Submitted URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Effective URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Submission: On August 30 via manual from FR — Scanned from FR

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 119 HTTP transactions. The main IP is 99.81.241.47, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is hr-internal.co.
This is the only time hr-internal.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Phishing Simulation (Internet)

Domain & IP information

IP Address AS Autonomous System
83 99.81.241.47 16509 (AMAZON-02)
23 52.217.78.44 16509 (AMAZON-02)
2 4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 52.222.206.53 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.32.118.209 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.218.120.26 16509 (AMAZON-02)
1 151.101.66.137 54113 (FASTLY)
2 162.247.241.14 23467 (NEWRELIC-...)
119 11
Apex Domain
Subdomains
Transfer
83 hr-internal.co
hr-internal.co
159 KB
24 amazonaws.com
tslp.s3.amazonaws.com — Cisco Umbrella Rank: 149626
ts-content-eu.s3-eu-west-1.amazonaws.com
389 KB
4 java.com
java.com — Cisco Umbrella Rank: 27594
www.java.com — Cisco Umbrella Rank: 43705
12 KB
3 cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
d25q7gseii1o1q.cloudfront.net
8 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 259
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
ajax.googleapis.com — Cisco Umbrella Rank: 286
34 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 365
18 KB
1 gstatic.com
fonts.gstatic.com
44 KB
119 8
Domain Requested by
83 hr-internal.co hr-internal.co
23 tslp.s3.amazonaws.com hr-internal.co
tslp.s3.amazonaws.com
2 bam.nr-data.net hr-internal.co
2 d2wy8f7a9ursnm.cloudfront.net hr-internal.co
2 www.java.com hr-internal.co
2 java.com 2 redirects
1 js-agent.newrelic.com hr-internal.co
1 ts-content-eu.s3-eu-west-1.amazonaws.com hr-internal.co
1 fonts.gstatic.com fonts.googleapis.com
1 d25q7gseii1o1q.cloudfront.net tslp.s3.amazonaws.com
1 ajax.googleapis.com hr-internal.co
1 fonts.googleapis.com hr-internal.co
119 12

This site contains links to these domains. Also see Links.

Domain
www.wombatsecurity.com
Subject Issuer Validity Valid
*.s3.amazonaws.com
Amazon
2021-12-15 -
2022-12-03
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon
2021-12-17 -
2022-12-07
a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2
2022-07-10 -
2023-08-11
a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-01-10 -
2023-02-10
a year crt.sh

This page contains 1 frames:

Primary Page: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Frame ID: D753EB3BFCC815886BEC1CCF0DBB2354
Requests: 119 HTTP requests in this frame

Screenshot

Page Title

You have been Phished!

Page URL History Show full URLs

  1. http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35 Page URL
  2. http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /bugsnag.*\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

119
Requests

24 %
HTTPS

30 %
IPv6

8
Domains

12
Subdomains

11
IPs

3
Countries

666 kB
Transfer

933 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35 Page URL
  2. http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://java.com/js/deployJava.js HTTP 302
  • https://www.java.com/js/deployJava.js
Request Chain 57
  • https://java.com/js/deployJava.js HTTP 302
  • https://www.java.com/js/deployJava.js

119 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
351dc7ef826735f6
hr-internal.co/2022-EvolRemun_COMEX.xlsx/
35 KB
12 KB
Document
General
Full URL
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
dfd3b2227498a72587c6d7e18a3a62782a9c0d1192debdad1c2067a053ead15f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 30 Aug 2022 14:08:24 GMT
ETag
W/"dfd3b2227498a72587c6d7e18a3a6278"
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
9fd54bcf-5501-4a09-8c60-2812f59a6094
X-Runtime
0.016285
X-XSS-Protection
1; mode=block
alt_pixel_click_1dc7e26735.gif
hr-internal.co/
0
0

plugin_detect.js
tslp.s3.amazonaws.com/detect/
49 KB
49 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Last-Modified
Wed, 15 Feb 2017 17:56:07 GMT
Server
AmazonS3
x-amz-request-id
YYQ5SRRDQVTKGPD7
ETag
"00a513f07603df01e3b99be00f370754"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
50085
x-amz-id-2
nUtpULfqKv0XYZeogeA2XN2VFeyeXmqddjykRT9mLKipSQpX20YepEPfKrPwYo5wW0nPyXHdfac=
java.js
tslp.s3.amazonaws.com/detect/
50 KB
50 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/java.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Last-Modified
Wed, 15 Feb 2017 14:38:28 GMT
Server
AmazonS3
x-amz-request-id
YYQEQFBGFFFR5242
ETag
"2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
50717
x-amz-id-2
nq4lQsiiSUYgQFunU1e3hyCP0bNq1UGoxpYnmbIzIehKQydOAVmOb09poTCON2posOwvf9HPW2c=
deployJava.js
www.java.com/js/
Redirect Chain
  • https://java.com/js/deployJava.js
  • https://www.java.com/js/deployJava.js
18 KB
6 KB
Script
General
Full URL
https://www.java.com/js/deployJava.js
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
H2
Server
2a02:26f0:6c00:29b::196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62
8096267
date
Tue, 30 Aug 2022 14:08:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
akamai-grn
0.acba1002.1661868504.32c96a1b
x-oracle-dms-rid
0
content-disposition
attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
5512
x-xss-protection
1
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
etag
"D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19"
vary
Accept-Encoding
x-oracle-dms-ecid
b85274a8-529b-4517-852b-a0c05db569b3-003a160b
content-type
application/javascript
cache-control
public, max-age=86400
expires
Wed, 31 Aug 2022 14:08:24 GMT

