Submitted URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Effective URL: https://www.varian.com/you-have-been-phished-vit
Submission: On June 25 via manual from SG

Summary

This website contacted 25 IPs in 5 countries across 24 domains to perform 117 HTTP transactions. The main IP is 151.101.38.133, located in Amsterdam, Netherlands and belongs to FASTLY - Fastly, US. The main domain is www.varian.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 2nd 2018. Valid for: a year.
This is the only time www.varian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
37 52.31.150.82 16509 (AMAZON-02)
8 52.216.17.88 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 52.222.149.202 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
38 151.101.38.133 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a04:4e42::621 54113 (FASTLY)
1 152.199.19.160 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.18.99.155 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.222.157.214 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 18.232.28.189 14618 (AMAZON-AES)
1 34.242.212.186 16509 (AMAZON-02)
2 3 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2a05:f500:11:... 14413 (LINKEDIN)
1 52.222.157.132 16509 (AMAZON-02)
2 2 52.214.119.15 16509 (AMAZON-02)
1 52.222.157.125 16509 (AMAZON-02)
1 34.95.92.78 15169 (GOOGLE)
5 54.76.203.99 16509 (AMAZON-02)
1 34.194.52.254 14618 (AMAZON-AES)
1 52.222.149.144 16509 (AMAZON-02)
1 54.72.143.230 16509 (AMAZON-02)
117 25
Domain Requested by
38 www.varian.com www.hr-internal.co
www.varian.com
ajax.aspnetcdn.com
33 dataentry.eu.threatsim.com ajax.googleapis.com
www.hr-internal.co
8 tslp.s3.amazonaws.com www.hr-internal.co
5 consent.trustarc.com consent.truste.com
4 cdn.jsdelivr.net www.varian.com
ajax.aspnetcdn.com
4 www.google-analytics.com www.hr-internal.co
www.varian.com
4 www.hr-internal.co www.hr-internal.co
3 px.ads.linkedin.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 pi.pardot.com www.varian.com
pi.pardot.com
2 cdnjs.cloudflare.com www.varian.com
1 consent-pref.trustarc.com consent.trustarc.com
1 d6tizftlrpuof.cloudfront.net www.varian.com
1 us2.siteimprove.com
1 id.rlcdn.com
1 segments.company-target.com
1 api.company-target.com scripts.demandbase.com
1 www.linkedin.com 1 redirects
1 w.usabilla.com www.varian.com
1 snap.licdn.com www.varian.com
1 scripts.demandbase.com www.varian.com
1 siteimproveanalytics.com www.varian.com
1 consent.truste.com www.varian.com
1 www.googletagmanager.com www.varian.com
1 ajax.aspnetcdn.com www.varian.com
1 ajax.googleapis.com www.hr-internal.co
1 d2wy8f7a9ursnm.cloudfront.net www.hr-internal.co
1 java.com www.hr-internal.co
117 28
Subject Issuer Validity Valid

1970-01-01 -
1970-01-01
a few seconds crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2
2018-11-07 -
2020-02-07
a year crt.sh
www.java.com
DigiCert ECC Extended Validation Server CA
2018-02-21 -
2020-02-21
2 years crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-06-11 -
2019-09-03
3 months crt.sh
*.eu.threatsim.com
COMODO RSA Domain Validation Secure Server CA
2018-01-07 -
2020-01-07
2 years crt.sh
varian.com
DigiCert SHA2 Secure Server CA
2018-10-02 -
2019-10-03
a year crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-03-02 -
2019-09-08
6 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-05-29 -
2020-04-23
a year crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2
2018-03-30 -
2020-03-30
2 years crt.sh
*.truste.com
Go Daddy Secure Certificate Authority - G2
2018-01-26 -
2021-03-06
3 years crt.sh
ssl379359.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-05-27 -
2019-12-03
6 months crt.sh
*.demandbase.com
Go Daddy Secure Certificate Authority - G2
2018-09-20 -
2020-11-19
2 years crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2019-04-01 -
2021-05-07
2 years crt.sh
*.pardot.com
DigiCert SHA2 Secure Server CA
2019-01-21 -
2020-01-22
a year crt.sh
w.usabilla.com
Amazon
2019-05-08 -
2020-06-08
a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2019-05-29 -
2021-06-29
2 years crt.sh
*.company-target.com
Go Daddy Secure Certificate Authority - G2
2017-08-18 -
2019-08-18
2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-04-24 -
2020-04-23
a year crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2
2017-07-18 -
2020-07-17
3 years crt.sh
*.siteimprove.com
DigiCert SHA2 Secure Server CA
2018-01-03 -
2020-03-11
2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2
2018-10-08 -
2019-10-09
a year crt.sh

This page contains 4 frames:

Primary Page: https://www.varian.com/you-have-been-phished-vit
Frame ID: 15623CAF13FBAA19B31BB8491FCF9A11
Requests: 114 HTTP requests in this frame

