www.varian.com
151.101.38.133

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Effective URL:
https://www.varian.com/you-have-been-phished-vit
Submission: On June 26 via manual (June 26th 2019, 11:30:04 am UTC) from SG

Summary HTTP 114 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 24 domains to perform 114 HTTP transactions. The main IP is 151.101.38.133, located in Amsterdam, Netherlands and belongs to FASTLY - Fastly, US. The main domain is www.varian.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 2nd 2018. Valid for: a year.

This is the only time www.varian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	52.31.150.82 52.31.150.82	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a02:26f0:f1:... 2a02:26f0:f1:281::196	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.222.149.64 52.222.149.64	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	35.186.205.6 35.186.205.6	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
29	34.248.190.238 34.248.190.238	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
38	151.101.38.133 151.101.38.133	54113 (FASTLY) (FASTLY - Fastly)
2	2606:4700::68... 2606:4700::6813:c697	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2a04:4e42::621 2a04:4e42::621	54113 (FASTLY) (FASTLY - Fastly)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.208.178.139 52.208.178.139	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2606:4700:20:... 2606:4700:20::6819:8a76	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	52.222.157.214 52.222.157.214	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.21.178.134 52.21.178.134	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	52.211.94.188 52.211.94.188	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.222.157.75 52.222.157.75	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	52.213.63.19 52.213.63.19	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.222.157.125 52.222.157.125	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	34.95.92.78 34.95.92.78	15169 (GOOGLE) (GOOGLE - Google LLC)
2 3	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1 1	2620:109:c002... 2620:109:c002::6cae:a0a	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1	52.222.149.144 52.222.149.144	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	34.194.52.254 34.194.52.254	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
5	54.76.203.99 54.76.203.99	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.72.143.230 54.72.143.230	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
114	27

3 52.31.150.82 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com

www.hr-internal.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f1:281::196 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

java.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.64 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-149-64.fra53.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.205.6 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 6.205.186.35.bc.googleusercontent.com

notify.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 34.248.190.238 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

www.hr-internal.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 151.101.38.133 (Amsterdam, Netherlands)

ASN54113 (FASTLY - Fastly, US)

www.varian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42::621 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.178.139 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-178-139.eu-west-1.compute.amazonaws.com

consent.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6819:8a76 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.157.214 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-214.fra53.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.21.178.134 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: pi0-lba1-2-ue1.aws.pardot.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.94.188 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-211-94-188.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.157.75 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-75.fra53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.63.19 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-213-63-19.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.157.125 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-125.fra53.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.92.78 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 78.92.95.34.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:f500:11:101::b93f:9005 (Ireland) 2 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:109:c002::6cae:a0a (United States) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.144 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-149-144.fra53.r.cloudfront.net

d6tizftlrpuof.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.52.254 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-194-52-254.compute-1.amazonaws.com

us2.siteimprove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.76.203.99 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-76-203-99.eu-west-1.compute.amazonaws.com

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.143.230 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-143-230.eu-west-1.compute.amazonaws.com

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	varian.com www.varian.com	983 KB
32	hr-internal.co www.hr-internal.co	26 KB
6	trustarc.com consent.trustarc.com consent-pref.trustarc.com	23 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com	3 KB
4	jsdelivr.net cdn.jsdelivr.net	50 KB
4	google-analytics.com www.google-analytics.com	18 KB
2	bidr.io 2 redirects match.prod.bidr.io	707 B
2	company-target.com api.company-target.com segments.company-target.com	2 KB
2	pardot.com pi.pardot.com	4 KB
2	cloudflare.com cdnjs.cloudflare.com	18 KB
2	cloudfront.net d2wy8f7a9ursnm.cloudfront.net d6tizftlrpuof.cloudfront.net	6 KB
1	siteimprove.com us2.siteimprove.com	406 B
1	rlcdn.com id.rlcdn.com	62 B
1	usabilla.com w.usabilla.com	10 KB
1	licdn.com snap.licdn.com	5 KB
1	demandbase.com scripts.demandbase.com	15 KB
1	siteimproveanalytics.com siteimproveanalytics.com	8 KB
1	truste.com consent.truste.com	2 KB
1	googletagmanager.com www.googletagmanager.com	25 KB
1	aspnetcdn.com ajax.aspnetcdn.com	32 KB
1	bugsnag.com notify.bugsnag.com	110 B
1	googleapis.com ajax.googleapis.com	33 KB
1	java.com java.com	18 KB
0	amazonaws.com Failed tslp.s3.amazonaws.com Failed
114	24

	Domain	Requested by
38	www.varian.com	www.varian.com ajax.aspnetcdn.com
32	www.hr-internal.co	www.hr-internal.co ajax.googleapis.com
5	consent.trustarc.com	consent.truste.com
4	cdn.jsdelivr.net	www.varian.com
4	www.google-analytics.com	www.hr-internal.co www.varian.com
3	px.ads.linkedin.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	pi.pardot.com	www.varian.com pi.pardot.com
2	cdnjs.cloudflare.com	www.varian.com
1	consent-pref.trustarc.com	consent.trustarc.com
1	us2.siteimprove.com
1	d6tizftlrpuof.cloudfront.net	www.varian.com
1	www.linkedin.com	1 redirects
1	id.rlcdn.com
1	segments.company-target.com
1	api.company-target.com	scripts.demandbase.com
1	w.usabilla.com	www.varian.com
1	snap.licdn.com	www.varian.com
1	scripts.demandbase.com	www.varian.com
1	siteimproveanalytics.com	www.varian.com
1	consent.truste.com	www.varian.com
1	www.googletagmanager.com	www.varian.com
1	ajax.aspnetcdn.com	www.varian.com
1	notify.bugsnag.com	www.hr-internal.co
1	ajax.googleapis.com	www.hr-internal.co
1	d2wy8f7a9ursnm.cloudfront.net	www.hr-internal.co
1	java.com	www.hr-internal.co
0	tslp.s3.amazonaws.com Failed	www.hr-internal.co
114	28

This site contains links to these domains. Also see Links.

