hr-internal.co Open in urlscan Pro
99.81.241.47 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Effective URL:
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Submission: On August 30 via manual (August 30th 2022, 2:08:29 pm UTC) from FR — Scanned from FR

Summary HTTP 119 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 119 HTTP transactions. The main IP is 99.81.241.47, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is hr-internal.co.

This is the only time hr-internal.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Phishing Simulation (Internet)

Domain & IP information

	IP Address	AS Autonomous System
83	99.81.241.47 99.81.241.47	16509 (AMAZON-02) (AMAZON-02)
23	52.217.78.44 52.217.78.44	16509 (AMAZON-02) (AMAZON-02)
2 4	2a02:26f0:6c0... 2a02:26f0:6c00:29b::196	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.222.206.53 52.222.206.53	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400e:80c::200a	15169 (GOOGLE) (GOOGLE)
1	13.32.118.209 13.32.118.209	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	52.218.120.26 52.218.120.26	16509 (AMAZON-02) (AMAZON-02)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
2	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
119	11

83 99.81.241.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

hr-internal.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 52.217.78.44 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

tslp.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:29b::196 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

java.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.java.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.206.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-53.fra56.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.118.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-209.fra60.r.cloudfront.net

d25q7gseii1o1q.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.120.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

ts-content-eu.s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	hr-internal.co hr-internal.co	159 KB
24	amazonaws.com tslp.s3.amazonaws.com — Cisco Umbrella Rank: 149626 ts-content-eu.s3-eu-west-1.amazonaws.com	389 KB
4	java.com 2 redirects java.com — Cisco Umbrella Rank: 27594 www.java.com — Cisco Umbrella Rank: 43705	12 KB
3	cloudfront.net d2wy8f7a9ursnm.cloudfront.net d25q7gseii1o1q.cloudfront.net	8 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 259	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54 ajax.googleapis.com — Cisco Umbrella Rank: 286	34 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 365	18 KB
1	gstatic.com fonts.gstatic.com	44 KB
119	8

	Domain	Requested by
83	hr-internal.co	hr-internal.co
23	tslp.s3.amazonaws.com	hr-internal.co tslp.s3.amazonaws.com
2	bam.nr-data.net	hr-internal.co
2	d2wy8f7a9ursnm.cloudfront.net	hr-internal.co
2	www.java.com	hr-internal.co
2	java.com	2 redirects
1	js-agent.newrelic.com	hr-internal.co
1	ts-content-eu.s3-eu-west-1.amazonaws.com	hr-internal.co
1	fonts.gstatic.com	fonts.googleapis.com
1	d25q7gseii1o1q.cloudfront.net	tslp.s3.amazonaws.com
1	ajax.googleapis.com	hr-internal.co
1	fonts.googleapis.com	hr-internal.co
119	12

This site contains links to these domains. Also see Links.

Domain
www.wombatsecurity.com

Subject Issuer	Validity	Valid
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon	`2021-12-17` - `2022-12-07`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Frame ID: D753EB3BFCC815886BEC1CCF0DBB2354
Requests: 119 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

You have been Phished!

Page URL History Show full URLs

http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35 Page URL
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2... Page URL

Detected technologies

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

/bugsnag.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

119
Requests

24 %
HTTPS

30 %
IPv6

8
Domains

12
Subdomains

11
IPs

3
Countries

666 kB
Transfer

933 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wombatsecurity.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35 Page URL
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://java.com/js/deployJava.js HTTP 302
https://www.java.com/js/deployJava.js

Request Chain 57

https://java.com/js/deployJava.js HTTP 302
https://www.java.com/js/deployJava.js

119 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 351dc7ef826735f6 Show response
hr-internal.co/2022-EvolRemun_COMEX.xlsx/ 35 KB
12 KB 94ms
47ms Document
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

dfd3b2227498a72587c6d7e18a3a62782a9c0d1192debdad1c2067a053ead15f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 30 Aug 2022 14:08:24 GMT
ETag: W/"dfd3b2227498a72587c6d7e18a3a6278"
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 9fd54bcf-5501-4a09-8c60-2812f59a6094
X-Runtime: 0.016285
X-XSS-Protection: 1; mode=block

GET alt_pixel_click_1dc7e26735.gif
hr-internal.co/ 0
0

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 363ms
137ms Script
text/javascript 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: YYQ5SRRDQVTKGPD7
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: nUtpULfqKv0XYZeogeA2XN2VFeyeXmqddjykRT9mLKipSQpX20YepEPfKrPwYo5wW0nPyXHdfac=

GET
H/1.1 200
OK java.js Show response
tslp.s3.amazonaws.com/detect/ 50 KB
50 KB 349ms
138ms Script
text/javascript 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/java.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
Server: AmazonS3
x-amz-request-id: YYQEQFBGFFFR5242
ETag: "2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50717
x-amz-id-2: nq4lQsiiSUYgQFunU1e3hyCP0bNq1UGoxpYnmbIzIehKQydOAVmOb09poTCON2posOwvf9HPW2c=

GET
H2

200

deployJava.js Show response
www.java.com/js/
Redirect Chain

https://java.com/js/deployJava.js
https://www.java.com/js/deployJava.js

18 KB
6 KB

86ms
37ms

Script
application/javascript

2a02:26f0:6c00:29b::196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.java.com/js/deployJava.js