Frame: https://w.usabilla.com/43d051c3eef2.js?lv=1
Frame ID: 49ACA40C5A0BC470B70F268E7AADAA5C
Requests: 1 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/varian-medical-systems-button-3714f7c9eb6a13e2258af0815eeb493a.png
Frame ID: ED80C8D11E00527D0E23FED25A659DEE
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=varian&site=varian.com&action=notice&country=de&locale=en&behavior=expressed&layout=default_eu&from=https://consent.trustarc.com/
Frame ID: F5B6D5DF2C729D6AF47D1AAC47F30B3C
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.hr-internal.co/Compensation/800e9345c0?l=10 Page URL
  2. https://www.varian.com/you-have-been-phished-vit Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /drupal\.js/i
  • meta generator /^Drupal(?:\s([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /drupal\.js/i
  • meta generator /^Drupal(?:\s([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • headers server /ATS\/?([\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • script /lightbox.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

117
Requests

95 %
HTTPS

37 %
IPv6

24
Domains

28
Subdomains

25
IPs

5
Countries

1418 kB
Transfer

2757 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.hr-internal.co/Compensation/800e9345c0?l=10 Page URL
  2. https://www.varian.com/you-have-been-phished-vit Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 48
  • http://www.google-analytics.com/r/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1217687453&gjid=2094604528&cid=909832172.1561450529&tid=UA-83403-17&_gid=1122588473.1561450529&_r=1&z=1923579710 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1217687453&gjid=2094604528&cid=909832172.1561450529&tid=UA-83403-17&_gid=1122588473.1561450529&_r=1&z=1923579710
Request Chain 49
  • http://www.google-analytics.com/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=909832172.1561450529&uid=800e9345c0&tid=UA-83403-17&_gid=1122588473.1561450529&z=1000928449 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=909832172.1561450529&uid=800e9345c0&tid=UA-83403-17&_gid=1122588473.1561450529&z=1000928449
Request Chain 103
  • https://px.ads.linkedin.com/collect/?time=1561450532158&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1 HTTP 302
  • https://px.ads.linkedin.com/collect/?time=1561450532158&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1561450532158%26pid%3D942233%26url%3Dhttps%253A%252F%252Fwww.varian.com%252Fyou-have-been-phished-vit%26fmt%3Djs%26s%3D1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect/?time=1561450532158&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1&cookiesTest=true&liSync=true
Request Chain 105
  • https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
  • https://segments.company-target.com/log?vendor=choca&user_id=AACnAE66I7AAABdZKq7YAg

