urlscan.io logo urlscan.io
SecurityTrails logo

www.varian.com Open in urlscan Pro
151.101.38.133  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Effective URL: https://www.varian.com/you-have-been-phished-vit
Submission: On June 26 via manual from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 5 countries across 24 domains to perform 114 HTTP transactions. The main IP is 151.101.38.133, located in Amsterdam, Netherlands and belongs to FASTLY - Fastly, US. The main domain is www.varian.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 2nd 2018. Valid for: a year.
This is the only time www.varian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 52.31.150.82 16509 (AMAZON-02)
1 2a02:26f0:f1:... 20940 (AKAMAI-ASN1)
1 52.222.149.64 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.186.205.6 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
29 34.248.190.238 16509 (AMAZON-02)
38 151.101.38.133 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a04:4e42::621 54113 (FASTLY)
1 152.199.19.160 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.208.178.139 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.222.157.214 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 52.21.178.134 14618 (AMAZON-AES)
1 52.211.94.188 16509 (AMAZON-02)
1 52.222.157.75 16509 (AMAZON-02)
2 2 52.213.63.19 16509 (AMAZON-02)
1 52.222.157.125 16509 (AMAZON-02)
1 34.95.92.78 15169 (GOOGLE)
2 3 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2620:109:c002... 14413 (LINKEDIN)
1 52.222.149.144 16509 (AMAZON-02)
1 34.194.52.254 14618 (AMAZON-AES)
5 54.76.203.99 16509 (AMAZON-02)
1 54.72.143.230 16509 (AMAZON-02)
114 27
3    52.31.150.82 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
www.hr-internal.co
1    2a02:26f0:f1:281::196 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
java.com
1    52.222.149.64 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-149-64.fra53.r.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
1    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    35.186.205.6 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 6.205.186.35.bc.googleusercontent.com
notify.bugsnag.com
4    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
29    34.248.190.238 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
www.hr-internal.co
38    151.101.38.133 (Amsterdam, Netherlands)

ASN54113 (FASTLY - Fastly, US)
www.varian.com
2    2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
4    2a04:4e42::621 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)
cdn.jsdelivr.net
1    152.199.19.160 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ajax.aspnetcdn.com
1    2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    52.208.178.139 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-178-139.eu-west-1.compute.amazonaws.com
consent.truste.com
1    2606:4700:20::6819:8a76 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
siteimproveanalytics.com
1    52.222.157.214 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-214.fra53.r.cloudfront.net
scripts.demandbase.com
1    2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
snap.licdn.com
2    52.21.178.134 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: pi0-lba1-2-ue1.aws.pardot.com
pi.pardot.com
1    52.211.94.188 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-211-94-188.eu-west-1.compute.amazonaws.com
w.usabilla.com
1    52.222.157.75 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-75.fra53.r.cloudfront.net
api.company-target.com
2    52.213.63.19 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-213-63-19.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    52.222.157.125 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-125.fra53.r.cloudfront.net
segments.company-target.com
1    34.95.92.78 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 78.92.95.34.bc.googleusercontent.com
id.rlcdn.com
3    2a05:f500:11:101::b93f:9005 (Ireland)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)
px.ads.linkedin.com
1    2620:109:c002::6cae:a0a (United States)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)
www.linkedin.com
1    52.222.149.144 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-149-144.fra53.r.cloudfront.net
d6tizftlrpuof.cloudfront.net
1    34.194.52.254 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-194-52-254.compute-1.amazonaws.com
us2.siteimprove.com
5    54.76.203.99 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-76-203-99.eu-west-1.compute.amazonaws.com
consent.trustarc.com
1    54.72.143.230 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-143-230.eu-west-1.compute.amazonaws.com
consent-pref.trustarc.com
Domain Requested by
38 www.varian.com www.varian.com
ajax.aspnetcdn.com
32 www.hr-internal.co www.hr-internal.co
ajax.googleapis.com
5 consent.trustarc.com consent.truste.com
4 cdn.jsdelivr.net www.varian.com
4 www.google-analytics.com www.hr-internal.co
www.varian.com
3 px.ads.linkedin.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 pi.pardot.com www.varian.com
pi.pardot.com
2 cdnjs.cloudflare.com www.varian.com
1 consent-pref.trustarc.com consent.trustarc.com
1 us2.siteimprove.com
1 d6tizftlrpuof.cloudfront.net www.varian.com
1 www.linkedin.com 1 redirects
1 id.rlcdn.com
1 segments.company-target.com
1 api.company-target.com scripts.demandbase.com
1 w.usabilla.com www.varian.com
1 snap.licdn.com www.varian.com
1 scripts.demandbase.com www.varian.com
1 siteimproveanalytics.com www.varian.com
1 consent.truste.com www.varian.com
1 www.googletagmanager.com www.varian.com
1 ajax.aspnetcdn.com www.varian.com
1 notify.bugsnag.com www.hr-internal.co
1 ajax.googleapis.com www.hr-internal.co
1 d2wy8f7a9ursnm.cloudfront.net www.hr-internal.co
1 java.com www.hr-internal.co
0 tslp.s3.amazonaws.com Failed www.hr-internal.co
114 28
Subject Issuer Validity Valid
www.java.com
DigiCert ECC Extended Validation Server CA		 2018-02-21 -
2020-02-21		 2 years crt.sh