Domain
www.myvarian.com
patient.varian.com
investors.varian.com
medicalaffairs.varian.com
newsroom.varian.com
www.linkedin.com
twitter.com
www.facebook.com
teamup.varian.com

Subject Issuer	Validity	Valid
www.java.com DigiCert ECC Extended Validation Server CA	`2018-02-21` - `2020-02-21`	2 years	crt.sh
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
*.bugsnag.com COMODO RSA Domain Validation Secure Server CA	`2018-05-18` - `2020-06-01`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
varian.com DigiCert SHA2 Secure Server CA	`2018-10-02` - `2019-10-03`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-02` - `2019-09-08`	6 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-29` - `2020-04-23`	a year	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2018-03-30` - `2020-03-30`	2 years	crt.sh
*.truste.com Go Daddy Secure Certificate Authority - G2	`2018-01-26` - `2021-03-06`	3 years	crt.sh
ssl379359.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-05-27` - `2019-12-03`	6 months	crt.sh
*.demandbase.com Go Daddy Secure Certificate Authority - G2	`2018-09-20` - `2020-11-19`	2 years	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.pardot.com DigiCert SHA2 Secure Server CA	`2019-01-21` - `2020-01-22`	a year	crt.sh
w.usabilla.com Amazon	`2019-05-08` - `2020-06-08`	a year	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2017-08-18` - `2019-08-18`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
*.siteimprove.com DigiCert SHA2 Secure Server CA	`2018-01-03` - `2020-03-11`	2 years	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2017-07-18` - `2020-07-17`	3 years	crt.sh

This page contains 4 frames:

Primary Page: https://www.varian.com/you-have-been-phished-vit
Frame ID: 8029AE2E707E98E86E491C8201FA41D7
Requests: 111 HTTP requests in this frame

Frame: https://w.usabilla.com/43d051c3eef2.js?lv=1
Frame ID: 1D04E3B9EE8EDC0017E14D22D18F03B0
Requests: 1 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/varian-medical-systems-button-3714f7c9eb6a13e2258af0815eeb493a.png
Frame ID: 6D7675B280F25345D267799A44DCF74C
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=varian&site=varian.com&action=notice&country=de&locale=en&behavior=expressed&layout=default_eu&from=https://consent.trustarc.com/
Frame ID: 90F8513F505C1D37D8C3466048F154BF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.hr-internal.co/Compensation/e0caa67cdf?l=10 Page URL
https://www.varian.com/you-have-been-phished-vit Page URL

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

script /drupal\.js/i
meta generator /^Drupal(?:\s([\d.]+))?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /drupal\.js/i
meta generator /^Drupal(?:\s([\d.]+))?/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Apache Traffic Server (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /ATS\/?([\d.]+)?/i

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

114
Requests

62 %
HTTPS

36 %
IPv6

24
Domains

28
Subdomains

27
IPs

5
Countries

1278 kB
Transfer

2611 kB
Size

6
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.myvarian.com/s/webinars
Title: Webinars

Search URL Search Domain Scan URL

URL: https://patient.varian.com/
Title: For Patients

Search URL Search Domain Scan URL

URL: http://investors.varian.com/
Title: Investors

Search URL Search Domain Scan URL

URL: http://investors.varian.com/index.php?s=120
Title: Annual Reports

Search URL Search Domain Scan URL

URL: http://investors.varian.com/index.php?s=122
Title: Stock Information

Search URL Search Domain Scan URL

URL: http://investors.varian.com/presentations
Title: Presentations

Search URL Search Domain Scan URL

URL: http://investors.varian.com/index.php?s=19
Title: News & Events

Search URL Search Domain Scan URL

URL: http://investors.varian.com/index.php?s=64
Title: Corporate Governance

Search URL Search Domain Scan URL

URL: http://investors.varian.com/ShareholderServices
Title: Shareholder Services

Search URL Search Domain Scan URL

URL: http://investors.varian.com/index.php?s=11
Title: Investor Contacts

Search URL Search Domain Scan URL

URL: http://medicalaffairs.varian.com/
Title: Medical Affairs

Search URL Search Domain Scan URL

URL: http://newsroom.varian.com/pressreleases
Title: Press Releases

Search URL Search Domain Scan URL

URL: http://newsroom.varian.com/index.php?s=31899
Title: Image Gallery

Search URL Search Domain Scan URL

URL: https://www.myvarian.com/
Title: MyVarian

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?title=You%20have%20been%20phished%20by%20VIT!%20Varian%20Medical%20Systems&url=https://www.varian.com/you-have-been-phished-vit

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=You%20have%20been%20phished%20by%20VIT!%20Varian%20Medical%20Systems%20https://www.varian.com/you-have-been-phished-vit

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.varian.com/you-have-been-phished-vit&p[title]=You%20have%20been%20phished%20by%20VIT!%20Varian%20Medical%20Systems&display=popup

Search URL Search Domain Scan URL

URL: https://teamup.varian.com/sites/forms/SitePages/Security%20Incident.aspx
Title: Report Information Incident

Search URL Search Domain Scan URL

URL: https://www.facebook.com/VarianMedicalSystems

Search URL Search Domain Scan URL

URL: https://twitter.com/VarianMedSys

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/varian-medical-systems

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.hr-internal.co/Compensation/e0caa67cdf?l=10 Page URL
https://www.varian.com/you-have-been-phished-vit Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 46

http://www.google-analytics.com/r/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1783371878&gjid=1289000678&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&_r=1&z=1112162050 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1783371878&gjid=1289000678&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&_r=1&z=1112162050

Request Chain 47

http://www.google-analytics.com/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&z=1106074112 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&z=1106074112

Request Chain 101

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAIdOk66Jq8AABbEFq2vNQ

Request Chain 103

https://px.ads.linkedin.com/collect/?time=1561548625676&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1 HTTP 302
https://px.ads.linkedin.com/collect/?time=1561548625676&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1561548625676%26pid%3D942233%26url%3Dhttps%253A%252F%252Fwww.varian.com%252Fyou-have-been-phished-vit%26fmt%3Djs%26s%3D1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect/?time=1561548625676&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1&cookiesTest=true&liSync=true