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

Server

2a02:26f0:6c00:29b::196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62: 8096267
date: Tue, 30 Aug 2022 14:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
akamai-grn: 0.acba1002.1661868504.32c96a1b
x-oracle-dms-rid: 0
content-disposition: attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 5512
x-xss-protection: 1
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
etag: "D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19"
vary: Accept-Encoding
x-oracle-dms-ecid: b85274a8-529b-4517-852b-a0c05db569b3-003a160b
content-type: application/javascript
cache-control: public, max-age=86400
expires: Wed, 31 Aug 2022 14:08:24 GMT

Redirect headers

date: Tue, 30 Aug 2022 14:08:24 GMT
server: AkamaiGHost
akamai-grn: 0.acba1002.1661868504.32c968e4
location: https://www.java.com/js/deployJava.js
cache-control: max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 0
x-xss-protection: 1
expires: Wed, 31 Aug 2022 14:08:24 GMT

GET
H/1.1 200
OK flash.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 347ms
137ms Script
text/javascript 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/flash.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
Server: AmazonS3
x-amz-request-id: YYQ9KJ28XRJGFH8Z
ETag: "f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 6680
x-amz-id-2: g3izQd15+FxCskGWSWD25h38wqsbkFpdb8SWRU76qfXrVXS+TlwzMUy/hOyYAVV4eriXdmWgaiI=

GET
H/1.1 200
OK pdf.js Show response
tslp.s3.amazonaws.com/detect/ 22 KB
23 KB 355ms
145ms Script
text/javascript 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/pdf.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
Server: AmazonS3
x-amz-request-id: YYQCPP5NS1W9WW12
ETag: "0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 22855
x-amz-id-2: PC9WhzmSxrCJGMI4tDm9RIly7yByEa61VpNAlVuqNSIKMYzH5ioSR0MPHSddJ8IsHn3IyoWua/w=

GET
H/1.1 200
OK quicktime.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 348ms
138ms Script
text/javascript 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
Server: AmazonS3
x-amz-request-id: YYQDJ31574B13FXJ
ETag: "ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 6999
x-amz-id-2: 5rh7mtNp2oDa4cnP5RX3m/EJQ+2azrKrBCIfrZpsFEWCw6HfKt6yfMwH2QzVwcihPu+QtztqGtQ=

GET
H/1.1 200
OK realplayer.js Show response
tslp.s3.amazonaws.com/detect/ 10 KB
10 KB 360ms
142ms Script
text/javascript 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
Server: AmazonS3
x-amz-request-id: YYQ3YZP998BQ3RRK
ETag: "3d7be656672c16a34806c13388410325"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 9775
x-amz-id-2: Pjv5zuHsq3/y/bHzBpNrNgPaY5/OEDIKQiNExjRSx9Y0o4ZllZZ93PbfTMdiYfY+wGRl4pD4NhM=

GET
H/1.1 200
OK silverlight.js Show response
tslp.s3.amazonaws.com/detect/ 4 KB
5 KB 122ms
122ms Script
text/javascript 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
Server: AmazonS3
x-amz-request-id: YYQ2JEBB2AMXCZ2V
ETag: "e6dd596d2bc204ea573b868b92028c26"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 4234
x-amz-id-2: ewhxXeylSGXK4lctNeM0VSXnBaB63jm7XSTW7MEAsNvLcByy3lGCzuUufVXDKbBLmRA5hIpaOHU=

GET
H/1.1 200
OK wmp.js Show response
tslp.s3.amazonaws.com/detect/ 6 KB
6 KB 120ms
120ms Script
text/javascript 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/wmp.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
Server: AmazonS3
x-amz-request-id: YYQ00MDCJ35K8FMW
ETag: "ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 5941
x-amz-id-2: bO/R8tkpi6ys+G8qhuz2hfNQ3E0PX6JIhokaUXrOPhThrKvhq6PKFMq0WRndeTZrPU5DdM8T3wo=

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 72ms
22ms Script
application/javascript 52.222.206.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol: HTTP/1.1
Server: 52.222.206.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 01:11:07 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 305838
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
X-Amz-Cf-Pop: FRA56-P3
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: Ptuelz7bV7UR8XJsSnsNaPBAIjczVUiF2CZggBMtnVVwVSDLpylBzg==

GET
H/1.1 200
OK jquery.min.js Show response
hr-internal.co/assets/ajax/libs/jquery/1.9.1/ 90 KB
32 KB 33ms
33ms Script
application/javascript 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://hr-internal.co/assets/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol: HTTP/1.1
Server: 99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Aug 2022 13:02:01 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.js Show response
hr-internal.co/assets/ 28 KB
7 KB 28ms
28ms Script
application/javascript 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://hr-internal.co/assets/all.js?g=1dc7e26735
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol: HTTP/1.1
Server: 99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Aug 2022 13:01:55 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 7191
Expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H/1.1 200
OK browser_post Show response
hr-internal.co/secure/ 0
716 B 36ms
36ms XHR
image/gif 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://hr-internal.co/secure/browser_post

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: XQ4GVVFACQAAU1VQDwQHUw==
tracestate: 1506924@nr=0-1-98147-1307432040-6f225451c9c12be8----1661868504862
traceparent: 00-30c65cad73e7b1800303c0d438d542c8-6f225451c9c12be8-01
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6Ijk4MTQ3IiwiYXAiOiIxMzA3NDMyMDQwIiwiaWQiOiI2ZjIyNTQ1MWM5YzEyYmU4IiwidHIiOiIzMGM2NWNhZDczZTdiMTgwMDMwM2MwZDQzOGQ1NDJjOCIsInRpIjoxNjYxODY4NTA0ODYyLCJ0ayI6IjE1MDY5MjQifX0=
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
X-Requested-With: XMLHttpRequest

