403b8bbc0f5eb857d515bb05

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 25 Jun 2019 08:15:32 GMT
server: nginx
access-control-allow-origin: *
x-frame-options: ALLOWALL
content-type: image/png
status: 200
cache-control: max-age=2592000
content-length: 923
expires: Thu, 25 Jul 2019 08:15:32 GMT

GET
H/1.0 200
OK analytics Show response
pi.pardot.com/ 2 KB
1 KB 137ms
136ms Script
text/javascript 18.232.28.189
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&pi_opt_in=&campaign_id=53018&account_id=31902&title=You%20have%20been%20phished%20by%20VIT!%20%7C%20Varian%20Medical%20Systems&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&referrer=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: pi0-lba1-6-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 58ebb199c05b754925a940b79fde8827a3547277725f61ae9019169e8dc5425e

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jun 2019 08:15:32 GMT
Content-Encoding: gzip
X-Pardot-Route: 13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
X-Pardot-Rsp: 17/7/107
Vary: Accept-Encoding,User-Agent
P3p: CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 797
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
ajax.googleapis.com
api.company-target.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
consent-pref.trustarc.com
consent.trustarc.com
consent.truste.com
d2wy8f7a9ursnm.cloudfront.net
d6tizftlrpuof.cloudfront.net
dataentry.eu.threatsim.com
id.rlcdn.com
java.com
match.prod.bidr.io
pi.pardot.com
px.ads.linkedin.com
scripts.demandbase.com
segments.company-target.com
siteimproveanalytics.com
snap.licdn.com
tslp.s3.amazonaws.com
us2.siteimprove.com
w.usabilla.com
www.google-analytics.com
www.googletagmanager.com
www.hr-internal.co
www.linkedin.com
www.varian.com
151.101.38.133
152.199.19.160
18.232.28.189
2606:4700:20::6819:8a76
2606:4700::6813:c597
2a00:1450:4001:809::200e
2a00:1450:4001:820::2008
2a00:1450:4001:825::200a
2a02:26f0:6c00:19d::196
2a02:26f0:6c00:28c::25ea
2a04:4e42::621
2a05:f500:11:101::b93f:9001
2a05:f500:11:101::b93f:9005
34.194.52.254
34.242.212.186
34.95.92.78
52.18.99.155
52.214.119.15
52.216.17.88
52.222.149.144
52.222.149.202
52.222.157.125
52.222.157.132
52.222.157.214
52.31.150.82
54.72.143.230
54.76.203.99
0346e559090fa2241bd7a16d7d2904ec0855fd2f4bf8f7324812a3cfa91993e6
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0c8a4fa988b7615aa50d5322931e3031ca3d79fdbda4fe47d5dd2eeed05a3d72
1132573cc6851509b093bbc0ae558a50adcfaffb3ce09df37e25c2f373e2db18
1430f42c0d760ba8e05bb3762480502e541f654fec5739ee40625ab22dc38c4f
1c9254715ba595a1e0e29fd31826a11a21dcfcb9aedde1155cdb5f5f81ba38d5
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2606b91cca1f76efe9c503aaef5b7956ef6415a9403b8bbc0f5eb857d515bb05
2932abf996373e87fbf2e950876b1962f1b57db954a1643ea68831d9fbb74da4
2a6a8d7c39d6c358f0b98b7572a56dd1c37ce00a2f906d016aa1468e522f408a
2eacea802b1c426ffb35cb9bfe94f9ecb1f250a6bf20119409aca9d9fdd79152
312d73c2d350568c141e8b4eb5b3a2eca40d64b56ecf50eb80e37a1f70e1fc2c
322afd5c4ad9ff1122d7eac8414a69ee716764bb097d44b7db9894bc70d4a726
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
393c82aadf1d1b263a352cd66d8385de31e711b745d01be8b0ab4e3aed30aafd
39d78049b553bf7900010de8b76ebb17c7bd5b885ff4f432365c85ab9694329d
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
4690e8b7c7c1d07d0f3b8fd2e00231ac8ac67a7a821a0cde1cdee8fba89b870b
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24
4811efd696ea2d6877a357cd875b59848221d215a12e1f2fe5407a0dae43518c
4b0e644f809d6096b56f9e2c923959b6851fa72a59e5eeddfd2534e8ec38a114