Redirect headers

date
Tue, 30 Aug 2022 14:08:24 GMT
server
AkamaiGHost
akamai-grn
0.acba1002.1661868504.32c968e4
location
https://www.java.com/js/deployJava.js
cache-control
max-age=86400
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
0
x-xss-protection
1
expires
Wed, 31 Aug 2022 14:08:24 GMT
flash.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/flash.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Last-Modified
Wed, 15 Feb 2017 03:54:01 GMT
Server
AmazonS3
x-amz-request-id
YYQ9KJ28XRJGFH8Z
ETag
"f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
6680
x-amz-id-2
g3izQd15+FxCskGWSWD25h38wqsbkFpdb8SWRU76qfXrVXS+TlwzMUy/hOyYAVV4eriXdmWgaiI=
pdf.js
tslp.s3.amazonaws.com/detect/
22 KB
23 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/pdf.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Last-Modified
Wed, 15 Feb 2017 14:39:34 GMT
Server
AmazonS3
x-amz-request-id
YYQCPP5NS1W9WW12
ETag
"0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
22855
x-amz-id-2
PC9WhzmSxrCJGMI4tDm9RIly7yByEa61VpNAlVuqNSIKMYzH5ioSR0MPHSddJ8IsHn3IyoWua/w=
quicktime.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Last-Modified
Wed, 15 Feb 2017 14:41:05 GMT
Server
AmazonS3
x-amz-request-id
YYQDJ31574B13FXJ
ETag
"ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
6999
x-amz-id-2
5rh7mtNp2oDa4cnP5RX3m/EJQ+2azrKrBCIfrZpsFEWCw6HfKt6yfMwH2QzVwcihPu+QtztqGtQ=
realplayer.js
tslp.s3.amazonaws.com/detect/
10 KB
10 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Last-Modified
Wed, 15 Feb 2017 14:45:02 GMT
Server
AmazonS3
x-amz-request-id
YYQ3YZP998BQ3RRK
ETag
"3d7be656672c16a34806c13388410325"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
9775
x-amz-id-2
Pjv5zuHsq3/y/bHzBpNrNgPaY5/OEDIKQiNExjRSx9Y0o4ZllZZ93PbfTMdiYfY+wGRl4pD4NhM=
silverlight.js
tslp.s3.amazonaws.com/detect/
4 KB
5 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Last-Modified
Wed, 15 Feb 2017 18:00:03 GMT
Server
AmazonS3
x-amz-request-id
YYQ2JEBB2AMXCZ2V
ETag
"e6dd596d2bc204ea573b868b92028c26"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
4234
x-amz-id-2
ewhxXeylSGXK4lctNeM0VSXnBaB63jm7XSTW7MEAsNvLcByy3lGCzuUufVXDKbBLmRA5hIpaOHU=
wmp.js
tslp.s3.amazonaws.com/detect/
6 KB
6 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/wmp.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Last-Modified
Wed, 15 Feb 2017 15:07:14 GMT
Server
AmazonS3
x-amz-request-id
YYQ00MDCJ35K8FMW
ETag
"ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
5941
x-amz-id-2
bO/R8tkpi6ys+G8qhuz2hfNQ3E0PX6JIhokaUXrOPhThrKvhq6PKFMq0WRndeTZrPU5DdM8T3wo=
bugsnag-2.min.js
d2wy8f7a9ursnm.cloudfront.net/
6 KB
3 KB
Script
General
Full URL
http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
52.222.206.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-53.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 01:11:07 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 10 Aug 2016 00:30:49 GMT
Server
AmazonS3
Age
305838
ETag
"6103bb5e4ec6141e19e1100caafc780c"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
Cache-Control
public, max-age=604800
X-Amz-Cf-Pop
FRA56-P3
Accept-Ranges
bytes
Content-Length
2962
X-Amz-Cf-Id
Ptuelz7bV7UR8XJsSnsNaPBAIjczVUiF2CZggBMtnVVwVSDLpylBzg==
jquery.min.js
hr-internal.co/assets/ajax/libs/jquery/1.9.1/
90 KB
32 KB
Script
General
Full URL
http://hr-internal.co/assets/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Aug 2022 13:02:01 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
all.js
hr-internal.co/assets/
28 KB
7 KB
Script
General
Full URL
http://hr-internal.co/assets/all.js?g=1dc7e26735
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Aug 2022 13:01:55 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Content-Length
7191
Expires
Thu, 31 Dec 2037 23:55:55 GMT
browser_post
hr-internal.co/secure/
0
716 B
XHR
General
Full URL
http://hr-internal.co/secure/browser_post
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-NewRelic-ID
XQ4GVVFACQAAU1VQDwQHUw==
tracestate
1506924@nr=0-1-98147-1307432040-6f225451c9c12be8----1661868504862
traceparent
00-30c65cad73e7b1800303c0d438d542c8-6f225451c9c12be8-01
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6Ijk4MTQ3IiwiYXAiOiIxMzA3NDMyMDQwIiwiaWQiOiI2ZjIyNTQ1MWM5YzEyYmU4IiwidHIiOiIzMGM2NWNhZDczZTdiMTgwMDMwM2MwZDQzOGQ1NDJjOCIsInRpIjoxNjYxODY4NTA0ODYyLCJ0ayI6IjE1MDY5MjQifX0=
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
X-Requested-With
XMLHttpRequest