Response headers

Date: Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 70a788eb-8264-475a-8cdf-b896ec5f5201
X-Runtime: 0.006704
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding, Accept
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 59ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 2a286691-3b40-4e1e-89e5-f6dd69c812c3
X-Runtime: 0.002362
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 59ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 3e8a7383-7659-4476-b553-78d16931023c
X-Runtime: 0.002396
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 65ms
36ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 22bf655c-cb70-4469-bc2a-0399f9672198
X-Runtime: 0.003015
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 65ms
36ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 63d3dc74-be0b-4475-9906-b4c5e1432be4
X-Runtime: 0.003075
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 64ms
35ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20browser_version%20%3D%20104&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: a75d8450-edb8-4fe5-b783-6bd0e460ec17
X-Runtime: 0.002295
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 37ms
37ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: add4a3b5-05d4-4057-9821-d0446d1194ed
X-Runtime: 0.002302
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 32ms
31ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: af6505c8-ca7d-4111-835e-dd49c68eb171
X-Runtime: 0.001867
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 32ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 13f3b238-da0c-401a-b882-be914e8b1a00
X-Runtime: 0.002380
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 33ms
33ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 168a2054-b855-4bc6-aba9-84afb5e7092c
X-Runtime: 0.002058
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 33ms
33ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: e34430cc-93f1-4d60-9d8b-5b537e6e82d4
X-Runtime: 0.001894
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 32ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: bcdacb62-15a4-49b5-918c-a6596f740538
X-Runtime: 0.001892
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 31ms
31ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: e52665fc-c68e-4c34-9ba3-918b1ca04288
X-Runtime: 0.002032
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 33ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 4d2d1a51-7a64-40fc-8c2d-c4c171564834
X-Runtime: 0.002685
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 31ms
31ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: bf790991-2edc-4e9c-9add-d000755c0ab6
X-Runtime: 0.002190
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 35ms
34ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 1deec648-04e1-4e38-aab1-6f2f28c6f669
X-Runtime: 0.003855
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 33ms
33ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 8df3e6fa-725a-4c40-9706-47646ab77c7f
X-Runtime: 0.002560
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 32ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=java_version_pl%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: d1c594b9-04ee-4229-8f8c-9f56f809eb6d
X-Runtime: 0.001902
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 31ms
31ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: dc1ac1fe-6e94-46bd-9f93-6a30a8a2da60
X-Runtime: 0.001962
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 32ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=java_version_jres%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 9e693a15-09da-48e6-aa98-8acd06a93b53
X-Runtime: 0.002135
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 32ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=java_version%20%3D%20undefined&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 934044e7-81d1-4970-8037-4b15674cdd59
X-Runtime: 0.002248
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 33ms
33ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=Loading%20flash%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: bd002844-198b-4e56-8f63-5c83754a0e0d
X-Runtime: 0.002326
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 34ms
33ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=flash%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 66f10e81-077a-4406-bf23-ea24cb7988f9
X-Runtime: 0.002266
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 31ms
31ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=Loading%20pdf%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 2eed0d1b-353e-49ab-a509-12b3869ece17
X-Runtime: 0.002030
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 32ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 44ad398f-11da-480e-a048-ac016b24ad97
X-Runtime: 0.001902
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 33ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=pdf%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: bec36067-dcc7-4e20-a4f8-87736b3bd84c
X-Runtime: 0.002372
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 33ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=Loading%20quicktime%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 9418da1d-2cc0-47cd-b194-48a23979026f
X-Runtime: 0.002915
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 35ms
35ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=quicktime%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 2e21f863-6260-49ba-a797-e565ddf48022
X-Runtime: 0.002386
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 33ms
33ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=Loading%20RealPlayer%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: db096c68-0ca3-4208-b3db-38ab9e33f3f2
X-Runtime: 0.002326
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 33ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=realplayer%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: ab215af7-d9c3-4d13-9942-c29f3a37ef85
X-Runtime: 0.002190
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 34ms
33ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=Loading%20Silverlight%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 0df3786e-5176-4b6b-8f84-8e6ce8bec5ce
X-Runtime: 0.001977
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 32ms
31ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=silverlight%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: eaba004f-67dd-441f-bd84-a3e10374b4f2
X-Runtime: 0.002162
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 32ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: fdbd51bf-a09a-4c35-8caf-3158f1b04985
X-Runtime: 0.002284
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 33ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=wmp%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 163e61c5-81c6-4cde-8d81-ced0551eb835
X-Runtime: 0.002267
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 34ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=redirecting%20to%20%2Fload_training%3Fguid%3Db61dc7e9826735d1%26correlation_id%3D1c83ce17-b3a9-422e-9288-2cd471c6d932&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: d7c74433-b89b-4f28-84e0-13621970849f
X-Runtime: 0.002218
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 31ms
31ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=1dc7e26735&msg=browser_post_successful&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: feaa8409-845a-4729-835c-b57f52d21b7a
X-Runtime: 0.002239
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK Primary Request load_training Show response
hr-internal.co/ 40 KB
15 KB 56ms
56ms Document
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/assets/all.js?g=1dc7e26735