117 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set 800e9345c0
www.hr-internal.co/Compensation/
4 KB
2 KB
Document
General
Full URL
http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
83d9d25db58445a39ce1bcc25bc76238d134d4dbe32df02af66dea9942794712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.hr-internal.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 25 Jun 2019 08:15:27 GMT
ETag
W/"56bc86fa7a03eb57f0bcbbee050d57f4"
Server
ThreatSim-Web-Server
Set-Cookie
EXFILGUID=800e9345c0; path=/ link_clicked_800e9345c0=1; path=/
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Host-Info
lw-prd-eu-i-0e94783aa8879f99b ; b5f9df22b132fa3c0285bdf01cdd13effa33f984
X-Request-Id
81aa96ed-e1f3-4c3b-bedb-320f5d0ef756
X-Runtime
0.009238
X-XSS-Protection
1; mode=block
Content-Length
950
Connection
keep-alive
alt_pixel_click_800e9345c0.gif
www.hr-internal.co/
0
652 B
Image
General
Full URL
http://www.hr-internal.co:49152/alt_pixel_click_800e9345c0.gif?correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
, ,
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.008306
Date
Tue, 25 Jun 2019 08:15:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-073776b9e669c622a, ; b5f9df22b132fa3c0285bdf01cdd13effa33f984
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
fd315a51-ccc7-4565-b992-11b10b942b77
plugin_detect.js
tslp.s3.amazonaws.com/detect/
49 KB
49 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified
Wed, 15 Feb 2017 17:56:07 GMT
Server
AmazonS3
x-amz-request-id
CFE4317BF8C80FC4
ETag
"00a513f07603df01e3b99be00f370754"
Content-Type
text/javascript
Content-Length
50085
Accept-Ranges
bytes
x-amz-version-id
null
x-amz-id-2
hc7N6eetZDe0ui7J5vVeWe3xQDVdvlEadKIY89Np4hsXRxaUAyq0mePibG62B1wfMefWstIuaq8=
java.js
tslp.s3.amazonaws.com/detect/
50 KB
50 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/java.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified
Wed, 15 Feb 2017 14:38:28 GMT
Server
AmazonS3
x-amz-request-id
1E6FF6AB97AC16A9
ETag
"2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type
text/javascript
Content-Length
50717
Accept-Ranges
bytes
x-amz-version-id
null
x-amz-id-2
jvBpYbTsNbt52xtO/iNrI2c5B1OR8GsXpu5rKoJRUN3byvyC6espDz+StQtyDp/AOqlqeF7KqLY=
deployJava.js
java.com/js/
18 KB
18 KB
Script
General
Full URL
https://java.com/js/deployJava.js
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:19d::196 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Oracle-HTTP-Server /
Resource Hash
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:28 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename=deployJava.js;filename*=UTF-8''deployJava.js
server-timing
cdn-cache; desc=HIT, edge; dur=0
content-length
18444
x-xss-protection
1
mdt-type
abinary;charset=UTF-8
last-modified
Fri, 07 Jul 2017 23:29:07 GMT
server
Oracle-HTTP-Server
x-frame-options
SAMEORIGIN
x-oracle-dms-ecid
005Kza_yrKd9Tcw70Fm3UF0003QU009rYR
content-type
application/javascript
expires
Wed, 26 Jun 2019 08:15:28 GMT
cache-control
max-age=86400
x-oracle-dms-rid
0:1
flash.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/flash.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified
Wed, 15 Feb 2017 03:54:01 GMT
Server
AmazonS3
x-amz-request-id
ED819856FF73529E
ETag
"f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type
text/javascript
Content-Length
6680
Accept-Ranges
bytes
x-amz-version-id
null
x-amz-id-2
PaheYXDKv3VRsJTmnYLppzhJXoPfVrqIOyISCfyI2oDewdlJpwISWEKhuxlGzqosDhkw+j4ZS3w=
pdf.js
tslp.s3.amazonaws.com/detect/
22 KB
23 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/pdf.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified
Wed, 15 Feb 2017 14:39:34 GMT
Server
AmazonS3
x-amz-request-id
67C8C156B8F9C582
ETag
"0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type
text/javascript
Content-Length
22855
Accept-Ranges
bytes
x-amz-version-id
null
x-amz-id-2
LGCLaV9DVEkFnWqTrFV5a0ABq0CRndCFG1ZA+NZJ5sktzrIbC5N+dCVS8fEUk46ua7fCHc7GznE=
quicktime.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified
Wed, 15 Feb 2017 14:41:05 GMT
Server
AmazonS3
x-amz-request-id
0E5CE51CEB7DD7B7
ETag
"ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type
text/javascript
Content-Length
6999
Accept-Ranges
bytes
x-amz-version-id
null
x-amz-id-2
at4ArWicDk1QFQpVmXx45J/3dvtgS+g2KfkySHsCZaCl4JFDzC8KfPaTwbIq4YnW9ZTc0/iosqk=
realplayer.js
tslp.s3.amazonaws.com/detect/
10 KB
10 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified
Wed, 15 Feb 2017 14:45:02 GMT
Server
AmazonS3
x-amz-request-id
623FAAD297377521
ETag
"3d7be656672c16a34806c13388410325"
Content-Type
text/javascript
Content-Length
9775
Accept-Ranges
bytes
x-amz-version-id
null
x-amz-id-2
rDzS86nxWxwvDNtepl/yBDA/2yK0XBY8AFtnJXX0N8tYushtV/1mcZ3tb49DFPY2hf+7oVhI+kc=
silverlight.js
tslp.s3.amazonaws.com/detect/
4 KB
5 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified
Wed, 15 Feb 2017 18:00:03 GMT
Server
AmazonS3
x-amz-request-id
36C1F92A387F76C3
ETag
"e6dd596d2bc204ea573b868b92028c26"
Content-Type
text/javascript
Content-Length
4234
Accept-Ranges
bytes
x-amz-version-id
null
x-amz-id-2
Fnd/4MNePZ0o8kcp4IccudA1U1+ckM7XbrH56RDI7agFwytOtNYIll5uolbKJY1eH7dUQbUpGZg=
wmp.js
tslp.s3.amazonaws.com/detect/
6 KB
6 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/wmp.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified
Wed, 15 Feb 2017 15:07:14 GMT
Server
AmazonS3
x-amz-request-id
52C66EA7266823C8
ETag
"ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type
text/javascript
Content-Length
5941
Accept-Ranges
bytes
x-amz-version-id
null
x-amz-id-2
q+Hl6lXQ/dHl76pk7R7eb173/5R8HOoLUkp6qPchIyS7zAlXvlyYTz6Vs0gAZPqKQ5hA3ouu1CE=
bugsnag-2.min.js
d2wy8f7a9ursnm.cloudfront.net/
6 KB
3 KB
Script
General
Full URL
http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
, ,
Server
52.222.149.202 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-202.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 02 Jun 2019 00:52:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Aug 2016 00:30:49 GMT
Server
AmazonS3
Age
199185
ETag
"6103bb5e4ec6141e19e1100caafc780c"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 59574f77a7cf2d23d64904db278e5711.cloudfront.net (CloudFront)
Cache-Control
public, max-age=604800
X-Amz-Cf-Pop
FRA53
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2962
X-Amz-Cf-Id
A5P3DgfjYOPzjfKApsEo2c-xRDM1VXyQ_aUHOhcFNf3-zjUxmZBTmw==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/
90 KB
33 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 19 Jun 2019 18:27:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
481659
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
33018
X-XSS-Protection
0
Expires
Thu, 18 Jun 2020 18:27:49 GMT
google-tracking.js
www.hr-internal.co/assets/
455 B
707 B
Script
General
Full URL
http://www.hr-internal.co/assets/google-tracking.js?g=800e9345c0
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
, ,
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 25 Jun 2019 08:15:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 May 2019 16:12:27 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Content-Length
316
Expires
Thu, 31 Dec 2037 23:55:55 GMT
all.js
www.hr-internal.co/assets/
28 KB
7 KB
Script
General
Full URL
http://www.hr-internal.co/assets/all.js?g=800e9345c0
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
, ,
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
fc3a60612727fc66e47e47d4de4b1d4e5d46021f8d779ee1e9880a1ebf508359