1970-01-01 -
1970-01-01		 a few seconds crt.sh
*.bugsnag.com
COMODO RSA Domain Validation Secure Server CA		 2018-05-18 -
2020-06-01		 2 years crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
varian.com
DigiCert SHA2 Secure Server CA		 2018-10-02 -
2019-10-03		 a year crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-03-02 -
2019-09-08		 6 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-29 -
2020-04-23		 a year crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2018-03-30 -
2020-03-30		 2 years crt.sh
*.truste.com
Go Daddy Secure Certificate Authority - G2		 2018-01-26 -
2021-03-06		 3 years crt.sh
ssl379359.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-05-27 -
2019-12-03		 6 months crt.sh
*.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2018-09-20 -
2020-11-19		 2 years crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
*.pardot.com
DigiCert SHA2 Secure Server CA		 2019-01-21 -
2020-01-22		 a year crt.sh
w.usabilla.com
Amazon		 2019-05-08 -
2020-06-08		 a year crt.sh
*.company-target.com
Go Daddy Secure Certificate Authority - G2		 2017-08-18 -
2019-08-18		 2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-24 -
2020-04-23		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2019-05-29 -
2021-06-29		 2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2018-10-08 -
2019-10-09		 a year crt.sh
*.siteimprove.com
DigiCert SHA2 Secure Server CA		 2018-01-03 -
2020-03-11		 2 years crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2		 2017-07-18 -
2020-07-17		 3 years crt.sh

This page contains 4 frames:

Primary Page: https://www.varian.com/you-have-been-phished-vit
Frame ID: 8029AE2E707E98E86E491C8201FA41D7
Requests: 111 HTTP requests in this frame

Frame: https://w.usabilla.com/43d051c3eef2.js?lv=1
Frame ID: 1D04E3B9EE8EDC0017E14D22D18F03B0
Requests: 1 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/varian-medical-systems-button-3714f7c9eb6a13e2258af0815eeb493a.png
Frame ID: 6D7675B280F25345D267799A44DCF74C
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=varian&site=varian.com&action=notice&country=de&locale=en&behavior=expressed&layout=default_eu&from=https://consent.trustarc.com/
Frame ID: 90F8513F505C1D37D8C3466048F154BF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.hr-internal.co/Compensation/e0caa67cdf?l=10 Page URL
  2. https://www.varian.com/you-have-been-phished-vit Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /drupal\.js/i
  • meta generator /^Drupal(?:\s([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /drupal\.js/i
  • meta generator /^Drupal(?:\s([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /ATS\/?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • script /lightbox.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

114
Requests

62 %
HTTPS

36 %
IPv6

24
Domains

28
Subdomains

27
IPs

5
Countries

1278 kB
Transfer

2611 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.hr-internal.co/Compensation/e0caa67cdf?l=10 Page URL
  2. https://www.varian.com/you-have-been-phished-vit Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 46
  • http://www.google-analytics.com/r/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1783371878&gjid=1289000678&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&_r=1&z=1112162050 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1783371878&gjid=1289000678&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&_r=1&z=1112162050
Request Chain 47
  • http://www.google-analytics.com/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&z=1106074112 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&z=1106074112
Request Chain 101
  • https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
  • https://segments.company-target.com/log?vendor=choca&user_id=AAIdOk66Jq8AABbEFq2vNQ
Request Chain 103
  • https://px.ads.linkedin.com/collect/?time=1561548625676&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1 HTTP 302
  • https://px.ads.linkedin.com/collect/?time=1561548625676&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1561548625676%26pid%3D942233%26url%3Dhttps%253A%252F%252Fwww.varian.com%252Fyou-have-been-phished-vit%26fmt%3Djs%26s%3D1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect/?time=1561548625676&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1&cookiesTest=true&liSync=true