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

4561f9d06ee7a039a004fd90baee232433a422995a0c4b663c5e594049025cc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 30 Aug 2022 14:08:25 GMT
ETag: W/"4561f9d06ee7a039a004fd90baee2324"
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665 ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 3ec8827e-7d7a-45c7-aafc-f4db394e1ecb
X-Runtime: 0.023349
X-XSS-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 94ms
30ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 14:07:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Aug 2022 14:08:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Aug 2022 14:08:26 GMT

GET
H/1.1 200
OK url.css
tslp.s3.amazonaws.com/training/embedded/css/ 6 KB
7 KB 187ms
185ms Stylesheet
text/css 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/training/embedded/css/url.css
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 18fd69a3bb1fc61221c8d6c3bbbd177c38a21d96392bf2b403ddd9969615cf22

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Tue, 30 Aug 2022 14:08:26 GMT
Last-Modified: Fri, 26 Aug 2022 14:07:46 GMT
Server: AmazonS3
x-amz-request-id: 9ZV2EF0TPXWE0H23
ETag: "0560febf38cfe916ab8ffbee8ce4e9fc"
x-amz-version-id: jWFW6Vb_IckPQFjf7Ej9_NT_HlQSyGGs
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 6367
x-amz-id-2: agL8Ien1a9vKJdRz2cPf9IrGR+YLZumBhVY+QtbmW7wrJt0xs0Z2x6mmjrXVGYHOEGrFErqFPyU=

GET
H/1.1 200
OK langdrop.css
tslp.s3.amazonaws.com/training/teachable_moments/css/ 2 KB
2 KB 191ms
189ms Stylesheet
text/css 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/training/teachable_moments/css/langdrop.css
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5243766eedfcba70128c2931dbef8875f942b81e39002d80dc0110167d4ef742

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Tue, 30 Aug 2022 14:08:26 GMT
Last-Modified: Fri, 26 Aug 2022 14:07:49 GMT
Server: AmazonS3
x-amz-request-id: 9ZV6YHDFG65W2PJR
ETag: "bc7f970ad0f163bc72c9ae9aa09e1cde"
x-amz-version-id: OhzuQr9n0bqd2zskiPVZjmnmHAmPcoAx
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 1713
x-amz-id-2: s0/L7g52foSVwuL0LZm6xfN6SmReOf4ku6++RWXEr5WTBoVfN+pX00LkIbsDU+q3URKaGK9HIPc=

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 27ms
25ms Script
application/javascript 52.222.206.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol: HTTP/1.1
Server: 52.222.206.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 01:11:07 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 305839
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
X-Amz-Cf-Pop: FRA56-P3
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: AEm88kCgB9MEAExkx3Aop3Sg75eGCOtjFXo20lpFEP5JgCACoj2XrA==

GET
H/1.1 200
OK jquery.min.js Show response
hr-internal.co/assets/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 34ms
33ms Script
application/javascript 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://hr-internal.co/assets/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol: HTTP/1.1
Server: 99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Aug 2022 13:01:55 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 188ms
186ms Script
text/javascript 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: 9ZV4JQ3AXA410QJ9
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: cygD0fsLVibffVhlPoIR8RLMb/VErA9N4nwjVG8Goq5WA0IWBQjsKuQHtSrVd7rTrQu6I4/Bc7Q=

GET
H/1.1 200
OK java.js Show response
tslp.s3.amazonaws.com/detect/ 50 KB
50 KB 189ms
188ms Script
text/javascript 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/java.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
Server: AmazonS3
x-amz-request-id: 9ZV3H9WJR4GT5NMW
ETag: "2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50717
x-amz-id-2: Y4mjRyjbrz0aseRsOmj6HhaJ2COc/eT3RQutYAcHtkS3mNZTSdVIGyj/tnYMf4cNP/s/GnL947E=

GET
H2

200

deployJava.js Show response
www.java.com/js/
Redirect Chain

https://java.com/js/deployJava.js
https://www.java.com/js/deployJava.js

18 KB
6 KB

44ms
44ms

Script
application/javascript

2a02:26f0:6c00:29b::196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.java.com/js/deployJava.js

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

Server

2a02:26f0:6c00:29b::196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62: 8096267
date: Tue, 30 Aug 2022 14:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
akamai-grn: 0.acba1002.1661868505.32c97541
x-oracle-dms-rid: 0
content-disposition: attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 5512
x-xss-protection: 1
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
etag: "D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19"
vary: Accept-Encoding
x-oracle-dms-ecid: b85274a8-529b-4517-852b-a0c05db569b3-003a160b
content-type: application/javascript
cache-control: public, max-age=86400
expires: Wed, 31 Aug 2022 14:08:26 GMT

Redirect headers

date: Tue, 30 Aug 2022 14:08:25 GMT
server: AkamaiGHost
akamai-grn: 0.acba1002.1661868505.32c974db
location: https://www.java.com/js/deployJava.js
cache-control: max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 0
x-xss-protection: 1
expires: Wed, 31 Aug 2022 14:08:25 GMT

GET
H/1.1 200
OK flash.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 190ms
188ms Script
text/javascript 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/flash.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
Server: AmazonS3
x-amz-request-id: 9ZVDWBGWE7KAASHB
ETag: "f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 6680
x-amz-id-2: wBtylILboRSMXd0oATQz9dXsCSWS44hFuMQQuFEGByp5Emyoh0mi8xXPoFKJNUFPCm5JT33Zs4k=