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 25 Jun 2019 08:15:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 May 2019 14:17:35 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Content-Length
7152
Expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
5302
date
Tue, 25 Jun 2019 06:47:07 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17595
expires
Tue, 25 Jun 2019 08:47:07 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
browser_post
dataentry.eu.threatsim.com/secure/
0
563 B
XHR
General
Full URL
https://dataentry.eu.threatsim.com/secure/browser_post
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
Origin
http://www.hr-internal.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-Runtime
0.006455
Date
Tue, 25 Jun 2019 08:15:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0e94783aa8879f99b, ; b5f9df22b132fa3c0285bdf01cdd13effa33f984
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
9c7838f5-5eea-4135-81d3-1440b22cadd6
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20browser_version%20%3D%2074&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20os_version%20%3D%2010.14.5&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=java_version_pl%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=java_version_jres%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=java_version%20%3D%20undefined&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20flash%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=flash%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20pdf%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=pdf%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20quicktime%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=quicktime%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20RealPlayer%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=realplayer%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20Silverlight%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=silverlight%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=wmp%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=redirecting%20to%20https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp...
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&v...
35 B
111 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1217687453&gjid=2094604528&cid=909832172.1561450529&tid=UA-83403-17&_gid=1122588473.1561450529&_r=1&z=1923579710
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jun 2019 08:15:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1217687453&gjid=2094604528&cid=909832172.1561450529&tid=UA-83403-17&_gid=1122588473.1561450529&_r=1&z=1923579710
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1...
  • https://www.google-analytics.com/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=...
35 B
108 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=909832172.1561450529&uid=800e9345c0&tid=UA-83403-17&_gid=1122588473.1561450529&z=1000928449
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jun 2019 00:00:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
980126
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=909832172.1561450529&uid=800e9345c0&tid=UA-83403-17&_gid=1122588473.1561450529&z=1000928449
Non-Authoritative-Reason
HSTS
trace
dataentry.eu.threatsim.com/
0
0
Image
General
Full URL
https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=browser_post_successful&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Primary Request you-have-been-phished-vit
www.varian.com/
91 KB
15 KB
Document
General
Full URL
https://www.varian.com/you-have-been-phished-vit
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/assets/all.js?g=800e9345c0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
ecdc18734af595c6a1ef67d15cf3f83ee490025a0bc25e60217f4f0edf6f3d8c
Security Headers
Name Value
Strict-Transport-Security max-age=900
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.varian.com
:scheme
https
:path
/you-have-been-phished-vit
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.hr-internal.co/Compensation/800e9345c0?l=10