114 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set e0caa67cdf
www.hr-internal.co/Compensation/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
4b1fe8343e20efd635f8686a576fbf1179c21e5e20344e684c4de38649a9f90a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.hr-internal.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 26 Jun 2019 11:30:06 GMT
ETag
W/"c384d8159d736b37260a5f2ec968edaf"
Server
ThreatSim-Web-Server
Set-Cookie
EXFILGUID=e0caa67cdf; path=/ link_clicked_e0caa67cdf=1; path=/
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Request-Id
f83871d8-9799-48db-96e8-9499c5949ec4
X-Runtime
0.008509
X-XSS-Protection
1; mode=block
Content-Length
948
Connection
keep-alive
alt_pixel_click_e0caa67cdf.gif
www.hr-internal.co/ 		0
0
plugin_detect.js
tslp.s3.amazonaws.com/detect/ 		0
0
java.js
tslp.s3.amazonaws.com/detect/ 		0
0
deployJava.js
java.com/js/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://java.com/js/deployJava.js
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f1:281::196 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Oracle-HTTP-Server /
Resource Hash
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:06 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename=deployJava.js;filename*=UTF-8''deployJava.js
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
18444
x-xss-protection
1
mdt-type
abinary;charset=UTF-8
last-modified
Fri, 07 Jul 2017 23:29:07 GMT
server
Oracle-HTTP-Server
x-frame-options
SAMEORIGIN
x-oracle-dms-ecid
005Kza_iK0l9Tcw70Fj8EF0003jI005QfZ
content-type
application/javascript
expires
Thu, 27 Jun 2019 11:30:06 GMT
cache-control
max-age=86400
x-oracle-dms-rid
0:1
flash.js
tslp.s3.amazonaws.com/detect/ 		0
0
pdf.js
tslp.s3.amazonaws.com/detect/ 		0
0
quicktime.js
tslp.s3.amazonaws.com/detect/ 		0
0
realplayer.js
tslp.s3.amazonaws.com/detect/ 		0
0
silverlight.js
tslp.s3.amazonaws.com/detect/ 		0
0
wmp.js
tslp.s3.amazonaws.com/detect/ 		0
0
bugsnag-2.min.js
d2wy8f7a9ursnm.cloudfront.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
52.222.149.64 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 02 Jun 2019 00:52:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Aug 2016 00:30:49 GMT
Server
AmazonS3
Age
294268
ETag
"6103bb5e4ec6141e19e1100caafc780c"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 e9cb084a7980d1028202eee7e07a5589.cloudfront.net (CloudFront)
Cache-Control
public, max-age=604800
X-Amz-Cf-Pop
FRA53
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2962
X-Amz-Cf-Id
8qCWmBxM_XHgx3SVBGgVHQpNfZIOxS7hg1vPugOwJ81OeZ8PyOwNSg==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 02 Jun 2019 04:33:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
2098570
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
33018
X-XSS-Protection
0
Expires
Mon, 01 Jun 2020 04:33:56 GMT
google-tracking.js
www.hr-internal.co/assets/ 		455 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.hr-internal.co/assets/google-tracking.js?g=e0caa67cdf
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 26 Jun 2019 11:30:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jun 2019 20:27:12 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Content-Length
316
Expires
Thu, 31 Dec 2037 23:55:55 GMT
all.js
www.hr-internal.co/assets/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.hr-internal.co/assets/all.js?g=e0caa67cdf
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
edba6d4362d8932fef1145d56e534e6746d379187b36eefc6b409764135ef242