GET
H/1.1 200
OK pdf.js Show response
tslp.s3.amazonaws.com/detect/ 22 KB
23 KB 190ms
189ms Script
text/javascript 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/pdf.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
Server: AmazonS3
x-amz-request-id: 9ZV9QTA5H41HNTTK
ETag: "0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 22855
x-amz-id-2: ihr0Ckl/0AMpc6QlmRB/YBR0dULQTcI98lzVh6YqhurKbanUx1aeTwH3AAfTaVsSkcnvcjpDJ9o=

GET
H/1.1 200
OK quicktime.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 309ms
117ms Script
text/javascript 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:27 GMT
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
Server: AmazonS3
x-amz-request-id: 2JW4FTSRGKZR0VM8
ETag: "ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 6999
x-amz-id-2: Ioywnqjih8KFeFqP0M398jTCcziSq3DQFh9atjh+zgdHeZN5wKWQAoW5adewcaEGsQRRRtOp5RU=

GET
H/1.1 200
OK realplayer.js Show response
tslp.s3.amazonaws.com/detect/ 10 KB
10 KB 310ms
118ms Script
text/javascript 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:27 GMT
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
Server: AmazonS3
x-amz-request-id: 2JW9S042ZV1EWF1S
ETag: "3d7be656672c16a34806c13388410325"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 9775
x-amz-id-2: mygjsuV+0lTyIwAk4aWYhvPDLWHaAW5+VjjRPRzPuhmtkssHrLfo3lvQJwIPg941FGDh2TZlH8U=

GET
H/1.1 200
OK silverlight.js Show response
tslp.s3.amazonaws.com/detect/ 4 KB
5 KB 317ms
125ms Script
text/javascript 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:27 GMT
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
Server: AmazonS3
x-amz-request-id: 2JW6EVCYE561DHPW
ETag: "e6dd596d2bc204ea573b868b92028c26"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 4234
x-amz-id-2: f+N3L6AqZEqsqI/HPUgJIjRfmzl5q+lUIThtu89C9212jtvOWrcC9RtNQdJZbNr64fq0Kg/LLns=

GET
H/1.1 200
OK wmp.js Show response
tslp.s3.amazonaws.com/detect/ 6 KB
6 KB 320ms
128ms Script
text/javascript 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/wmp.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:27 GMT
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
Server: AmazonS3
x-amz-request-id: 2JW3FYXRVV9GX4VM
ETag: "ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 5941
x-amz-id-2: c8d0dDa8caMxWqhWok5ij/sI31D0jGwWqp+6RY0LoxES/j/FexLclt/y83BESAT30npliPfkZkk=

GET
H/1.1 200
OK default.png
tslp.s3.amazonaws.com/training/embedded/ 10 KB
10 KB 123ms
122ms Image
image/png 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tslp.s3.amazonaws.com/training/embedded/default.png
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 37c1bad24983b6ac3d9e31b8c76a814cea88f1300e1e24b2f0d15024c5bdedab

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Tue, 30 Aug 2022 14:08:27 GMT
Last-Modified: Fri, 26 Aug 2022 14:07:46 GMT
Server: AmazonS3
x-amz-request-id: 2JW5C67PAR1GP0QT
ETag: "92a487c56c5c7db7a2bc18ce6bd7aa84"
x-amz-version-id: l47MsaK9zz9UtUnGwq3js.oNAplIyUY9
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 10034
x-amz-id-2: bE4T1zm/0T6zgvoRX9tozfWZmW/NFO8n83hRVqRrCJFM2IO0EWshCPXhUrNvfCDMLAzxNqp9hMc=

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 91 KB
33 KB 25ms
24ms Script
text/javascript 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 18:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33621
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 18:46:06 GMT

GET
H/1.1 200
OK language.18071.js Show response
tslp.s3.amazonaws.com/languages/ 8 KB
8 KB 128ms
128ms Script
application/javascript 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/languages/language.18071.js
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 73f360f08e8c2a1719c098491e17d53cdaa98d246585bfd0285a2afad75c51a7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Tue, 30 Aug 2022 14:08:27 GMT
Last-Modified: Fri, 26 Aug 2022 14:07:38 GMT
Server: AmazonS3
x-amz-request-id: 2JWF67ETXQEMB958
ETag: "8b9a9d305bd69c962b600c08f3c69edf"
x-amz-version-id: U_kpSjDDW4npfowvZPZnd2_aKVkUaKPA
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 8207
x-amz-id-2: /crXJOc24cyZ02CpRwgaX+QtXxeHxUgAuk9jmAhw03+YrM+m+vBX9Q+sOjw5WitS5wiMfGBKgL4=

GET
H/1.1 200
OK training.js Show response
tslp.s3.amazonaws.com/assets/js/ 352 B
811 B 259ms
154ms Script
application/javascript 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://tslp.s3.amazonaws.com/assets/js/training.js
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol: HTTP/1.1
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Tue, 30 Aug 2022 14:08:27 GMT
Last-Modified: Fri, 26 Aug 2022 14:07:38 GMT
Server: AmazonS3
x-amz-request-id: 2JWC5K97QF45EZG2
ETag: "029ab28ca3c245dc425e3f3f6599d480"
x-amz-version-id: 6KvPBARKn9Wl5VW3Hl_LtK2bIq68QrGH
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 352
x-amz-id-2: YNZJZ0sEvMWuCKAG60k0w7/qXSPWQKc8hApNBIsIE0drQS/qypPQRMPvWse4SwqrhXQ0UISxtt0=