Response headers

status
200
cache-control
public, max-age=10800
content-encoding
gzip
content-language
en
content-type
text/html; charset=utf-8
etag
"1561442727-1"
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Tue, 25 Jun 2019 06:05:27 GMT
link
<https://www.varian.com/you-have-been-phished-vit>; rel="canonical",<https://www.varian.com/node/71371>; rel="shortlink"
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-drupal-cache
HIT
x-frame-options
SAMEORIGIN
x-generator
Drupal 7 (https://www.drupal.org)
x-platform-server
i-05e86949aa238c1c7
x-request-id
xbg76istkjnv2tyiggfdwbdu
via
1.1 varnish 1.1 varnish
accept-ranges
bytes
date
Tue, 25 Jun 2019 08:15:30 GMT
age
7637
x-served-by
cache-iad2137-IAD, cache-ams21030-AMS
x-cache
HIT, HIT
x-cache-hits
6, 1
vary
Cookie, Accept-Encoding
strict-transport-security
max-age=900
content-length
15120
css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css
www.varian.com/sites/default/files/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.varian.com/sites/default/files/css/css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
9506997e3569c0ffe818da9db56092a494f510ca9774c894f387a42cbc509dce
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
1159657
x-cache
HIT, HIT
status
200
x-cache-hits
1, 3
strict-transport-security
max-age=900
content-length
1046
x-request-id
ykmwxcedppbvmoqoazcbnpu3
x-served-by
cache-iad2128-IAD, cache-ams21030-AMS
last-modified
Tue, 14 May 2019 08:05:03 GMT
etag
"5cda76af-416"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=1209600
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Thu, 30 May 2019 09:49:03 GMT
css_agZGe2JJulOVesmAwsRiWw4h7p0nQU4coTnkS_WQtRA.css
www.varian.com/sites/default/files/css/
18 KB
4 KB
Stylesheet
General
Full URL
https://www.varian.com/sites/default/files/css/css_agZGe2JJulOVesmAwsRiWw4h7p0nQU4coTnkS_WQtRA.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
6a06467b6249ba53957ac980c2c4625b0e21ee9d27414e1ca139e44bf590b510
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
1111094
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
3996
x-request-id
gjq2pkg5gvcxkuck3lz33xyo
x-served-by
cache-iad2141-IAD, cache-ams21030-AMS
last-modified
Tue, 14 May 2019 08:05:03 GMT
etag
"5cda76af-f9c"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=1209600
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 12 Jun 2019 11:37:05 GMT
css_5-ZSonHe8e0CRCx-HUUuCfzkovcWJdGFxPtiOU5-83I.css
www.varian.com/sites/default/files/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://www.varian.com/sites/default/files/css/css_5-ZSonHe8e0CRCx-HUUuCfzkovcWJdGFxPtiOU5-83I.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e7e652a271def1ed02442c7e1d452e09fce4a2f71625d185c4fb62394e7ef372
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
407368
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
1508
x-request-id
wojzw5gi44u42w4zenmezl7w
x-served-by
cache-iad2131-IAD, cache-ams21030-AMS
last-modified
Thu, 13 Jun 2019 08:38:38 GMT
etag
"5d020b8e-5e4"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=1209600
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Thu, 04 Jul 2019 15:06:01 GMT
jquery.qtip.min.css
cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/
9 KB
2 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/jquery.qtip.min.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1132573cc6851509b093bbc0ae558a50adcfaffb3ce09df37e25c2f373e2db18
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:25:16 GMT
server
cloudflare
etag
W/"5afd4a7c-240a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Sun, 14 Jun 2020 08:15:30 GMT
cache-control
public, max-age=30672000
cf-ray
4ec57e7609b796ce-FRA
served-in-seconds
0.035
css_LqzqgCscQm_7Ncub_pT57LHyUKa_IBGUCayp2f3XkVI.css
www.varian.com/sites/default/files/css/
687 B
521 B
Stylesheet
General
Full URL
https://www.varian.com/sites/default/files/css/css_LqzqgCscQm_7Ncub_pT57LHyUKa_IBGUCayp2f3XkVI.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
2eacea802b1c426ffb35cb9bfe94f9ecb1f250a6bf20119409aca9d9fdd79152
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
407368
x-cache
HIT, HIT
status
200
x-cache-hits
6, 702
strict-transport-security
max-age=900
content-length
324
x-request-id
yz4wukdes353e4sx4a6yfg7f
x-served-by
cache-iad2145-IAD, cache-ams21030-AMS
last-modified
Thu, 13 Jun 2019 08:38:38 GMT
etag
"5d020b8e-144"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=1209600
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Thu, 04 Jul 2019 15:06:01 GMT
bootstrap.min.css
cdn.jsdelivr.net/bootstrap/3.3.7/css/
118 KB
19 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Tue, 25 Jun 2019 08:15:30 GMT
content-length
19740
x-served-by
cache-ams21036-AMS, cache-fra19154-FRA
etag
W/"1d970-ZSfYvz4ek2i6uMe2D1a8Afo6/Wg"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
drupal-bootstrap.min.css
cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.3.1/7.x-3.x/
13 KB
3 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.3.1/7.x-3.x/drupal-bootstrap.min.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
8df03bcf9f789b2985e22d3126245b64ea863898d6f45a9454fbb7a606773ab2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Tue, 25 Jun 2019 08:15:30 GMT
content-length
3216
x-served-by
cache-ams21041-AMS, cache-fra19154-FRA
etag
W/"33c6-cJMaJha/fM38xNtzJuDgevbSnmI"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