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 26 Jun 2019 11:30:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jun 2019 13:15:03 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Content-Length
7344
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js
notify.bugsnag.com/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notify.bugsnag.com/js?notifierVersion=2.5.0&apiKey=dfe0bf684022c9c6cd5177bd22c32dc4&projectRoot=http%3A%2F%2Fwww.hr-internal.co&context=%2FCompensation%2Fe0caa67cdf&metaData%5Btarget%5D%5Bguid%5D=e0caa67cdf&metaData%5Btarget%5D%5Bcampaign_guid%5D=c2add3b833&metaData%5Btarget%5D%5Btest_mode%5D=false&metaData%5Btarget%5D%5Bredirect_url%5D=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&metaData%5Btarget%5D%5Boutside_window%5D=false&metaData%5Btarget%5D%5Bjava_detection%5D=true&metaData%5Btarget%5D%5Bsilverlight_detection%5D=true&metaData%5Btarget%5D%5Bquicktime_detection%5D=true&metaData%5Btarget%5D%5Badobe_flash_detection%5D=true&metaData%5Btarget%5D%5Bwmp_detection%5D=true&metaData%5Btarget%5D%5Badobe_pdf_detection%5D=true&metaData%5Btarget%5D%5Brealplayer_detection%5D=true&metaData%5Btarget%5D%5Bcorrelation_id%5D=f54acaf9-bfda-4dcf-b4f0-3a4a6a4f7570&metaData%5Btarget%5D%5Bbase_post_url%5D=https%3A%2F%2Fdataentry.eu.threatsim.com&metaData%5Bscript%5D%5Bsrc%5D=&metaData%5Bscript%5D%5Bcontent%5D=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20window.plugin_detector%20%20%3D%20PluginDetect%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20window.console_debug%20%20%20%20%3D%20false%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20window.guid%20%20%20%20%20%20%20%20%20%20%20%20%20%3D%20%22e0caa67cdf%22%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20window.test_mode%20%20%20%20%20%20%20%20%3D%20false%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20window.tracking_id%20%20%20%20%20%20%3D%20%22e0caa67cdf%22%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20window.correlation_id%20%20%20%3D%20%22f54acaf9-bfda-4dcf-b4f0-3a4a6a4f7570%22%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20window.redirect_url%20%20%3D%20%22https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit%22%3B%20%20%20%20%20%20%20%20%20%20%20%20window.base_post_url%20%3D%20%22https%3A%2F%2Fdataentry.eu.threatsim.com%22%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20&releaseStage=production&appVersion=dffc383c1c13270b269aced2e033d64e2b1c81a4&url=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&userAgent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&language=en-US&severity=error&name=ReferenceError&message=Uncaught%20ReferenceError%3A%20PluginDetect%20is%20not%20defined&stacktrace=ReferenceError%3A%20PluginDetect%20is%20not%20defined%0A%20%20%20%20at%20http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10%3A44%3A41&file=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&lineNumber=44&columnNumber=41&payloadVersion=2&ct=img&cb=1561548623080
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.205.6 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
6.205.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:23 GMT
via
1.1 google
access-control-allow-origin
*
content-type
image/jpeg
status
200
bugsnag-event-id
5d13574f0045f51da7410000
alt-svc
clear
content-length
0
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:35:04 GMT
server
Golfe2
age
165
date
Wed, 26 Jun 2019 11:27:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17707
expires
Wed, 26 Jun 2019 13:27:38 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002673
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
f494de38-8fd0-4cb2-846b-4a39280e3604
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002689
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
44f36490-f619-4a6c-bfb4-9958da0ca09a
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=unknown&msg=found%20guid%20in%20last%20part%20of%20location&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.003059
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
19d132a5-ba04-4118-9620-2efb4352bb81
browser_post
www.hr-internal.co/secure/ 		0
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.hr-internal.co/secure/browser_post
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Origin
http://www.hr-internal.co
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-Runtime
0.008344
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
2b9cad6d-4b72-4152-b526-f6170b7efa69
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002027
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
68b38668-5aa1-404b-bf29-01db1da0272b
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002937
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
57cfcc80-921a-4ff2-914c-642b284a8a7d
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.003317
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
66e0b417-de0f-4dc6-9774-541f95bf2126
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.005562
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
3fb4cb75-7be7-4cea-8055-b7d059669623
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20browser_version%20%3D%2074&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.003593
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
78158287-eae9-4e46-80d9-cbf0364a1f8b
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002781
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
4e0bb44a-e113-4559-9a03-d6f464d3d63e
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20os_version%20%3D%2010.14.5&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002616
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
2d446526-72d2-4f61-a0df-45540346467b
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.006079
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
da7065fb-a319-4436-9f5e-40797ade4d5e
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.001452
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
ee60bbc4-996a-44a3-8d50-2067281be50e
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002075
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
911c4559-0b41-45cb-97ae-1e9f8bd9bac9
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002325
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
f12d918a-e97b-47e8-b14d-3d7a6cf67bf2
log
www.hr-internal.co/ 		0
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/log?id=e0caa67cdf&sev=1&msg=PluginDetect%20is%20not%20defined&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002566
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
12d1ed81-9159-4369-8a04-90563933bdba
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.001869
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
6658d586-13bd-43c9-aad5-e3cc70e003bc
log
www.hr-internal.co/ 		0
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/log?id=e0caa67cdf&sev=1&msg=Cannot%20read%20property%20%27getVersion%27%20of%20undefined&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002899
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
4c279b74-4f42-4dec-a18b-d49354b6fcb4
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.001594
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
80da408f-23a4-48f6-9b32-be9c5d1790c8
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=java_version_jres%20%3D%20unknown&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.001998
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
774a2203-677f-4a55-bf89-2f4e44f54fdf
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=java_version%20%3D%20undefined&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.004500
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
4522983a-3b25-4842-a4fd-251c5e77acfa
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20flash%20version&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002419
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
1af21e16-b8d0-4fa1-8a1c-e1ea8acb1bd6
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20pdf%20version&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.003990
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
783bffc6-16dc-4f05-8fa9-eae0e5a0e066
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20quicktime%20version&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002714
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
a293ce45-74b9-4015-b25b-a212355e6d69
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20RealPlayer%20version&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002267
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
2d0e3b95-2212-4799-a9db-52ed7538fee6
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20Silverlight%20version&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.001407
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
73ee44ba-e055-4143-bcbd-ba3fa412098a
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.001906
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
c910c2ab-9158-4182-bbf2-a8d5162ebc94
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=redirect_url%20is%20undefined&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002321
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
f37f8c92-9e12-43a6-b606-8a91b3840dd4
trace
www.hr-internal.co/ 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=browser_post_successful&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.001861
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
97ead52d-35a2-4936-868b-c890aac84d11
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp...
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&v...
35 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1783371878&gjid=1289000678&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&_r=1&z=1112162050
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2019 11:30:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1783371878&gjid=1289000678&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&_r=1&z=1112162050
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1...
  • https://www.google-analytics.com/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=...
35 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&z=1106074112
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jun 2019 03:54:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1064145
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&z=1106074112
Non-Authoritative-Reason
HSTS
Primary Request you-have-been-phished-vit
www.varian.com/ 		94 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
ebecf9d1791ce8bc2c1c11bd9a41b0030c20874d5a01571dd3c1d0d32978e1f3
Security Headers
Name Value
Strict-Transport-Security max-age=900
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.varian.com
:scheme
https
:path
/you-have-been-phished-vit
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Response headers