114 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set e0caa67cdf Show response
www.hr-internal.co/Compensation/ 4 KB
2 KB 1117ms
46ms Document
text/html 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Server

52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-31-150-82.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

4b1fe8343e20efd635f8686a576fbf1179c21e5e20344e684c4de38649a9f90a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.hr-internal.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 26 Jun 2019 11:30:06 GMT
ETag: W/"c384d8159d736b37260a5f2ec968edaf"
Server: ThreatSim-Web-Server
Set-Cookie: EXFILGUID=e0caa67cdf; path=/ link_clicked_e0caa67cdf=1; path=/
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Host-Info: lw-prd-eu-i-0417ea1d517861d5a ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Request-Id: f83871d8-9799-48db-96e8-9499c5949ec4
X-Runtime: 0.008509
X-XSS-Protection: 1; mode=block
Content-Length: 948
Connection: keep-alive

GET alt_pixel_click_e0caa67cdf.gif
www.hr-internal.co/ 0
0

GET plugin_detect.js
tslp.s3.amazonaws.com/detect/ 0
0

GET java.js
tslp.s3.amazonaws.com/detect/ 0
0

GET
H2 200 deployJava.js Show response
java.com/js/ 18 KB
18 KB 82ms
20ms Script
application/javascript 2a02:26f0:f1:281::196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://java.com/js/deployJava.js

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:f1:281::196 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Oracle-HTTP-Server /

Resource Hash

358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:06 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename=deployJava.js;filename*=UTF-8''deployJava.js
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 18444
x-xss-protection: 1
mdt-type: abinary;charset=UTF-8
last-modified: Fri, 07 Jul 2017 23:29:07 GMT
server: Oracle-HTTP-Server
x-frame-options: SAMEORIGIN
x-oracle-dms-ecid: 005Kza_iK0l9Tcw70Fj8EF0003jI005QfZ
content-type: application/javascript
expires: Thu, 27 Jun 2019 11:30:06 GMT
cache-control: max-age=86400
x-oracle-dms-rid: 0:1

GET flash.js
tslp.s3.amazonaws.com/detect/ 0
0

GET pdf.js
tslp.s3.amazonaws.com/detect/ 0
0

GET quicktime.js
tslp.s3.amazonaws.com/detect/ 0
0

GET realplayer.js
tslp.s3.amazonaws.com/detect/ 0
0

GET silverlight.js
tslp.s3.amazonaws.com/detect/ 0
0

GET wmp.js
tslp.s3.amazonaws.com/detect/ 0
0

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 1268ms
10ms Script
application/javascript 52.222.149.64
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol: HTTP/1.1
Security: , ,
Server: 52.222.149.64 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-149-64.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 02 Jun 2019 00:52:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 294268
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 e9cb084a7980d1028202eee7e07a5589.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
X-Amz-Cf-Pop: FRA53
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: 8qCWmBxM_XHgx3SVBGgVHQpNfZIOxS7hg1vPugOwJ81OeZ8PyOwNSg==

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:815::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 02 Jun 2019 04:33:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 2098570
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 33018
X-XSS-Protection: 0
Expires: Mon, 01 Jun 2020 04:33:56 GMT

GET
H/1.1 200
OK google-tracking.js Show response
www.hr-internal.co/assets/ 455 B
707 B 33ms
33ms Script
application/javascript 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hr-internal.co/assets/google-tracking.js?g=e0caa67cdf
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol: HTTP/1.1
Security: , ,
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 26 Jun 2019 11:30:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Jun 2019 20:27:12 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 316
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.js Show response
www.hr-internal.co/assets/ 28 KB
8 KB 66ms
32ms Script
application/javascript 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hr-internal.co/assets/all.js?g=e0caa67cdf
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol: HTTP/1.1
Security: , ,
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: edba6d4362d8932fef1145d56e534e6746d379187b36eefc6b409764135ef242

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 26 Jun 2019 11:30:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jun 2019 13:15:03 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 7344
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js
notify.bugsnag.com/ 0
110 B 198ms
161ms Image
image/jpeg 35.186.205.6
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notify.bugsnag.com/js?notifierVersion=2.5.0&apiKey=dfe0bf684022c9c6cd5177bd22c32dc4&projectRoot=http%3A%2F%2Fwww.hr-internal.co&context=%2FCompensation%2Fe0caa67cdf&metaData%5Btarget%5D%5Bguid%5D=e0caa67cdf&metaData%5Btarget%5D%5Bcampaign_guid%5D=c2add3b833&metaData%5Btarget%5D%5Btest_mode%5D=false&metaData%5Btarget%5D%5Bredirect_url%5D=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&metaData%5Btarget%5D%5Boutside_window%5D=false&metaData%5Btarget%5D%5Bjava_detection%5D=true&metaData%5Btarget%5D%5Bsilverlight_detection%5D=true&metaData%5Btarget%5D%5Bquicktime_detection%5D=true&metaData%5Btarget%5D%5Badobe_flash_detection%5D=true&metaData%5Btarget%5D%5Bwmp_detection%5D=true&metaData%5Btarget%5D%5Badobe_pdf_detection%5D=true&metaData%5Btarget%5D%5Brealplayer_detection%5D=true&metaData%5Btarget%5D%5Bcorrelation_id%5D=f54acaf9-bfda-4dcf-b4f0-3a4a6a4f7570&metaData%5Btarget%5D%5Bbase_post_url%5D=https%3A%2F%2Fdataentry.eu.threatsim.com&metaData%5Bscript%5D%5Bsrc%5D=&metaData%5Bscript%5D%5Bcontent%5D=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20window.plugin_detector%20%20%3D%20PluginDetect%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20window.console_debug%20%20%20%20%3D%20false%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20window.guid%20%20%20%20%20%20%20%20%20%20%20%20%20%3D%20%22e0caa67cdf%22%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20window.test_mode%20%20%20%20%20%20%20%20%3D%20false%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20window.tracking_id%20%20%20%20%20%20%3D%20%22e0caa67cdf%22%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20window.correlation_id%20%20%20%3D%20%22f54acaf9-bfda-4dcf-b4f0-3a4a6a4f7570%22%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20window.redirect_url%20%20%3D%20%22https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit%22%3B%20%20%20%20%20%20%20%20%20%20%20%20window.base_post_url%20%3D%20%22https%3A%2F%2Fdataentry.eu.threatsim.com%22%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20&releaseStage=production&appVersion=dffc383c1c13270b269aced2e033d64e2b1c81a4&url=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&userAgent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&language=en-US&severity=error&name=ReferenceError&message=Uncaught%20ReferenceError%3A%20PluginDetect%20is%20not%20defined&stacktrace=ReferenceError%3A%20PluginDetect%20is%20not%20defined%0A%20%20%20%20at%20http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10%3A44%3A41&file=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&lineNumber=44&columnNumber=41&payloadVersion=2&ct=img&cb=1561548623080
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.205.6 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 6.205.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:23 GMT
via: 1.1 google
access-control-allow-origin: *
content-type: image/jpeg
status: 200
bugsnag-event-id: 5d13574f0045f51da7410000
alt-svc: clear
content-length: 0