GET
H/1.1 200
OK all.js Show response
hr-internal.co/assets/ 28 KB
7 KB 29ms
29ms Script
application/javascript 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://hr-internal.co/assets/all.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol: HTTP/1.1
Server: 99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Aug 2022 13:01:55 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 7191
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK hooks-a3eab7.png
tslp.s3.amazonaws.com/training/production/314/ 5 KB
5 KB 120ms
120ms Image
image/png 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tslp.s3.amazonaws.com/training/production/314/hooks-a3eab7.png
Requested by: Host: tslp.s3.amazonaws.com
URL: https://tslp.s3.amazonaws.com/training/embedded/css/url.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7789f06bcf267ab54b9bc9c64ea04877c46aa141f67a21a501d908447fd95ebb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tslp.s3.amazonaws.com/training/embedded/css/url.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Tue, 30 Aug 2022 14:08:27 GMT
Last-Modified: Fri, 26 Aug 2022 14:07:48 GMT
Server: AmazonS3
x-amz-request-id: 2JW9X3X7R3X0P30T
ETag: "3e598c505586e70346fa62d104dd540f"
x-amz-version-id: .YGCnRqbXkaDTSLNT7EWxvKvKu.lg1.r
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 5003
x-amz-id-2: otqo9gzl/p/UqUaw/YZDSAR0gaDw0QnqXWlklkjeRgdoEQyt1ngho05+f9oiy+EQAuDroBZ7KMo=

GET
H/1.1 200
OK mail.png
d25q7gseii1o1q.cloudfront.net/training/fish/ 926 B
1 KB 88ms
22ms Image
image/png 13.32.118.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d25q7gseii1o1q.cloudfront.net/training/fish/mail.png
Requested by: Host: tslp.s3.amazonaws.com
URL: https://tslp.s3.amazonaws.com/training/embedded/css/url.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-209.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a35de3a30e58bf477febca8b47225959f48fd384faf088a218d6bf2251f06cbe

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tslp.s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 02:07:20 GMT
Via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
Last-Modified: Fri, 30 May 2014 15:01:28 GMT
Server: AmazonS3
Age: 43267
ETag: "3c506b80d78539262795c9ba59a0631a"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 926
X-Amz-Cf-Id: E-tXD2VuPEgOPKBhByVjXp3TyyJY9M28egN6WWQe1HaB24IP677bhw==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 85ms
26ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://hr-internal.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 69482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 18:50:24 GMT

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 34ms
31ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 3d19e046-924b-41d2-8218-5cca006d278d
X-Runtime: 0.001839
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 35ms
33ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 1c7ef22e-7a30-4de9-ae3b-3d98ff6777a8
X-Runtime: 0.002450
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 34ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: b08c0dab-4033-45a6-b988-770c844a8d6b
X-Runtime: 0.001888
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK en-us.json Show response
tslp.s3.amazonaws.com/training/embedded/translations/url/ 2 KB
2 KB 253ms
142ms XHR
application/json 52.217.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://tslp.s3.amazonaws.com/training/embedded/translations/url/en-us.json
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol: HTTP/1.1
Server: 52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6029db4e8a8928f728f865f2cb26f295ec030e46f621f8296d3af91481e01c27

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://hr-internal.co/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:27 GMT
ETag: "5113dad20241201a33ab81b33233bd01"
Last-Modified: Thu, 28 Jul 2022 16:04:00 GMT
Server: AmazonS3
x-amz-request-id: 2JWFJBF80B5F5Z8J
x-amz-server-side-encryption: AES256
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
x-amz-version-id: xV8j7ipjt7r5IXF867C5WtwFqd2iPiM7
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Accept-Ranges: bytes
Content-Type: application/json
Content-Length: 1895
x-amz-id-2: +DtQqah3z/C/kMkYmP70f4xLKxT8m3Dq/kTe2F7y0QPoZkiBei/mGV6kyTA58f56W5q17lrwMBA=

GET
H/1.1 200
OK log
hr-internal.co/ 0
702 B 33ms
32ms Image
image/gif 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/log?id=1dc7e26735&campaign_guid=80acdd184e&msg=screenshot%20id%20exists%20with%20environment%20%3D%20production

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 0b2c3cc8-4a96-4be4-826a-5d1f642e4023
X-Runtime: 0.002394
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK log
hr-internal.co/ 0
702 B 34ms
31ms Image
image/gif 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/log?id=1dc7e26735&campaign_guid=80acdd184e&msg=screenshot_url%20%3D%20https%3A%2F%2Fts-content-eu.s3-eu-west-1.amazonaws.com%2Fproduction%2Fcampaign_emails%2F80acdd184e%2F1dc7e26735_screenshot.jpg

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 66d06bd5-6a5b-4352-9992-713287cc2a9b
X-Runtime: 0.002041
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK 1dc7e26735_screenshot.jpg
ts-content-eu.s3-eu-west-1.amazonaws.com/production/campaign_emails/80acdd184e/ 39 KB
39 KB 220ms
103ms Image
image/jpeg 52.218.120.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ts-content-eu.s3-eu-west-1.amazonaws.com/production/campaign_emails/80acdd184e/1dc7e26735_screenshot.jpg
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.120.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2265341b151271f164e9989c291e26feee59a359966806e445e226b40011266a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Tue, 30 Aug 2022 14:08:27 GMT
Last-Modified: Tue, 30 Aug 2022 12:54:14 GMT
Server: AmazonS3
x-amz-request-id: 2JWBTY9QB5VM7PEM
ETag: "ed664eb9228eebb0d7c400240aa2fb7e"
Content-Type
Accept-Ranges: bytes
Content-Length: 39774
x-amz-id-2: XZE4jbePhO1Qcs8H1T7V87hQKDXseLK+5eCB6cUmkcZ7gyQX9y0UN6P5A1BtNT42OxcBL5UrJRQ=