www.varian.com/sites/default/files/css/
675 KB
112 KB
Stylesheet
General
Full URL
https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e24c4cf2a491d2345863a7a7f3cbb8dd1296061c46078507e0545edf4e29952b
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
598486
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
114267
x-request-id
usgcv7ari2qvwlw34htcyj4u
x-served-by
cache-iad2132-IAD, cache-ams21030-AMS
last-modified
Mon, 17 Jun 2019 15:44:00 GMT
etag
"5d07b540-1be5b"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=1209600
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Tue, 02 Jul 2019 10:00:45 GMT
jquery-1.10.2.min.js
ajax.aspnetcdn.com/ajax/jQuery/
91 KB
32 KB
Script
General
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.10.2.min.js
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F47) /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
status
200
content-length
32915
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:10:49 GMT
server
ECAcc (frc/8F47)
etag
"80228f4cc33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
jquery-extend-3.4.0.js
www.varian.com/misc/
3 KB
2 KB
Script
General
Full URL
https://www.varian.com/misc/jquery-extend-3.4.0.js?v=1.10.2
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
c54103ba57ee210ca55c052e70415402707548a4e6a68dd6efb3895019bee392
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
149
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
1416
x-request-id
uqkjyukueoiticskqexw3min
x-served-by
cache-iad2148-IAD, cache-ams21030-AMS
last-modified
Mon, 17 Jun 2019 15:43:02 GMT
etag
W/"5d07b506-d57"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Tue, 25 Jun 2019 01:45:09 GMT
jquery.once.js
www.varian.com/misc/
3 KB
1 KB
Script
General
Full URL
https://www.varian.com/misc/jquery.once.js?v=1.2
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
1430f42c0d760ba8e05bb3762480502e541f654fec5739ee40625ab22dc38c4f
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
149
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
1135
x-request-id
evvve7sgbkz5wl5iinkeieqi
x-served-by
cache-iad2120-IAD, cache-ams21030-AMS
last-modified
Mon, 17 Jun 2019 15:43:02 GMT
etag
W/"5d07b506-b9e"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Thu, 20 Jun 2019 22:36:27 GMT
drupal.js
www.varian.com/misc/
20 KB
8 KB
Script
General
Full URL
https://www.varian.com/misc/drupal.js?ptn4wd
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
5968e6fd2bb447f04cfccd4629a337a9668e8ca1731bf03eefd2ed9840d9a43d
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
240
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
7891
x-request-id
x3oj4d7tcnd2zbs74yw3lmjx
x-served-by
cache-iad2128-IAD, cache-ams21030-AMS
last-modified
Mon, 17 Jun 2019 15:43:02 GMT
etag
W/"5d07b506-4efb"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Tue, 25 Jun 2019 06:10:05 GMT
bootstrap.min.js
cdn.jsdelivr.net/bootstrap/3.3.7/js/
36 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
MISS, HIT
status
200
date
Tue, 25 Jun 2019 08:15:30 GMT
content-length
9832
x-served-by
cache-ams21048-AMS, cache-fra19154-FRA
etag
W/"90b5-QwpEPXSDD+m+Ju/KQx9EjBs3QPk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
fancyfiledelete.js
www.varian.com/sites/all/modules/contrib/fancy_file_delete/js/
265 B
326 B
Script
General
Full URL
https://www.varian.com/sites/all/modules/contrib/fancy_file_delete/js/fancyfiledelete.js?ptn4wd
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
4690e8b7c7c1d07d0f3b8fd2e00231ac8ac67a7a821a0cde1cdee8fba89b870b
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
240
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
193
x-request-id
jwjmhl6htxykopoic7ao47b4
x-served-by
cache-iad2131-IAD, cache-ams21030-AMS
last-modified
Mon, 17 Jun 2019 15:43:03 GMT
etag
W/"5d07b507-109"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Tue, 25 Jun 2019 06:10:07 GMT
fancybox.js
www.varian.com/sites/all/modules/contrib/fancybox/
1 KB
528 B
Script
General
Full URL
https://www.varian.com/sites/all/modules/contrib/fancybox/fancybox.js?ptn4wd
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
62baaba65b3849ef119a1a63b9ffa5cb188c99bc72a9c585650dfe00c6677160
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
240
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
403
x-request-id
5ppp6xu5sp6jwmmvr73zwmwu
x-served-by
cache-iad2128-IAD, cache-ams21030-AMS
last-modified
Mon, 17 Jun 2019 15:43:03 GMT
etag
W/"5d07b507-454"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Tue, 25 Jun 2019 06:10:07 GMT
jquery.fancybox.pack.js
www.varian.com/sites/all/libraries/fancybox/source/
23 KB
10 KB
Script
General
Full URL
https://www.varian.com/sites/all/libraries/fancybox/source/jquery.fancybox.pack.js?ptn4wd
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
240
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
9692
x-request-id
sa2im642tiacuoj4vhaez4er
x-served-by
cache-iad2133-IAD, cache-ams21030-AMS
last-modified
Mon, 17 Jun 2019 15:43:03 GMT
etag
W/"5d07b507-5a5f"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Tue, 25 Jun 2019 06:10:09 GMT
jquery.mousewheel-3.0.6.pack.js
www.varian.com/sites/all/libraries/fancybox/lib/
1 KB
882 B
Script
General
Full URL
https://www.varian.com/sites/all/libraries/fancybox/lib/jquery.mousewheel-3.0.6.pack.js?ptn4wd
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