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
18 KB

26ms
14ms

Script
text/javascript

2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Jun 2019 21:35:04 GMT
server: Golfe2
age: 165
date: Wed, 26 Jun 2019 11:27:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17707
expires: Wed, 26 Jun 2019 13:27:38 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 120ms
45ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.002673
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: f494de38-8fd0-4cb2-846b-4a39280e3604

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 114ms
39ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.002689
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 44f36490-f619-4a6c-bfb4-9958da0ca09a

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 124ms
49ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=unknown&msg=found%20guid%20in%20last%20part%20of%20location&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.003059
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 19d132a5-ba04-4118-9620-2efb4352bb81

POST
H/1.1 200
OK browser_post Show response
www.hr-internal.co/secure/ 0
563 B 46ms
46ms XHR
image/gif 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://www.hr-internal.co/secure/browser_post

Requested by

Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Origin: http://www.hr-internal.co
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-Runtime: 0.008344
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 2b9cad6d-4b72-4152-b526-f6170b7efa69

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 41ms
39ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.002027
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 68b38668-5aa1-404b-bf29-01db1da0272b

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 43ms
40ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.002937
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 57cfcc80-921a-4ff2-914c-642b284a8a7d

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 76ms
32ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.003317
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 66e0b417-de0f-4dc6-9774-541f95bf2126

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 82ms
38ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.005562
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 3fb4cb75-7be7-4cea-8055-b7d059669623

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 83ms
39ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20browser_version%20%3D%2074&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.003593
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 78158287-eae9-4e46-80d9-cbf0364a1f8b

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 32ms
31ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.002781
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 4e0bb44a-e113-4559-9a03-d6f464d3d63e

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 34ms
34ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20os_version%20%3D%2010.14.5&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.002616
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 2d446526-72d2-4f61-a0df-45540346467b

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 39ms
38ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.006079
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: da7065fb-a319-4436-9f5e-40797ade4d5e

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 32ms
30ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.001452
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: ee60bbc4-996a-44a3-8d50-2067281be50e

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 32ms
31ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.002075
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 911c4559-0b41-45cb-97ae-1e9f8bd9bac9

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 34ms
33ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.002325
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: f12d918a-e97b-47e8-b14d-3d7a6cf67bf2

GET
H/1.1 200
OK log
www.hr-internal.co/ 0
563 B 32ms
31ms Image
image/gif 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/log?id=e0caa67cdf&sev=1&msg=PluginDetect%20is%20not%20defined&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.002566
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 12d1ed81-9159-4369-8a04-90563933bdba

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 31ms
30ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.001869
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 6658d586-13bd-43c9-aad5-e3cc70e003bc

GET
H/1.1 200
OK log
www.hr-internal.co/ 0
563 B 32ms
32ms Image
image/gif 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/log?id=e0caa67cdf&sev=1&msg=Cannot%20read%20property%20%27getVersion%27%20of%20undefined&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.002899
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 4c279b74-4f42-4dec-a18b-d49354b6fcb4

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 30ms
30ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.001594
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 80da408f-23a4-48f6-9b32-be9c5d1790c8

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 31ms
30ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=java_version_jres%20%3D%20unknown&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.001998
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 774a2203-677f-4a55-bf89-2f4e44f54fdf

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 41ms
39ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=java_version%20%3D%20undefined&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.004500
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 4522983a-3b25-4842-a4fd-251c5e77acfa

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 34ms
31ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20flash%20version&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.002419
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 1af21e16-b8d0-4fa1-8a1c-e1ea8acb1bd6

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 38ms
36ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20pdf%20version&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.003990
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 783bffc6-16dc-4f05-8fa9-eae0e5a0e066

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 31ms
30ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20quicktime%20version&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.002714
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: a293ce45-74b9-4015-b25b-a212355e6d69

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 31ms
30ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20RealPlayer%20version&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.002267
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 2d0e3b95-2212-4799-a9db-52ed7538fee6

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 30ms
29ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20Silverlight%20version&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.001407
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 73ee44ba-e055-4143-bcbd-ba3fa412098a

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 36ms
33ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.001906
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: c910c2ab-9158-4182-bbf2-a8d5162ebc94

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 33ms
31ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=redirect_url%20is%20undefined&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.002321
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: f37f8c92-9e12-43a6-b606-8a91b3840dd4

GET
H/1.1 200
OK trace
www.hr-internal.co/ 0
564 B 34ms
32ms Image
text/plain 34.248.190.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co/trace?id=e0caa67cdf&msg=browser_post_successful&correlation_id=undefined

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

HTTP/1.1

Security

, ,

Server

34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-248-190-238.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.001861
Date: Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 97ead52d-35a2-4936-868b-c890aac84d11

GET
H2

200

collect
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp...
https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&v...