Response headers

Date
Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
70a788eb-8264-475a-8cdf-b896ec5f5201
X-Runtime
0.006704
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding, Accept
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
2a286691-3b40-4e1e-89e5-f6dd69c812c3
X-Runtime
0.002362
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
3e8a7383-7659-4476-b553-78d16931023c
X-Runtime
0.002396
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
22bf655c-cb70-4469-bc2a-0399f9672198
X-Runtime
0.003015
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
63d3dc74-be0b-4475-9906-b4c5e1432be4
X-Runtime
0.003075
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20browser_version%20%3D%20104&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
a75d8450-edb8-4fe5-b783-6bd0e460ec17
X-Runtime
0.002295
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
add4a3b5-05d4-4057-9821-d0446d1194ed
X-Runtime
0.002302
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
af6505c8-ca7d-4111-835e-dd49c68eb171
X-Runtime
0.001867
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
13f3b238-da0c-401a-b882-be914e8b1a00
X-Runtime
0.002380
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
168a2054-b855-4bc6-aba9-84afb5e7092c
X-Runtime
0.002058
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
e34430cc-93f1-4d60-9d8b-5b537e6e82d4
X-Runtime
0.001894
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
bcdacb62-15a4-49b5-918c-a6596f740538
X-Runtime
0.001892
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
e52665fc-c68e-4c34-9ba3-918b1ca04288
X-Runtime
0.002032
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
4d2d1a51-7a64-40fc-8c2d-c4c171564834
X-Runtime
0.002685
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
bf790991-2edc-4e9c-9add-d000755c0ab6
X-Runtime
0.002190
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
1deec648-04e1-4e38-aab1-6f2f28c6f669
X-Runtime
0.003855
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
8df3e6fa-725a-4c40-9706-47646ab77c7f
X-Runtime
0.002560
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=java_version_pl%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
d1c594b9-04ee-4229-8f8c-9f56f809eb6d
X-Runtime
0.001902
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
dc1ac1fe-6e94-46bd-9f93-6a30a8a2da60
X-Runtime
0.001962
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=java_version_jres%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
9e693a15-09da-48e6-aa98-8acd06a93b53
X-Runtime
0.002135
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=java_version%20%3D%20undefined&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
934044e7-81d1-4970-8037-4b15674cdd59
X-Runtime
0.002248
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=Loading%20flash%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
bd002844-198b-4e56-8f63-5c83754a0e0d
X-Runtime
0.002326
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=flash%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
66f10e81-077a-4406-bf23-ea24cb7988f9
X-Runtime
0.002266
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=Loading%20pdf%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
2eed0d1b-353e-49ab-a509-12b3869ece17
X-Runtime
0.002030
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
44ad398f-11da-480e-a048-ac016b24ad97
X-Runtime
0.001902
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=pdf%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
bec36067-dcc7-4e20-a4f8-87736b3bd84c
X-Runtime
0.002372
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=Loading%20quicktime%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
9418da1d-2cc0-47cd-b194-48a23979026f
X-Runtime
0.002915
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=quicktime%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
2e21f863-6260-49ba-a797-e565ddf48022
X-Runtime
0.002386
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=Loading%20RealPlayer%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
db096c68-0ca3-4208-b3db-38ab9e33f3f2
X-Runtime
0.002326
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=realplayer%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
ab215af7-d9c3-4d13-9942-c29f3a37ef85
X-Runtime
0.002190
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=Loading%20Silverlight%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
0df3786e-5176-4b6b-8f84-8e6ce8bec5ce
X-Runtime
0.001977
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=silverlight%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
eaba004f-67dd-441f-bd84-a3e10374b4f2
X-Runtime
0.002162
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
fdbd51bf-a09a-4c35-8caf-3158f1b04985
X-Runtime
0.002284
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=wmp%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
163e61c5-81c6-4cde-8d81-ced0551eb835
X-Runtime
0.002267
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=redirecting%20to%20%2Fload_training%3Fguid%3Db61dc7e9826735d1%26correlation_id%3D1c83ce17-b3a9-422e-9288-2cd471c6d932&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
d7c74433-b89b-4f28-84e0-13621970849f
X-Runtime
0.002218
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=1dc7e26735&msg=browser_post_successful&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
feaa8409-845a-4729-835c-b57f52d21b7a
X-Runtime
0.002239
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Primary Request load_training
hr-internal.co/
40 KB
15 KB
Document
General
Full URL
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/assets/all.js?g=1dc7e26735
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
4561f9d06ee7a039a004fd90baee232433a422995a0c4b663c5e594049025cc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hr-internal.co/2022-EvolRemun_COMEX.xlsx/351dc7ef826735f6?l=35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 30 Aug 2022 14:08:25 GMT
ETag
W/"4561f9d06ee7a039a004fd90baee2324"
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665 ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
3ec8827e-7d7a-45c7-aafc-f4db394e1ecb
X-Runtime
0.023349
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 14:07:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 30 Aug 2022 14:08:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Aug 2022 14:08:26 GMT
url.css
tslp.s3.amazonaws.com/training/embedded/css/
6 KB
7 KB
Stylesheet
General
Full URL
https://tslp.s3.amazonaws.com/training/embedded/css/url.css
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
18fd69a3bb1fc61221c8d6c3bbbd177c38a21d96392bf2b403ddd9969615cf22