240
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
724
x-request-id
vnqwlzcxle75n6iank2pzusc
x-served-by
cache-iad2126-IAD, cache-ams21030-AMS
last-modified
Mon, 17 Jun 2019 15:43:03 GMT
etag
W/"5d07b507-568"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Tue, 25 Jun 2019 06:10:09 GMT
jquery.qtip.min.js
cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/
43 KB
16 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/jquery.qtip.min.js
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
322afd5c4ad9ff1122d7eac8414a69ee716764bb097d44b7db9894bc70d4a726
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:25:16 GMT
server
cloudflare
etag
W/"5afd4a7c-ad08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 14 Jun 2020 08:15:30 GMT
cache-control
public, max-age=30672000
cf-ray
4ec57e764a0996ce-FRA
served-in-seconds
0.022
views-bootstrap-carousel.js
www.varian.com/sites/all/modules/contrib/views_bootstrap/js/
842 B
517 B
Script
General
Full URL
https://www.varian.com/sites/all/modules/contrib/views_bootstrap/js/views-bootstrap-carousel.js?ptn4wd
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e5b51901312c47d085a0ec9880e52b73cd8cb8b1c2f0103bf66405a1325dbdd1
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
240
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
351
x-request-id
l4r6xquzjlv6vtx2itv6cdzt
x-served-by
cache-iad2147-IAD, cache-ams21030-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
W/"5d07b508-34a"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Tue, 25 Jun 2019 06:10:09 GMT
googleanalytics.js
www.varian.com/sites/all/modules/contrib/google_analytics/
6 KB
2 KB
Script
General
Full URL
https://www.varian.com/sites/all/modules/contrib/google_analytics/googleanalytics.js?ptn4wd
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
312d73c2d350568c141e8b4eb5b3a2eca40d64b56ecf50eb80e37a1f70e1fc2c
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
240
x-cache
MISS, HIT
status
200
x-cache-hits
0, 2
strict-transport-security
max-age=900
content-length
2052
x-request-id
mrc24q5vjwhtc5m4zihjvok3
x-served-by
cache-iad2140-IAD, cache-ams21030-AMS
last-modified
Mon, 17 Jun 2019 15:43:03 GMT
etag
W/"5d07b507-1874"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Tue, 25 Jun 2019 07:49:23 GMT
qtip.js
www.varian.com/sites/all/modules/contrib/qtip/js/
2 KB
1007 B
Script
General
Full URL
https://www.varian.com/sites/all/modules/contrib/qtip/js/qtip.js?ptn4wd
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
2a6a8d7c39d6c358f0b98b7572a56dd1c37ce00a2f906d016aa1468e522f408a
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
240
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
863
x-request-id
7qiarx562fb4pci63fswywdl
x-served-by
cache-iad2132-IAD, cache-ams21030-AMS
last-modified
Mon, 17 Jun 2019 15:43:03 GMT
etag
W/"5d07b507-8ce"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Tue, 25 Jun 2019 06:10:09 GMT
jquery.hoverIntent.js
www.varian.com/sites/all/themes/varian_bootstrap/js/build/
1 KB
789 B
Script
General
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/jquery.hoverIntent.js?ptn4wd
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
d7a65482b04e0c1cec1e03112dc893864ad730fd473b37ce424f259193425fdb
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
240
x-cache
HIT, HIT
status
200
x-cache-hits
3, 2
strict-transport-security
max-age=900
content-length
591
x-request-id
o2bgdsuygcc2fjnkdmftljln
x-served-by
cache-iad2139-IAD, cache-ams21030-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
W/"5d07b508-567"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Tue, 25 Jun 2019 06:10:09 GMT
jquery.lazyload.js
www.varian.com/sites/all/themes/varian_bootstrap/js/build/
3 KB
1 KB
Script
General
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/jquery.lazyload.js?ptn4wd
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
9f3c3c551c86975bab0c70f0d3fe75d14b6496198636b6004423e0a1b5cef28a
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
240
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
1294
x-request-id
6idan4zmwaudie3nhbsd7v2g
x-served-by
cache-iad2127-IAD, cache-ams21030-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
W/"5d07b508-cf8"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Tue, 25 Jun 2019 06:10:09 GMT
jquery.isonscreen.min.js
www.varian.com/sites/all/themes/varian_bootstrap/js/build/
451 B
448 B
Script
General
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/jquery.isonscreen.min.js?ptn4wd
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
bd94d3ffc2629e2f302dcb3ca1aec5ea0e9a1d86cb2d2b2599712d89f065af0d
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
240
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
283
x-request-id
xbzcfq2csze4hxcskm54u5qc
x-served-by
cache-iad2151-IAD, cache-ams21030-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
W/"5d07b508-1c3"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Tue, 25 Jun 2019 06:10:09 GMT
ekko-lightbox.min.js
www.varian.com/sites/all/themes/varian_bootstrap/js/build/
14 KB
5 KB
Script
General
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/ekko-lightbox.min.js?ptn4wd
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
5d644f1a2d803750758d828a83ac7418c1753001cd446e4fa39aee33f6d26483
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-platform-server
i-052edb9d6808215c1
age
240