35 B
124 B

14ms
14ms

Image
image/gif

2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1783371878&gjid=1289000678&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&_r=1&z=1112162050

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jun 2019 11:30:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1783371878&gjid=1289000678&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&_r=1&z=1112162050
Non-Authoritative-Reason: HSTS

GET
H2

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1...
https://www.google-analytics.com/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=...

35 B
198 B

6ms
6ms

Image
image/gif

2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&z=1106074112

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jun 2019 03:54:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1064145
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&z=1106074112
Non-Authoritative-Reason: HSTS

GET
H2 200 Primary Request you-have-been-phished-vit Show response
www.varian.com/ 94 KB
15 KB 162ms
108ms Document
text/html 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

ebecf9d1791ce8bc2c1c11bd9a41b0030c20874d5a01571dd3c1d0d32978e1f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=900
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.varian.com
:scheme: https
:path: /you-have-been-phished-vit
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Response headers

status: 200
cache-control: public, max-age=10800
content-encoding: gzip
content-language: en
content-type: text/html; charset=utf-8
etag: "1561537334-1"
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Wed, 26 Jun 2019 08:22:14 GMT
link: <https://www.varian.com/you-have-been-phished-vit>; rel="canonical",<https://www.varian.com/node/71371>; rel="shortlink"
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-drupal-cache: HIT
x-frame-options: SAMEORIGIN
x-generator: Drupal 7 (https://www.drupal.org)
x-platform-server: i-052edb9d6808215c1
x-request-id: woguy5soffrs3tefz3n4rezg
via: 1.1 varnish 1.1 varnish
accept-ranges: bytes
date: Wed, 26 Jun 2019 11:30:24 GMT
age: 0
x-served-by: cache-iad2125-IAD, cache-ams21027-AMS
x-cache: MISS, MISS
x-cache-hits: 0, 0
vary: Cookie, Accept-Encoding
strict-transport-security: max-age=900
content-length: 15093

GET
H2 200 css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css
www.varian.com/sites/default/files/css/ 3 KB
1 KB 18ms
12ms Stylesheet
text/css 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/default/files/css/css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

9506997e3569c0ffe818da9db56092a494f510ca9774c894f387a42cbc509dce

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:24 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 638533
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 1046
x-request-id: ae3gqrzp3xih6jhid4lcum5i
x-served-by: cache-iad2141-IAD, cache-ams21027-AMS
last-modified: Thu, 13 Jun 2019 08:38:38 GMT
etag: "5d020b8e-416"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Wed, 03 Jul 2019 02:08:12 GMT

GET
H2 200 css_agZGe2JJulOVesmAwsRiWw4h7p0nQU4coTnkS_WQtRA.css
www.varian.com/sites/default/files/css/ 18 KB
4 KB 18ms
13ms Stylesheet
text/css 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/default/files/css/css_agZGe2JJulOVesmAwsRiWw4h7p0nQU4coTnkS_WQtRA.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

6a06467b6249ba53957ac980c2c4625b0e21ee9d27414e1ca139e44bf590b510

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:24 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 1209188
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 3996
x-request-id: gjq2pkg5gvcxkuck3lz33xyo
x-served-by: cache-iad2141-IAD, cache-ams21027-AMS
last-modified: Tue, 14 May 2019 08:05:03 GMT
etag: "5cda76af-f9c"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Wed, 12 Jun 2019 11:37:05 GMT

GET
H2 200 css_5-ZSonHe8e0CRCx-HUUuCfzkovcWJdGFxPtiOU5-83I.css
www.varian.com/sites/default/files/css/ 5 KB
2 KB 19ms
13ms Stylesheet
text/css 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/default/files/css/css_5-ZSonHe8e0CRCx-HUUuCfzkovcWJdGFxPtiOU5-83I.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

e7e652a271def1ed02442c7e1d452e09fce4a2f71625d185c4fb62394e7ef372

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:24 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 505463
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 1508
x-request-id: wojzw5gi44u42w4zenmezl7w
x-served-by: cache-iad2131-IAD, cache-ams21027-AMS
last-modified: Thu, 13 Jun 2019 08:38:38 GMT
etag: "5d020b8e-5e4"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Thu, 04 Jul 2019 15:06:01 GMT

GET
H2 200 jquery.qtip.min.css
cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/ 9 KB
2 KB 52ms
29ms Stylesheet
text/css 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/jquery.qtip.min.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1132573cc6851509b093bbc0ae558a50adcfaffb3ce09df37e25c2f373e2db18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:24 GMT
content-encoding: br
cf-cache-status: HIT
age: 6182536
cf-ray: 4eced95a0ff7d72d-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
last-modified: Thu, 17 May 2018 09:25:16 GMT
server: cloudflare
etag: W/"5afd4a7c-240a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Mon, 15 Jun 2020 11:30:24 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.035

GET
H2 200 css_LqzqgCscQm_7Ncub_pT57LHyUKa_IBGUCayp2f3XkVI.css
www.varian.com/sites/default/files/css/ 687 B
482 B 19ms
13ms Stylesheet
text/css 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/default/files/css/css_LqzqgCscQm_7Ncub_pT57LHyUKa_IBGUCayp2f3XkVI.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

2eacea802b1c426ffb35cb9bfe94f9ecb1f250a6bf20119409aca9d9fdd79152

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:24 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 505463
x-cache: HIT, HIT
status: 200
x-cache-hits: 6, 2
strict-transport-security: max-age=900
content-length: 324
x-request-id: yz4wukdes353e4sx4a6yfg7f
x-served-by: cache-iad2145-IAD, cache-ams21027-AMS
last-modified: Thu, 13 Jun 2019 08:38:38 GMT
etag: "5d020b8e-144"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Thu, 04 Jul 2019 15:06:01 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/bootstrap/3.3.7/css/ 118 KB
19 KB 45ms
6ms Stylesheet
text/css 2a04:4e42::621
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
status: 200
date: Wed, 26 Jun 2019 11:30:24 GMT
content-length: 19740
x-served-by: cache-ams21036-AMS, cache-fra19127-FRA
etag: W/"1d970-ZSfYvz4ek2i6uMe2D1a8Afo6/Wg"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 drupal-bootstrap.min.css
cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.3.1/7.x-3.x/ 13 KB
3 KB 45ms
6ms Stylesheet
text/css 2a04:4e42::621
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.3.1/7.x-3.x/drupal-bootstrap.min.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