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Tue, 30 Aug 2022 14:08:26 GMT
Last-Modified
Fri, 26 Aug 2022 14:07:46 GMT
Server
AmazonS3
x-amz-request-id
9ZV2EF0TPXWE0H23
ETag
"0560febf38cfe916ab8ffbee8ce4e9fc"
x-amz-version-id
jWFW6Vb_IckPQFjf7Ej9_NT_HlQSyGGs
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
6367
x-amz-id-2
agL8Ien1a9vKJdRz2cPf9IrGR+YLZumBhVY+QtbmW7wrJt0xs0Z2x6mmjrXVGYHOEGrFErqFPyU=
langdrop.css
tslp.s3.amazonaws.com/training/teachable_moments/css/
2 KB
2 KB
Stylesheet
General
Full URL
https://tslp.s3.amazonaws.com/training/teachable_moments/css/langdrop.css
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5243766eedfcba70128c2931dbef8875f942b81e39002d80dc0110167d4ef742

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Tue, 30 Aug 2022 14:08:26 GMT
Last-Modified
Fri, 26 Aug 2022 14:07:49 GMT
Server
AmazonS3
x-amz-request-id
9ZV6YHDFG65W2PJR
ETag
"bc7f970ad0f163bc72c9ae9aa09e1cde"
x-amz-version-id
OhzuQr9n0bqd2zskiPVZjmnmHAmPcoAx
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
1713
x-amz-id-2
s0/L7g52foSVwuL0LZm6xfN6SmReOf4ku6++RWXEr5WTBoVfN+pX00LkIbsDU+q3URKaGK9HIPc=
bugsnag-2.min.js
d2wy8f7a9ursnm.cloudfront.net/
6 KB
3 KB
Script
General
Full URL
http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
52.222.206.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-53.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 01:11:07 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 10 Aug 2016 00:30:49 GMT
Server
AmazonS3
Age
305839
ETag
"6103bb5e4ec6141e19e1100caafc780c"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
Cache-Control
public, max-age=604800
X-Amz-Cf-Pop
FRA56-P3
Accept-Ranges
bytes
Content-Length
2962
X-Amz-Cf-Id
AEm88kCgB9MEAExkx3Aop3Sg75eGCOtjFXo20lpFEP5JgCACoj2XrA==
jquery.min.js
hr-internal.co/assets/ajax/libs/jquery/1.11.0/
94 KB
33 KB
Script
General
Full URL
http://hr-internal.co/assets/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Aug 2022 13:01:55 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
plugin_detect.js
tslp.s3.amazonaws.com/detect/
49 KB
49 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Last-Modified
Wed, 15 Feb 2017 17:56:07 GMT
Server
AmazonS3
x-amz-request-id
9ZV4JQ3AXA410QJ9
ETag
"00a513f07603df01e3b99be00f370754"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
50085
x-amz-id-2
cygD0fsLVibffVhlPoIR8RLMb/VErA9N4nwjVG8Goq5WA0IWBQjsKuQHtSrVd7rTrQu6I4/Bc7Q=
java.js
tslp.s3.amazonaws.com/detect/
50 KB
50 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/java.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Last-Modified
Wed, 15 Feb 2017 14:38:28 GMT
Server
AmazonS3
x-amz-request-id
9ZV3H9WJR4GT5NMW
ETag
"2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
50717
x-amz-id-2
Y4mjRyjbrz0aseRsOmj6HhaJ2COc/eT3RQutYAcHtkS3mNZTSdVIGyj/tnYMf4cNP/s/GnL947E=
deployJava.js
www.java.com/js/
Redirect Chain
  • https://java.com/js/deployJava.js
  • https://www.java.com/js/deployJava.js
18 KB
6 KB
Script
General
Full URL
https://www.java.com/js/deployJava.js
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
H2
Server
2a02:26f0:6c00:29b::196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62
8096267
date
Tue, 30 Aug 2022 14:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
akamai-grn
0.acba1002.1661868505.32c97541
x-oracle-dms-rid
0
content-disposition
attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
5512
x-xss-protection
1
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
etag
"D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19"
vary
Accept-Encoding
x-oracle-dms-ecid
b85274a8-529b-4517-852b-a0c05db569b3-003a160b
content-type
application/javascript
cache-control
public, max-age=86400
expires
Wed, 31 Aug 2022 14:08:26 GMT