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
4889
x-request-id
5l3qwozyesxpfwvjilb2neih
x-served-by
cache-iad2150-IAD, cache-ams21030-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
W/"5d07b508-3934"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Tue, 25 Jun 2019 06:10:09 GMT
varian.js
www.varian.com/sites/all/themes/varian_bootstrap/js/build/
44 KB
13 KB
Script
General
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/varian.js?ptn4wd
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e388c79096e39a793cdf1dc4a442b29884ae1665e79970950f44744c6c674608
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
240
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
13009
x-request-id
derrudmdv32cxgd6v2d6zm2q
x-served-by
cache-iad2129-IAD, cache-ams21030-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
W/"5d07b508-af0a"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Tue, 25 Jun 2019 06:10:09 GMT
logoWhiteSmall.png
www.varian.com/sites/all/themes/varian_bootstrap/images/
20 KB
20 KB
Image
General
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/images/logoWhiteSmall.png
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
393c82aadf1d1b263a352cd66d8385de31e711b745d01be8b0ab4e3aed30aafd
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-0a340618b900f1e59
age
281
x-cache
HIT, HIT
status
200
content-length
20386
x-request-id
czaoxwbxxnsorjytb3npvh22
x-served-by
cache-iad2130-IAD, cache-ams21030-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
"5d07b508-4fa2"
strict-transport-security
max-age=900
content-type
image/png
expires
Fri, 21 Jun 2019 22:26:58 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 2
lazy.gif
www.varian.com/sites/all/themes/varian_bootstrap/images/
42 B
200 B
Image
General
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/images/lazy.gif
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-052edb9d6808215c1
age
271
x-cache
HIT, HIT
status
200
content-length
42
x-request-id
cjxsr4ps324hd24wifjrnkyq
x-served-by
cache-iad2124-IAD, cache-ams21030-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
"5d07b508-2a"
strict-transport-security
max-age=900
content-type
image/gif
expires
Sun, 23 Jun 2019 17:20:09 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 2
phishing_small.jpg
www.varian.com/sites/default/files/
58 KB
58 KB
Image
General
Full URL
https://www.varian.com/sites/default/files/phishing_small.jpg
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
6b03344710b3004beecb8645a7679bb057d65bf1faf1cb41f542ba74a09eb76f
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-05e86949aa238c1c7
age
169
x-cache
HIT, HIT
status
200
content-length
59440
x-request-id
o7xsji4lunyxa4y7d3wdl4yl
x-served-by
cache-iad2142-IAD, cache-ams21030-AMS
last-modified
Mon, 27 Aug 2018 17:04:46 GMT
etag
"5b842f2e-e830"
strict-transport-security
max-age=900
content-type
image/jpeg
expires
Tue, 25 Jun 2019 06:08:08 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 2
phish_circle.jpg
www.varian.com/sites/default/files/
16 KB
16 KB
Image
General
Full URL
https://www.varian.com/sites/default/files/phish_circle.jpg
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e6b29b31a54468f48b1d9afca085ff9519528225005003fe6c61d7d9b5e98606
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-05e86949aa238c1c7
age
169
x-cache
HIT, HIT
status
200
content-length
16665
x-request-id
eaawfjynz5czdyy6z3o666sy
x-served-by
cache-iad2147-IAD, cache-ams21030-AMS
last-modified
Mon, 27 Aug 2018 17:05:19 GMT
etag
"5b842f4f-4119"
strict-transport-security
max-age=900
content-type
image/jpeg
expires
Tue, 25 Jun 2019 06:08:08 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 2
logoFooter.png
www.varian.com/sites/all/themes/varian_bootstrap/images/
23 KB
24 KB
Image
General
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/images/logoFooter.png
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
a6c60b251a29da5144ea1a00e54507aea9d39280482c2810f3539b2786b60b88
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-0a340618b900f1e59
age
271
x-cache
HIT, HIT
status
200
content-length
24014
x-request-id
iw7jgusigmepmeygegf4font
x-served-by
cache-iad2124-IAD, cache-ams21030-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
"5d07b508-5dce"
strict-transport-security
max-age=900
content-type
image/png
expires
Sun, 23 Jun 2019 22:06:43 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 70
bootstrap.js
www.varian.com/sites/all/themes/bootstrap/js/
10 KB
3 KB
Script
General
Full URL
https://www.varian.com/sites/all/themes/bootstrap/js/bootstrap.js?ptn4wd
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
0c8a4fa988b7615aa50d5322931e3031ca3d79fdbda4fe47d5dd2eeed05a3d72
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Jun 2019 08:15:30 GMT
content-encoding
gzip
x-platform-server
i-052edb9d6808215c1
age
240
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
3142
x-request-id
emflakzwr5wq75uaw56ahj66
x-served-by
cache-iad2137-IAD, cache-ams21030-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
W/"5d07b508-26bb"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Tue, 25 Jun 2019 06:10:09 GMT
analytics.js
www.varian.com/sites/default/files/googleanalytics/
43 KB
17 KB
Script
General
Full URL
https://www.varian.com/sites/default/files/googleanalytics/analytics.js?ptn4wd
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Res