GET
H/1.1 200
OK log
hr-internal.co/ 0
702 B 35ms
32ms Image
image/gif 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/log?id=1dc7e26735&campaign_guid=80acdd184e&msg=logo_object%20does%20not%20exist

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: a41b98a7-9aa6-4dc8-a51b-118b35d8f818
X-Runtime: 0.002172
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 36ms
34ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: a326f359-e433-4e2e-9e69-b72652540da2
X-Runtime: 0.003187
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 32ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 7c3c91d2-4aeb-49ce-9f79-b72c455d176f
X-Runtime: 0.001915
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 34ms
33ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 5bd498e9-8487-45eb-aff6-8679fd286e86
X-Runtime: 0.003194
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 35ms
35ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 2ccf4ab1-7637-4745-8ab7-23d5a9b8effc
X-Runtime: 0.002639
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 31ms
31ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20browser_version%20%3D%20104&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 112b0051-5c8b-442a-894b-17d6f3fa1c72
X-Runtime: 0.002017
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 35ms
35ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 3f0a14d6-b206-4827-813c-371bc14dfef6
X-Runtime: 0.002181
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 32ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: d6ddb35e-92d0-4fa4-bb74-f1e7d8b1a237
X-Runtime: 0.001999
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 39ms
38ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 7094ee5d-c93f-4a4e-bf2a-912605efd8d4
X-Runtime: 0.001962
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 40ms
39ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 6fa3b1a5-edf5-40ed-a842-4b29134308ef
X-Runtime: 0.002386
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 33ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: a65e651e-88c0-40f2-8aa1-77c4262d0787
X-Runtime: 0.001843
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 33ms
33ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 4e986d3f-acab-4ae6-816f-eea7c9bc6388
X-Runtime: 0.002155
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 32ms
31ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: b17a9bd9-0a52-4221-8774-a68f7860b7bc
X-Runtime: 0.001719
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 36ms
36ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: bbd7085b-41c4-482e-a85f-4a275e6486df
X-Runtime: 0.002779
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 44ms
40ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: a2080d92-52ab-42f0-858a-2f725080c132
X-Runtime: 0.005294
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 38ms
37ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 7b8712d7-59b5-4a7c-aa6d-832498fd8682
X-Runtime: 0.002599
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 38ms
36ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: d8dd2145-a843-45e5-ac2e-840b635224d3
X-Runtime: 0.002723
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 42ms
41ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=java_version_pl%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: d7e7c1e5-4508-4814-9a96-9e5ec74e2ec2
X-Runtime: 0.004184
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 35ms
35ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 19056155-a91e-41ee-8f3d-f1d45a6b8433
X-Runtime: 0.001697
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 38ms
37ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=java_version_jres%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 8f29b7be-4d25-4963-b977-097a51c15b07
X-Runtime: 0.007447
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 37ms
36ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=java_version%20%3D%20undefined&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: fb887e6e-44a7-4b9f-abac-9b738ebd5855
X-Runtime: 0.002937
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 34ms
33ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=Loading%20flash%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: ecb6024c-ca92-4c6b-9662-5b0889723f50
X-Runtime: 0.002128
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 36ms
35ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=flash%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: e33e9724-aec1-49cb-955d-a852c2750d80
X-Runtime: 0.002450
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 35ms
35ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=Loading%20pdf%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 4eaa5ae3-84df-4e4b-a613-74dcb8be2af6
X-Runtime: 0.004176
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 37ms
37ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 96d15737-a9f9-4eb1-92fc-d85272eb0da9
X-Runtime: 0.002747
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 32ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=pdf%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: f823df34-439b-4fa8-b293-65559dedb712
X-Runtime: 0.001886
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 37ms
35ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=Loading%20quicktime%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: c30ea941-b26a-4712-833d-4bb842f9bc4f
X-Runtime: 0.005551
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 37ms
37ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=quicktime%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 0fc4d576-d183-4923-9ee3-f9615bbbb1d7
X-Runtime: 0.003009
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 38ms
37ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=Loading%20RealPlayer%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 15b0a34f-a9b2-449d-85fd-e02ac7081969
X-Runtime: 0.005950
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 32ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=realplayer%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 39c01642-c39f-44ff-8af2-f0be3e9d4c09
X-Runtime: 0.002431
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 40ms
38ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=Loading%20Silverlight%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 13ed1ad6-ed90-4515-bde7-f059ebdd0169
X-Runtime: 0.008067
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 33ms
32ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=silverlight%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 47ffae21-6dff-4723-984f-8e7cbcd6f579
X-Runtime: 0.001771
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 32ms
31ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 3dbe604d-3cac-49c8-becb-dd24555ed3f2
X-Runtime: 0.002028
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 42ms
33ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=wmp%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 6ddf6cdb-e1a9-4dc2-8799-261343e01215
X-Runtime: 0.003253
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 34ms
34ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=training_page_no_browser_post&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 1b971509-f776-429b-a9e0-64aa94193e8f
X-Runtime: 0.002749
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
hr-internal.co/ 0
687 B 36ms
35ms Image
text/html 99.81.241.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=redirect_url%20is%20undefined&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Requested by

Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Protocol

HTTP/1.1

Server

99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-241-47.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: f5a8e02c-c636-4820-8a9f-bfce9352164f
X-Runtime: 0.001814
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ 49 KB
18 KB 63ms
17ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding: gzip
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-request-id: Q4SPG68346QHC2ZJ
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 18216
x-amz-id-2: 18LOLvnfT7KSu+oo+YphKp5ycMEyY1hVzzcg9IIXeXpMLjw+SQaP2WHNVe56s2k1fhBaDPIfKTE=
x-served-by: cache-cdg20777-CDG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1661868507.847857,VS0,VE0
date: Tue, 30 Aug 2022 14:08:26 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4819

GET
H/1.1 200
OK 4b7a74eb40 Show response
bam.nr-data.net/1/ 49 B
715 B 460ms
393ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/4b7a74eb40?a=1307428505&v=1216.487a282&to=dVtXQkUKCFpTQxtNFlddV19ZAktFXl5D&rst=1002&ck=1&ref=http://hr-internal.co/load_training&ap=23&be=80&fe=929&dc=653&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1661868505864,%22n%22:0,%22u%22:59,%22ue%22:60,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22ce%22:1,%22rq%22:2,%22rp%22:57,%22rpe%22:89,%22dl%22:60,%22di%22:653,%22ds%22:653,%22de%22:674,%22dc%22:929,%22l%22:929,%22le%22:930%7D,%22navigation%22:%7B%7D%7D&fp=422&fcp=422&jsonp=NREUM.setToken
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://hr-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:08:27 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 742e19386fa9d5cd-CDG

POST
H/1.1 200
OK 4b7a74eb40 Show response
bam.nr-data.net/events/1/ 24 B
501 B 183ms
183ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/4b7a74eb40?a=1307428505&v=1216.487a282&to=dVtXQkUKCFpTQxtNFlddV19ZAktFXl5D&rst=1469&ck=1&ref=http://hr-internal.co/load_training
Requested by: Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: http://hr-internal.co/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
content-type: text/plain

Response headers

Date: Tue, 30 Aug 2022 14:08:27 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: http://hr-internal.co
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 742e193aecffd5cd-CDG
Content-Length: 24

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hr-internal.co
URL: https://hr-internal.co:49153/alt_pixel_click_1dc7e26735.gif?correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Phishing Simulation (Internet)

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hr-internal.co/	1969-12-31 23:59:59	Name: EXFILGUID Value: 1dc7e26735
hr-internal.co/	1969-12-31 23:59:59	Name: link_clicked_1dc7e26735 Value: 1
java.com/	1970-01-20 05:37:48	Name: akaalb_OCE_Failover Value: 1661868564~op=JCOM_OCE:oceProdappJcomProdOrigin\|~rv=87~m=oceProdappJcomProdOrigin:0\|~os=2708f36cb43ca861e42dc0215e4669c5~id=cf08af83adedd9230b54f2ce97336605
www.java.com/	1970-01-20 05:37:48	Name: akaalb_OCE_Failover Value: 1661868564~op=JCOM_OCE:oceProdappJcomProdOrigin\|~rv=37~m=oceProdappJcomProdOrigin:0\|~os=2708f36cb43ca861e42dc0215e4669c5~id=f8f87326b0bd6f84512f3dd826aa82e6
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: fc451d85ef09c303

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bam.nr-data.net
d25q7gseii1o1q.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
hr-internal.co
java.com
js-agent.newrelic.com
ts-content-eu.s3-eu-west-1.amazonaws.com
tslp.s3.amazonaws.com
www.java.com
hr-internal.co
13.32.118.209
151.101.66.137
162.247.241.14
2a00:1450:4001:828::2003
2a00:1450:400e:80c::200a
2a02:26f0:6c00:29b::196
52.217.78.44
52.218.120.26
52.222.206.53
99.81.241.47
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
18fd69a3bb1fc61221c8d6c3bbbd177c38a21d96392bf2b403ddd9969615cf22
2265341b151271f164e9989c291e26feee59a359966806e445e226b40011266a
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
37c1bad24983b6ac3d9e31b8c76a814cea88f1300e1e24b2f0d15024c5bdedab
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9
4561f9d06ee7a039a004fd90baee232433a422995a0c4b663c5e594049025cc0
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
5243766eedfcba70128c2931dbef8875f942b81e39002d80dc0110167d4ef742
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
6029db4e8a8928f728f865f2cb26f295ec030e46f621f8296d3af91481e01c27
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19
73f360f08e8c2a1719c098491e17d53cdaa98d246585bfd0285a2afad75c51a7
7789f06bcf267ab54b9bc9c64ea04877c46aa141f67a21a501d908447fd95ebb
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238
8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861
a35de3a30e58bf477febca8b47225959f48fd384faf088a218d6bf2251f06cbe
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dfd3b2227498a72587c6d7e18a3a62782a9c0d1192debdad1c2067a053ead15f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

hr-internal.co Open in urlscan Pro 99.81.241.47 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

119 Requests

24 %HTTPS

30 %IPv6

8 Domains

12 Subdomains

11 IPs

3 Countries

666 kBTransfer

933 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hr-internal.co Open in urlscan Pro
99.81.241.47 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

24 %
HTTPS

30 %
IPv6

8
Domains

12
Subdomains

11
IPs

3
Countries

666 kB
Transfer

933 kB
Size

5
Cookies

119 HTTP transactions
0 data transactions