Redirect headers

date
Tue, 30 Aug 2022 14:08:25 GMT
server
AkamaiGHost
akamai-grn
0.acba1002.1661868505.32c974db
location
https://www.java.com/js/deployJava.js
cache-control
max-age=86400
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
0
x-xss-protection
1
expires
Wed, 31 Aug 2022 14:08:25 GMT
flash.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/flash.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Last-Modified
Wed, 15 Feb 2017 03:54:01 GMT
Server
AmazonS3
x-amz-request-id
9ZVDWBGWE7KAASHB
ETag
"f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
6680
x-amz-id-2
wBtylILboRSMXd0oATQz9dXsCSWS44hFuMQQuFEGByp5Emyoh0mi8xXPoFKJNUFPCm5JT33Zs4k=
pdf.js
tslp.s3.amazonaws.com/detect/
22 KB
23 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/pdf.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Last-Modified
Wed, 15 Feb 2017 14:39:34 GMT
Server
AmazonS3
x-amz-request-id
9ZV9QTA5H41HNTTK
ETag
"0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
22855
x-amz-id-2
ihr0Ckl/0AMpc6QlmRB/YBR0dULQTcI98lzVh6YqhurKbanUx1aeTwH3AAfTaVsSkcnvcjpDJ9o=
quicktime.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:27 GMT
Last-Modified
Wed, 15 Feb 2017 14:41:05 GMT
Server
AmazonS3
x-amz-request-id
2JW4FTSRGKZR0VM8
ETag
"ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
6999
x-amz-id-2
Ioywnqjih8KFeFqP0M398jTCcziSq3DQFh9atjh+zgdHeZN5wKWQAoW5adewcaEGsQRRRtOp5RU=
realplayer.js
tslp.s3.amazonaws.com/detect/
10 KB
10 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:27 GMT
Last-Modified
Wed, 15 Feb 2017 14:45:02 GMT
Server
AmazonS3
x-amz-request-id
2JW9S042ZV1EWF1S
ETag
"3d7be656672c16a34806c13388410325"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
9775
x-amz-id-2
mygjsuV+0lTyIwAk4aWYhvPDLWHaAW5+VjjRPRzPuhmtkssHrLfo3lvQJwIPg941FGDh2TZlH8U=
silverlight.js
tslp.s3.amazonaws.com/detect/
4 KB
5 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:27 GMT
Last-Modified
Wed, 15 Feb 2017 18:00:03 GMT
Server
AmazonS3
x-amz-request-id
2JW6EVCYE561DHPW
ETag
"e6dd596d2bc204ea573b868b92028c26"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
4234
x-amz-id-2
f+N3L6AqZEqsqI/HPUgJIjRfmzl5q+lUIThtu89C9212jtvOWrcC9RtNQdJZbNr64fq0Kg/LLns=
wmp.js
tslp.s3.amazonaws.com/detect/
6 KB
6 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/wmp.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:27 GMT
Last-Modified
Wed, 15 Feb 2017 15:07:14 GMT
Server
AmazonS3
x-amz-request-id
2JW3FYXRVV9GX4VM
ETag
"ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
5941
x-amz-id-2
c8d0dDa8caMxWqhWok5ij/sI31D0jGwWqp+6RY0LoxES/j/FexLclt/y83BESAT30npliPfkZkk=
default.png
tslp.s3.amazonaws.com/training/embedded/
10 KB
10 KB
Image
General
Full URL
https://tslp.s3.amazonaws.com/training/embedded/default.png
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
37c1bad24983b6ac3d9e31b8c76a814cea88f1300e1e24b2f0d15024c5bdedab

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Tue, 30 Aug 2022 14:08:27 GMT
Last-Modified
Fri, 26 Aug 2022 14:07:46 GMT
Server
AmazonS3
x-amz-request-id
2JW5C67PAR1GP0QT
ETag
"92a487c56c5c7db7a2bc18ce6bd7aa84"
x-amz-version-id
l47MsaK9zz9UtUnGwq3js.oNAplIyUY9
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
10034
x-amz-id-2
bE4T1zm/0T6zgvoRX9tozfWZmW/NFO8n83hRVqRrCJFM2IO0EWshCPXhUrNvfCDMLAzxNqp9hMc=
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/
91 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156140
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33621
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 28 Aug 2023 18:46:06 GMT
language.18071.js
tslp.s3.amazonaws.com/languages/
8 KB
8 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/languages/language.18071.js
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
73f360f08e8c2a1719c098491e17d53cdaa98d246585bfd0285a2afad75c51a7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Tue, 30 Aug 2022 14:08:27 GMT
Last-Modified
Fri, 26 Aug 2022 14:07:38 GMT
Server
AmazonS3
x-amz-request-id
2JWF67ETXQEMB958
ETag
"8b9a9d305bd69c962b600c08f3c69edf"
x-amz-version-id
U_kpSjDDW4npfowvZPZnd2_aKVkUaKPA
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
8207
x-amz-id-2
/crXJOc24cyZ02CpRwgaX+QtXxeHxUgAuk9jmAhw03+YrM+m+vBX9Q+sOjw5WitS5wiMfGBKgL4=
training.js
tslp.s3.amazonaws.com/assets/js/
352 B
811 B
Script
General
Full URL
http://tslp.s3.amazonaws.com/assets/js/training.js
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Tue, 30 Aug 2022 14:08:27 GMT
Last-Modified
Fri, 26 Aug 2022 14:07:38 GMT
Server
AmazonS3
x-amz-request-id
2JWC5K97QF45EZG2
ETag
"029ab28ca3c245dc425e3f3f6599d480"
x-amz-version-id
6KvPBARKn9Wl5VW3Hl_LtK2bIq68QrGH
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
352
x-amz-id-2
YNZJZ0sEvMWuCKAG60k0w7/qXSPWQKc8hApNBIsIE0drQS/qypPQRMPvWse4SwqrhXQ0UISxtt0=
all.js
hr-internal.co/assets/
28 KB
7 KB
Script
General
Full URL
http://hr-internal.co/assets/all.js?guid=1dc7e26735&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Aug 2022 13:01:55 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Content-Length
7191
Expires
Thu, 31 Dec 2037 23:55:55 GMT
hooks-a3eab7.png
tslp.s3.amazonaws.com/training/production/314/
5 KB
5 KB
Image
General
Full URL
https://tslp.s3.amazonaws.com/training/production/314/hooks-a3eab7.png
Requested by
Host: tslp.s3.amazonaws.com
URL: https://tslp.s3.amazonaws.com/training/embedded/css/url.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7789f06bcf267ab54b9bc9c64ea04877c46aa141f67a21a501d908447fd95ebb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tslp.s3.amazonaws.com/training/embedded/css/url.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Tue, 30 Aug 2022 14:08:27 GMT
Last-Modified
Fri, 26 Aug 2022 14:07:48 GMT
Server
AmazonS3
x-amz-request-id
2JW9X3X7R3X0P30T
ETag
"3e598c505586e70346fa62d104dd540f"
x-amz-version-id
.YGCnRqbXkaDTSLNT7EWxvKvKu.lg1.r
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
5003
x-amz-id-2
otqo9gzl/p/UqUaw/YZDSAR0gaDw0QnqXWlklkjeRgdoEQyt1ngho05+f9oiy+EQAuDroBZ7KMo=
mail.png
d25q7gseii1o1q.cloudfront.net/training/fish/
926 B
1 KB
Image
General
Full URL
https://d25q7gseii1o1q.cloudfront.net/training/fish/mail.png
Requested by
Host: tslp.s3.amazonaws.com
URL: https://tslp.s3.amazonaws.com/training/embedded/css/url.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-209.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a35de3a30e58bf477febca8b47225959f48fd384faf088a218d6bf2251f06cbe