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5681a635435dcde4f1fba658a58f5c804ea58e754288d89e214a616b0d8ce0f7
58ebb199c05b754925a940b79fde8827a3547277725f61ae9019169e8dc5425e
5968e6fd2bb447f04cfccd4629a337a9668e8ca1731bf03eefd2ed9840d9a43d
5d644f1a2d803750758d828a83ac7418c1753001cd446e4fa39aee33f6d26483
62baaba65b3849ef119a1a63b9ffa5cb188c99bc72a9c585650dfe00c6677160
687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879
6a06467b6249ba53957ac980c2c4625b0e21ee9d27414e1ca139e44bf590b510
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19
6b03344710b3004beecb8645a7679bb057d65bf1faf1cb41f542ba74a09eb76f
77b4a3f56116e4faabbe3bdaa79755afb2ff75fd1afdcd2bbddeda531f29f5c1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d9d25db58445a39ce1bcc25bc76238d134d4dbe32df02af66dea9942794712
8811a5e2337b921c7c4aebe8000a1b82cabd24c1f5c50873c57067558cf3eaf7
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238
8df03bcf9f789b2985e22d3126245b64ea863898d6f45a9454fbb7a606773ab2
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
93f28432edd5197c0a4b4bae5953e57c0179bcd1cb8941c7ab564aaa1642518c
9506997e3569c0ffe818da9db56092a494f510ca9774c894f387a42cbc509dce
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9f3c3c551c86975bab0c70f0d3fe75d14b6496198636b6004423e0a1b5cef28a
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861
a6c60b251a29da5144ea1a00e54507aea9d39280482c2810f3539b2786b60b88
ae524921f0513d59c9cc710a5311b2acab60c16e4033b1a92653e06205b6f685
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
bd94d3ffc2629e2f302dcb3ca1aec5ea0e9a1d86cb2d2b2599712d89f065af0d
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c54103ba57ee210ca55c052e70415402707548a4e6a68dd6efb3895019bee392
c5d155a87e3dbc7c782700ecdbd7afa57930358aa98dfcc52e9ef317e6f3c3f6
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de
d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c
d7a65482b04e0c1cec1e03112dc893864ad730fd473b37ce424f259193425fdb
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9
da301bacb049c1300be61603ed1bbab216c9c2c089c89ad65bc14571a5ccb1bf
e24c4cf2a491d2345863a7a7f3cbb8dd1296061c46078507e0545edf4e29952b
e388c79096e39a793cdf1dc4a442b29884ae1665e79970950f44744c6c674608
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b51901312c47d085a0ec9880e52b73cd8cb8b1c2f0103bf66405a1325dbdd1
e6b29b31a54468f48b1d9afca085ff9519528225005003fe6c61d7d9b5e98606
e7e652a271def1ed02442c7e1d452e09fce4a2f71625d185c4fb62394e7ef372
ecdc18734af595c6a1ef67d15cf3f83ee490025a0bc25e60217f4f0edf6f3d8c
ee50c67d5eceaa52cd7a377d69af2dac37a554cc572d53ab22c38598bfeb63c2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef253b4fecc2d7667e7c5039fdb44dc14b0a34b42d5ccda9fd6e3a761973429e
f532e06ce3c3b7df87c829a48ca396d73d782d815b23638de1b2fd6764ef1d6a
f6652dacc3641651bf842bb18861c6fbb66581a3dd2c41dde3226764740684b6
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fc3a60612727fc66e47e47d4de4b1d4e5d46021f8d779ee1e9880a1ebf508359
fcbe798451bb65737d70860b3296282cba11e22a39c82c56110974d2f7ade4a0
fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.varian.com Open in urlscan Pro 151.101.38.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

117 Requests

95 %HTTPS

37 %IPv6

24 Domains

28 Subdomains

25 IPs

5 Countries

1418 kBTransfer

2757 kBSize

0 Cookies

22 Outgoing links

Page URL History

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.varian.com Open in urlscan Pro
151.101.38.133 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

95 %
HTTPS

37 %
IPv6

24
Domains

28
Subdomains

25
IPs

5
Countries

1418 kB
Transfer

2757 kB
Size

0
Cookies

117 HTTP transactions
0 data transactions