8df03bcf9f789b2985e22d3126245b64ea863898d6f45a9454fbb7a606773ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
status: 200
date: Wed, 26 Jun 2019 11:30:24 GMT
content-length: 3216
x-served-by: cache-ams21041-AMS, cache-fra19127-FRA
etag: W/"33c6-cJMaJha/fM38xNtzJuDgevbSnmI"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
www.varian.com/sites/default/files/css/ 675 KB
112 KB 19ms
14ms Stylesheet
text/css 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

e24c4cf2a491d2345863a7a7f3cbb8dd1296061c46078507e0545edf4e29952b

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:24 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 696580
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 114267
x-request-id: usgcv7ari2qvwlw34htcyj4u
x-served-by: cache-iad2132-IAD, cache-ams21027-AMS
last-modified: Mon, 17 Jun 2019 15:44:00 GMT
etag: "5d07b540-1be5b"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 02 Jul 2019 10:00:45 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 91 KB
32 KB 66ms
12ms Script
application/javascript 152.199.19.160
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.10.2.min.js

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (frc/8F47) /

Resource Hash

0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 32915
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:10:49 GMT
server: ECAcc (frc/8F47)
etag: "80228f4cc33d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery-extend-3.4.0.js Show response
www.varian.com/misc/ 3 KB
2 KB 103ms
98ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/misc/jquery-extend-3.4.0.js?v=1.10.2

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

c54103ba57ee210ca55c052e70415402707548a4e6a68dd6efb3895019bee392

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:25 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 37
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 1
strict-transport-security: max-age=900
content-length: 1416
x-request-id: uqkjyukueoiticskqexw3min
x-served-by: cache-iad2127-IAD, cache-ams21027-AMS
last-modified: Mon, 17 Jun 2019 15:43:02 GMT
etag: W/"5d07b506-d57"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 01:45:09 GMT

GET
H2 200 jquery.once.js Show response
www.varian.com/misc/ 3 KB
1 KB 104ms
99ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/misc/jquery.once.js?v=1.2

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

1430f42c0d760ba8e05bb3762480502e541f654fec5739ee40625ab22dc38c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:25 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 39
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 1
strict-transport-security: max-age=900
content-length: 1135
x-request-id: evvve7sgbkz5wl5iinkeieqi
x-served-by: cache-iad2131-IAD, cache-ams21027-AMS
last-modified: Mon, 17 Jun 2019 15:43:02 GMT
etag: W/"5d07b506-b9e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Thu, 20 Jun 2019 22:36:27 GMT

GET
H2 200 drupal.js Show response
www.varian.com/misc/ 20 KB
8 KB 41ms
36ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/misc/drupal.js?ptp54e

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

5968e6fd2bb447f04cfccd4629a337a9668e8ca1731bf03eefd2ed9840d9a43d

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:24 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 91
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 1
strict-transport-security: max-age=900
content-length: 7891
x-request-id: r56ifpld2l6r2czitclnfj4c
x-served-by: cache-iad2138-IAD, cache-ams21027-AMS
last-modified: Mon, 17 Jun 2019 15:43:02 GMT
etag: W/"5d07b506-4efb"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Wed, 26 Jun 2019 08:10:04 GMT

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/bootstrap/3.3.7/js/ 36 KB
10 KB 52ms
13ms Script
application/javascript 2a04:4e42::621
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cache: MISS, HIT
status: 200
date: Wed, 26 Jun 2019 11:30:24 GMT
content-length: 9832
x-served-by: cache-ams21048-AMS, cache-fra19127-FRA
etag: W/"90b5-QwpEPXSDD+m+Ju/KQx9EjBs3QPk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 fancyfiledelete.js Show response
www.varian.com/sites/all/modules/contrib/fancy_file_delete/js/ 265 B
332 B 39ms
35ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/modules/contrib/fancy_file_delete/js/fancyfiledelete.js?ptp54e

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

4690e8b7c7c1d07d0f3b8fd2e00231ac8ac67a7a821a0cde1cdee8fba89b870b

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:24 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 122
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 1
strict-transport-security: max-age=900
content-length: 193
x-request-id: hvglvuxkdsavcg6qeg6k7uwd
x-served-by: cache-iad2125-IAD, cache-ams21027-AMS
last-modified: Mon, 17 Jun 2019 15:43:03 GMT
etag: W/"5d07b507-109"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Wed, 26 Jun 2019 08:10:04 GMT

GET
H2 200 fancybox.js Show response
www.varian.com/sites/all/modules/contrib/fancybox/ 1 KB
536 B 40ms
36ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/modules/contrib/fancybox/fancybox.js?ptp54e

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

62baaba65b3849ef119a1a63b9ffa5cb188c99bc72a9c585650dfe00c6677160

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:24 GMT
content-encoding: gzip
x-platform-server: i-052edb9d6808215c1
age: 110
x-cache: HIT, HIT
status: 200
x-cache-hits: 140, 1
strict-transport-security: max-age=900
content-length: 403
x-request-id: mf5d5nsfgdrfkd3lchenruaf
x-served-by: cache-iad2128-IAD, cache-ams21027-AMS
last-modified: Mon, 17 Jun 2019 15:43:03 GMT
etag: W/"5d07b507-454"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Wed, 26 Jun 2019 08:10:04 GMT

GET
H2 200 jquery.fancybox.pack.js Show response
www.varian.com/sites/all/libraries/fancybox/source/ 23 KB
10 KB 40ms
36ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/libraries/fancybox/source/jquery.fancybox.pack.js?ptp54e

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:24 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 161
x-cache: HIT, HIT
status: 200
x-cache-hits: 2, 1
strict-transport-security: max-age=900
content-length: 9692
x-request-id: 56bgnimp5cyzqdkynwoe4mrs
x-served-by: cache-iad2130-IAD, cache-ams21027-AMS
last-modified: Mon, 17 Jun 2019 15:43:03 GMT
etag: W/"5d07b507-5a5f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Wed, 26 Jun 2019 08:10:04 GMT