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tslp.s3.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 02:07:20 GMT
Via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
Last-Modified
Fri, 30 May 2014 15:01:28 GMT
Server
AmazonS3
Age
43267
ETag
"3c506b80d78539262795c9ba59a0631a"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
926
X-Amz-Cf-Id
E-tXD2VuPEgOPKBhByVjXp3TyyJY9M28egN6WWQe1HaB24IP677bhw==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://hr-internal.co
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 18:50:24 GMT
x-content-type-options
nosniff
age
69482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 18:50:24 GMT
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
3d19e046-924b-41d2-8218-5cca006d278d
X-Runtime
0.001839
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
1c7ef22e-7a30-4de9-ae3b-3d98ff6777a8
X-Runtime
0.002450
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
b08c0dab-4033-45a6-b988-770c844a8d6b
X-Runtime
0.001888
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
en-us.json
tslp.s3.amazonaws.com/training/embedded/translations/url/
2 KB
2 KB
XHR
General
Full URL
http://tslp.s3.amazonaws.com/training/embedded/translations/url/en-us.json
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
52.217.78.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6029db4e8a8928f728f865f2cb26f295ec030e46f621f8296d3af91481e01c27

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://hr-internal.co/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:27 GMT
ETag
"5113dad20241201a33ab81b33233bd01"
Last-Modified
Thu, 28 Jul 2022 16:04:00 GMT
Server
AmazonS3
x-amz-request-id
2JWFJBF80B5F5Z8J
x-amz-server-side-encryption
AES256
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
x-amz-version-id
xV8j7ipjt7r5IXF867C5WtwFqd2iPiM7
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Accept-Ranges
bytes
Content-Type
application/json
Content-Length
1895
x-amz-id-2
+DtQqah3z/C/kMkYmP70f4xLKxT8m3Dq/kTe2F7y0QPoZkiBei/mGV6kyTA58f56W5q17lrwMBA=
log
hr-internal.co/
0
702 B
Image
General
Full URL
http://hr-internal.co/log?id=1dc7e26735&campaign_guid=80acdd184e&msg=screenshot%20id%20exists%20with%20environment%20%3D%20production
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
0b2c3cc8-4a96-4be4-826a-5d1f642e4023
X-Runtime
0.002394
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
log
hr-internal.co/
0
702 B
Image
General
Full URL
http://hr-internal.co/log?id=1dc7e26735&campaign_guid=80acdd184e&msg=screenshot_url%20%3D%20https%3A%2F%2Fts-content-eu.s3-eu-west-1.amazonaws.com%2Fproduction%2Fcampaign_emails%2F80acdd184e%2F1dc7e26735_screenshot.jpg
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
66d06bd5-6a5b-4352-9992-713287cc2a9b
X-Runtime
0.002041
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
1dc7e26735_screenshot.jpg
ts-content-eu.s3-eu-west-1.amazonaws.com/production/campaign_emails/80acdd184e/
39 KB
39 KB
Image
General
Full URL
https://ts-content-eu.s3-eu-west-1.amazonaws.com/production/campaign_emails/80acdd184e/1dc7e26735_screenshot.jpg
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.120.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
2265341b151271f164e9989c291e26feee59a359966806e445e226b40011266a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Tue, 30 Aug 2022 14:08:27 GMT
Last-Modified
Tue, 30 Aug 2022 12:54:14 GMT
Server
AmazonS3
x-amz-request-id
2JWBTY9QB5VM7PEM
ETag
"ed664eb9228eebb0d7c400240aa2fb7e"
Content-Type
Accept-Ranges
bytes
Content-Length
39774
x-amz-id-2
XZE4jbePhO1Qcs8H1T7V87hQKDXseLK+5eCB6cUmkcZ7gyQX9y0UN6P5A1BtNT42OxcBL5UrJRQ=
log
hr-internal.co/
0
702 B
Image
General
Full URL
http://hr-internal.co/log?id=1dc7e26735&campaign_guid=80acdd184e&msg=logo_object%20does%20not%20exist
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
a41b98a7-9aa6-4dc8-a51b-118b35d8f818
X-Runtime
0.002172
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
a326f359-e433-4e2e-9e69-b72652540da2
X-Runtime
0.003187
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
7c3c91d2-4aeb-49ce-9f79-b72c455d176f
X-Runtime
0.001915
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
5bd498e9-8487-45eb-aff6-8679fd286e86
X-Runtime
0.003194
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
2ccf4ab1-7637-4745-8ab7-23d5a9b8effc
X-Runtime
0.002639
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20browser_version%20%3D%20104&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
112b0051-5c8b-442a-894b-17d6f3fa1c72
X-Runtime
0.002017
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
3f0a14d6-b206-4827-813c-371bc14dfef6
X-Runtime
0.002181
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
d6ddb35e-92d0-4fa4-bb74-f1e7d8b1a237
X-Runtime
0.001999
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
7094ee5d-c93f-4a4e-bf2a-912605efd8d4
X-Runtime
0.001962
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
6fa3b1a5-edf5-40ed-a842-4b29134308ef
X-Runtime
0.002386
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
a65e651e-88c0-40f2-8aa1-77c4262d0787
X-Runtime
0.001843
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
4e986d3f-acab-4ae6-816f-eea7c9bc6388
X-Runtime
0.002155
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
b17a9bd9-0a52-4221-8774-a68f7860b7bc
X-Runtime
0.001719
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
bbd7085b-41c4-482e-a85f-4a275e6486df
X-Runtime
0.002779
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
a2080d92-52ab-42f0-858a-2f725080c132
X-Runtime
0.005294
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
7b8712d7-59b5-4a7c-aa6d-832498fd8682
X-Runtime
0.002599
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
d8dd2145-a843-45e5-ac2e-840b635224d3
X-Runtime
0.002723
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=java_version_pl%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
d7e7c1e5-4508-4814-9a96-9e5ec74e2ec2
X-Runtime
0.004184
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
19056155-a91e-41ee-8f3d-f1d45a6b8433
X-Runtime
0.001697
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=java_version_jres%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
8f29b7be-4d25-4963-b977-097a51c15b07
X-Runtime
0.007447
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=java_version%20%3D%20undefined&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
fb887e6e-44a7-4b9f-abac-9b738ebd5855
X-Runtime
0.002937
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=Loading%20flash%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
ecb6024c-ca92-4c6b-9662-5b0889723f50
X-Runtime
0.002128
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=flash%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
e33e9724-aec1-49cb-955d-a852c2750d80
X-Runtime
0.002450
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=Loading%20pdf%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
4eaa5ae3-84df-4e4b-a613-74dcb8be2af6
X-Runtime
0.004176
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
96d15737-a9f9-4eb1-92fc-d85272eb0da9
X-Runtime
0.002747
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=pdf%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
f823df34-439b-4fa8-b293-65559dedb712
X-Runtime
0.001886
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=Loading%20quicktime%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
c30ea941-b26a-4712-833d-4bb842f9bc4f
X-Runtime
0.005551
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=quicktime%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
0fc4d576-d183-4923-9ee3-f9615bbbb1d7
X-Runtime
0.003009
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=Loading%20RealPlayer%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
15b0a34f-a9b2-449d-85fd-e02ac7081969
X-Runtime
0.005950
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=realplayer%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
39c01642-c39f-44ff-8af2-f0be3e9d4c09
X-Runtime
0.002431
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=Loading%20Silverlight%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
13ed1ad6-ed90-4515-bde7-f059ebdd0169
X-Runtime
0.008067
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=silverlight%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
47ffae21-6dff-4723-984f-8e7cbcd6f579
X-Runtime
0.001771
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
3dbe604d-3cac-49c8-becb-dd24555ed3f2
X-Runtime
0.002028
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=wmp%20%3D%20unknown&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
6ddf6cdb-e1a9-4dc2-8799-261343e01215
X-Runtime
0.003253
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=training_page_no_browser_post&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
1b971509-f776-429b-a9e0-64aa94193e8f
X-Runtime
0.002749
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
hr-internal.co/
0
687 B
Image
General
Full URL
http://hr-internal.co/trace?id=b61dc7e9826735d1&msg=redirect_url%20is%20undefined&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Server
99.81.241.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-241-47.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
f5a8e02c-c636-4820-8a9f-bfce9352164f
X-Runtime
0.001814
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
nr-spa-1216.min.js
js-agent.newrelic.com/
49 KB
18 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding
gzip
etag
"63e2df852d15ab21d7ff8fc4363222e8"
x-amz-request-id
Q4SPG68346QHC2ZJ
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
18216
x-amz-id-2
18LOLvnfT7KSu+oo+YphKp5ycMEyY1hVzzcg9IIXeXpMLjw+SQaP2WHNVe56s2k1fhBaDPIfKTE=
x-served-by
cache-cdg20777-CDG
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1661868507.847857,VS0,VE0
date
Tue, 30 Aug 2022 14:08:26 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4819
4b7a74eb40
bam.nr-data.net/1/
49 B
715 B
Script
General
Full URL
https://bam.nr-data.net/1/4b7a74eb40?a=1307428505&v=1216.487a282&to=dVtXQkUKCFpTQxtNFlddV19ZAktFXl5D&rst=1002&ck=1&ref=http://hr-internal.co/load_training&ap=23&be=80&fe=929&dc=653&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1661868505864,%22n%22:0,%22u%22:59,%22ue%22:60,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22ce%22:1,%22rq%22:2,%22rp%22:57,%22rpe%22:89,%22dl%22:60,%22di%22:653,%22ds%22:653,%22de%22:674,%22dc%22:929,%22l%22:929,%22le%22:930%7D,%22navigation%22:%7B%7D%7D&fp=422&fcp=422&jsonp=NREUM.setToken
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://hr-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 14:08:27 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
742e19386fa9d5cd-CDG
4b7a74eb40
bam.nr-data.net/events/1/
24 B
501 B
XHR
General
Full URL
https://bam.nr-data.net/events/1/4b7a74eb40?a=1307428505&v=1216.487a282&to=dVtXQkUKCFpTQxtNFlddV19ZAktFXl5D&rst=1469&ck=1&ref=http://hr-internal.co/load_training
Requested by
Host: hr-internal.co
URL: http://hr-internal.co/load_training?guid=b61dc7e9826735d1&correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
http://hr-internal.co/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 30 Aug 2022 14:08:27 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
http://hr-internal.co
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
742e193aecffd5cd-CDG
Content-Length
24