GET
H2 200 jquery.mousewheel-3.0.6.pack.js Show response
www.varian.com/sites/all/libraries/fancybox/lib/ 1 KB
878 B 40ms
35ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/libraries/fancybox/lib/jquery.mousewheel-3.0.6.pack.js?ptp54e

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:24 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 122
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 1
strict-transport-security: max-age=900
content-length: 724
x-request-id: yly7cnfl77evv3mxhmbcewv2
x-served-by: cache-iad2138-IAD, cache-ams21027-AMS
last-modified: Mon, 17 Jun 2019 15:43:03 GMT
etag: W/"5d07b507-568"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Wed, 26 Jun 2019 08:10:04 GMT

GET
H2 200 jquery.qtip.min.js Show response
cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/ 43 KB
16 KB 42ms
22ms Script
application/javascript 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/jquery.qtip.min.js

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

322afd5c4ad9ff1122d7eac8414a69ee716764bb097d44b7db9894bc70d4a726

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:24 GMT
content-encoding: br
cf-cache-status: HIT
age: 6182557
cf-ray: 4eced95a0ff9d72d-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
last-modified: Thu, 17 May 2018 09:25:16 GMT
server: cloudflare
etag: W/"5afd4a7c-ad08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 15 Jun 2020 11:30:24 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.022

GET
H2 200 views-bootstrap-carousel.js Show response
www.varian.com/sites/all/modules/contrib/views_bootstrap/js/ 842 B
581 B 102ms
98ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/modules/contrib/views_bootstrap/js/views-bootstrap-carousel.js?ptp54e

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

e5b51901312c47d085a0ec9880e52b73cd8cb8b1c2f0103bf66405a1325dbdd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:25 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 85
x-cache: HIT, HIT
status: 200
x-cache-hits: 182, 1
strict-transport-security: max-age=900
content-length: 351
x-request-id: woaarzcyj27443k5ud4anzob
x-served-by: cache-iad2132-IAD, cache-ams21027-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: W/"5d07b508-34a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Wed, 26 Jun 2019 08:10:04 GMT

GET
H2 200 googleanalytics.js Show response
www.varian.com/sites/all/modules/contrib/google_analytics/ 6 KB
2 KB 38ms
35ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/modules/contrib/google_analytics/googleanalytics.js?ptp54e

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

312d73c2d350568c141e8b4eb5b3a2eca40d64b56ecf50eb80e37a1f70e1fc2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:24 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 106
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 1
strict-transport-security: max-age=900
content-length: 2052
x-request-id: 6viac3bkqdg7q7denpy55znc
x-served-by: cache-iad2133-IAD, cache-ams21027-AMS
last-modified: Mon, 17 Jun 2019 15:43:03 GMT
etag: W/"5d07b507-1874"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Wed, 26 Jun 2019 08:10:04 GMT

GET
H2 200 qtip.js Show response
www.varian.com/sites/all/modules/contrib/qtip/js/ 2 KB
997 B 48ms
45ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/modules/contrib/qtip/js/qtip.js?ptp54e

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

2a6a8d7c39d6c358f0b98b7572a56dd1c37ce00a2f906d016aa1468e522f408a

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:24 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 91
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 1
strict-transport-security: max-age=900
content-length: 863
x-request-id: qgxyzjycf2mc6badfobzvyf4
x-served-by: cache-iad2146-IAD, cache-ams21027-AMS
last-modified: Mon, 17 Jun 2019 15:43:03 GMT
etag: W/"5d07b507-8ce"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Wed, 26 Jun 2019 08:10:04 GMT

GET
H2 200 jquery.hoverIntent.js Show response
www.varian.com/sites/all/themes/varian_bootstrap/js/build/ 1 KB
801 B 40ms
37ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/jquery.hoverIntent.js?ptp54e

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

d7a65482b04e0c1cec1e03112dc893864ad730fd473b37ce424f259193425fdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:24 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 91
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 15
strict-transport-security: max-age=900
content-length: 591
x-request-id: galnumb6ffebwsxfdoizp35v
x-served-by: cache-iad2145-IAD, cache-ams21027-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: W/"5d07b508-567"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Wed, 26 Jun 2019 08:10:04 GMT

GET
H2 200 jquery.lazyload.js Show response
www.varian.com/sites/all/themes/varian_bootstrap/js/build/ 3 KB
1 KB 47ms
44ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/jquery.lazyload.js?ptp54e

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

9f3c3c551c86975bab0c70f0d3fe75d14b6496198636b6004423e0a1b5cef28a

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:24 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 105
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 1
strict-transport-security: max-age=900
content-length: 1294
x-request-id: qumnfukotr63mkfyuj7mb2ur
x-served-by: cache-iad2128-IAD, cache-ams21027-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: W/"5d07b508-cf8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Wed, 26 Jun 2019 08:10:04 GMT

GET
H2 200 jquery.isonscreen.min.js Show response
www.varian.com/sites/all/themes/varian_bootstrap/js/build/ 451 B
464 B 46ms
42ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/jquery.isonscreen.min.js?ptp54e

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

bd94d3ffc2629e2f302dcb3ca1aec5ea0e9a1d86cb2d2b2599712d89f065af0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:24 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 104
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 1
strict-transport-security: max-age=900
content-length: 283
x-request-id: 2aiia4lsskwe543dyu2nhydk
x-served-by: cache-iad2151-IAD, cache-ams21027-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: W/"5d07b508-1c3"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Wed, 26 Jun 2019 08:10:04 GMT

GET
H2 200 ekko-lightbox.min.js Show response
www.varian.com/sites/all/themes/varian_bootstrap/js/build/ 14 KB
5 KB 45ms
42ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/ekko-lightbox.min.js?ptp54e