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hr-internal.co
URL
https://hr-internal.co:49153/alt_pixel_click_1dc7e26735.gif?correlation_id=1c83ce17-b3a9-422e-9288-2cd471c6d932

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Phishing Simulation (Internet)

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| NREUM object| newrelic function| __nr_require object| Bugsnag string| training_page function| $ function| jQuery object| PluginDetect object| detector object| j string| version_regex_base string| version_regex_strict string| version_regex_with_family_modifier object| deployJava object| plugin_detector string| account_logo string| campaign_guid string| company_name string| company_name_possessive string| content_bucket string| correlation_id string| environment string| from_email_address string| subject_line string| target_guid string| template string| language_base_path function| updatePage function| switchLanguage function| sortLanguages function| log_event object| BrowserDetect object| $_GET object| regex object| items string| last string| base_post_url function| log_error function| log_to_console function| log_message boolean| fingerprinted string| tracking_id function| strip function| secureSubmitWithGuid function| secureSubmit function| findUsername function| checkPassword function| secureLogAndRedirect function| sendFingerprint function| imageSender function| sendIndividually function| loadAllInfo object| local_addresses function| redirector function| rewriteLinks function| isFormValid object| img string| s

5 Cookies

Domain/Path Name / Value
hr-internal.co/ Name: EXFILGUID
Value: 1dc7e26735
hr-internal.co/ Name: link_clicked_1dc7e26735
Value: 1
java.com/ Name: akaalb_OCE_Failover
Value: 1661868564~op=JCOM_OCE:oceProdappJcomProdOrigin|~rv=87~m=oceProdappJcomProdOrigin:0|~os=2708f36cb43ca861e42dc0215e4669c5~id=cf08af83adedd9230b54f2ce97336605
www.java.com/ Name: akaalb_OCE_Failover
Value: 1661868564~op=JCOM_OCE:oceProdappJcomProdOrigin|~rv=37~m=oceProdappJcomProdOrigin:0|~os=2708f36cb43ca861e42dc0215e4669c5~id=f8f87326b0bd6f84512f3dd826aa82e6
.nr-data.net/ Name: JSESSIONID
Value: fc451d85ef09c303

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bam.nr-data.net
d25q7gseii1o1q.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
hr-internal.co
java.com
js-agent.newrelic.com
ts-content-eu.s3-eu-west-1.amazonaws.com
tslp.s3.amazonaws.com
www.java.com
hr-internal.co
13.32.118.209
151.101.66.137
162.247.241.14
2a00:1450:4001:828::2003
2a00:1450:400e:80c::200a
2a02:26f0:6c00:29b::196
52.217.78.44
52.218.120.26
52.222.206.53
99.81.241.47
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
18fd69a3bb1fc61221c8d6c3bbbd177c38a21d96392bf2b403ddd9969615cf22
2265341b151271f164e9989c291e26feee59a359966806e445e226b40011266a
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
37c1bad24983b6ac3d9e31b8c76a814cea88f1300e1e24b2f0d15024c5bdedab
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9
4561f9d06ee7a039a004fd90baee232433a422995a0c4b663c5e594049025cc0
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
5243766eedfcba70128c2931dbef8875f942b81e39002d80dc0110167d4ef742
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
6029db4e8a8928f728f865f2cb26f295ec030e46f621f8296d3af91481e01c27
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19
73f360f08e8c2a1719c098491e17d53cdaa98d246585bfd0285a2afad75c51a7
7789f06bcf267ab54b9bc9c64ea04877c46aa141f67a21a501d908447fd95ebb
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238
8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861
a35de3a30e58bf477febca8b47225959f48fd384faf088a218d6bf2251f06cbe
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dfd3b2227498a72587c6d7e18a3a62782a9c0d1192debdad1c2067a053ead15f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729