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

5d644f1a2d803750758d828a83ac7418c1753001cd446e4fa39aee33f6d26483

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:24 GMT
content-encoding: gzip
x-platform-server: i-052edb9d6808215c1
age: 104
x-cache: HIT, HIT
status: 200
x-cache-hits: 2, 1
strict-transport-security: max-age=900
content-length: 4889
x-request-id: hkdwrae37gjvb6zlwpep6nzi
x-served-by: cache-iad2142-IAD, cache-ams21027-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: W/"5d07b508-3934"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Wed, 26 Jun 2019 08:10:04 GMT

GET
H2 200 varian.js Show response
www.varian.com/sites/all/themes/varian_bootstrap/js/build/ 44 KB
13 KB 48ms
45ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/varian.js?ptp54e

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

e388c79096e39a793cdf1dc4a442b29884ae1665e79970950f44744c6c674608

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:24 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 105
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 1
strict-transport-security: max-age=900
content-length: 13009
x-request-id: jfhmsdcrqysvmaop2q3zzqzi
x-served-by: cache-iad2138-IAD, cache-ams21027-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: W/"5d07b508-af0a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Wed, 26 Jun 2019 08:10:04 GMT

GET
H2 200 logoWhiteSmall.png
www.varian.com/sites/all/themes/varian_bootstrap/images/ 20 KB
20 KB 131ms
128ms Image
image/png 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/images/logoWhiteSmall.png

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

393c82aadf1d1b263a352cd66d8385de31e711b745d01be8b0ab4e3aed30aafd

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:25 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-0a340618b900f1e59
age: 20
x-cache: HIT, HIT
status: 200
content-length: 20386
x-request-id: czaoxwbxxnsorjytb3npvh22
x-served-by: cache-iad2138-IAD, cache-ams21027-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: "5d07b508-4fa2"
strict-transport-security: max-age=900
content-type: image/png
expires: Fri, 21 Jun 2019 22:26:58 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 2, 1

GET
H2 200 lazy.gif
www.varian.com/sites/all/themes/varian_bootstrap/images/ 42 B
196 B 40ms
37ms Image
image/gif 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/images/lazy.gif

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:24 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-052edb9d6808215c1
age: 144
x-cache: HIT, HIT
status: 200
content-length: 42
x-request-id: cjxsr4ps324hd24wifjrnkyq
x-served-by: cache-iad2132-IAD, cache-ams21027-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: "5d07b508-2a"
strict-transport-security: max-age=900
content-type: image/gif
expires: Sun, 23 Jun 2019 17:20:09 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 1, 1

GET
H2 200 phishing_small.jpg
www.varian.com/sites/default/files/ 58 KB
58 KB 117ms
116ms Image
image/jpeg 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varian.com/sites/default/files/phishing_small.jpg

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

6b03344710b3004beecb8645a7679bb057d65bf1faf1cb41f542ba74a09eb76f

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:25 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-0a340618b900f1e59
age: 0
x-cache: MISS, MISS
status: 200
content-length: 59440
x-request-id: iocp5ecrjofi4at3hlpiixlb
x-served-by: cache-iad2135-IAD, cache-ams21027-AMS
last-modified: Mon, 27 Aug 2018 17:04:46 GMT
etag: "5b842f2e-e830"
strict-transport-security: max-age=900
content-type: image/jpeg
expires: Wed, 26 Jun 2019 11:35:25 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 0, 0

GET
H2 200 phish_circle.jpg
www.varian.com/sites/default/files/ 16 KB
16 KB 159ms
157ms Image
image/jpeg 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varian.com/sites/default/files/phish_circle.jpg

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

e6b29b31a54468f48b1d9afca085ff9519528225005003fe6c61d7d9b5e98606

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:25 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-052edb9d6808215c1
age: 0
x-cache: MISS, MISS
status: 200
content-length: 16665
x-request-id: 4w5537oiu3vfom7r5hcuv7za
x-served-by: cache-iad2145-IAD, cache-ams21027-AMS
last-modified: Mon, 27 Aug 2018 17:05:19 GMT
etag: "5b842f4f-4119"
strict-transport-security: max-age=900
content-type: image/jpeg
expires: Wed, 26 Jun 2019 11:35:25 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 0, 0

GET
H2 200 logoFooter.png
www.varian.com/sites/all/themes/varian_bootstrap/images/ 23 KB
24 KB 15ms
13ms Image
image/png 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/images/logoFooter.png

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

a6c60b251a29da5144ea1a00e54507aea9d39280482c2810f3539b2786b60b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:25 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-0a340618b900f1e59
age: 144
x-cache: HIT, HIT
status: 200
content-length: 24014
x-request-id: mns7m7d5e6vvsemx3whldybb
x-served-by: cache-iad2130-IAD, cache-ams21027-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: "5d07b508-5dce"
strict-transport-security: max-age=900
content-type: image/png
expires: Tue, 25 Jun 2019 23:34:26 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 1, 1

GET
H2 200 bootstrap.js Show response
www.varian.com/sites/all/themes/bootstrap/js/ 10 KB
3 KB 20ms
16ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/bootstrap/js/bootstrap.js?ptp54e

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

0c8a4fa988b7615aa50d5322931e3031ca3d79fdbda4fe47d5dd2eeed05a3d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 11:30:25 GMT
content-encoding: gzip
x-platform-server: i-052edb9d6808215c1
age: 103
x-cache: HIT, HIT
status: 200
x-cache-hits: 2, 1
strict-transport-security: max-age=900
content-length: 3142
x-request-id: zbzkjx3qunubfmm4tmn6o4ve

www.varian.com Open in urlscan Pro 151.101.38.133

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

114 Requests

62 %HTTPS

36 %IPv6

24 Domains

28 Subdomains

27 IPs

5 Countries

1278 kBTransfer

2611 kBSize

6 Cookies

21 Outgoing links

Page URL History

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.varian.com
151.101.38.133

Screenshot
Live screenshot

Full Image

114
Requests

62 %
HTTPS

36 %
IPv6

24
Domains

28
Subdomains

27
IPs

5
Countries

1278 kB
Transfer

2611 kB
Size

6
Cookies

114 HTTP transactions
0 data transactions