status
200
cache-control
public, max-age=10800
content-encoding
gzip
content-language
en
content-type
text/html; charset=utf-8
etag
"1561537334-1"
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Wed, 26 Jun 2019 08:22:14 GMT
link
<https://www.varian.com/you-have-been-phished-vit>; rel="canonical",<https://www.varian.com/node/71371>; rel="shortlink"
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-drupal-cache
HIT
x-frame-options
SAMEORIGIN
x-generator
Drupal 7 (https://www.drupal.org)
x-platform-server
i-052edb9d6808215c1
x-request-id
woguy5soffrs3tefz3n4rezg
via
1.1 varnish 1.1 varnish
accept-ranges
bytes
date
Wed, 26 Jun 2019 11:30:24 GMT
age
0
x-served-by
cache-iad2125-IAD, cache-ams21027-AMS
x-cache
MISS, MISS
x-cache-hits
0, 0
vary
Cookie, Accept-Encoding
strict-transport-security
max-age=900
content-length
15093
css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css
www.varian.com/sites/default/files/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/default/files/css/css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
9506997e3569c0ffe818da9db56092a494f510ca9774c894f387a42cbc509dce
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
638533
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
1046
x-request-id
ae3gqrzp3xih6jhid4lcum5i
x-served-by
cache-iad2141-IAD, cache-ams21027-AMS
last-modified
Thu, 13 Jun 2019 08:38:38 GMT
etag
"5d020b8e-416"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=1209600
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 03 Jul 2019 02:08:12 GMT
css_agZGe2JJulOVesmAwsRiWw4h7p0nQU4coTnkS_WQtRA.css
www.varian.com/sites/default/files/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/default/files/css/css_agZGe2JJulOVesmAwsRiWw4h7p0nQU4coTnkS_WQtRA.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
6a06467b6249ba53957ac980c2c4625b0e21ee9d27414e1ca139e44bf590b510
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
1209188
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
3996
x-request-id
gjq2pkg5gvcxkuck3lz33xyo
x-served-by
cache-iad2141-IAD, cache-ams21027-AMS
last-modified
Tue, 14 May 2019 08:05:03 GMT
etag
"5cda76af-f9c"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=1209600
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 12 Jun 2019 11:37:05 GMT
css_5-ZSonHe8e0CRCx-HUUuCfzkovcWJdGFxPtiOU5-83I.css
www.varian.com/sites/default/files/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/default/files/css/css_5-ZSonHe8e0CRCx-HUUuCfzkovcWJdGFxPtiOU5-83I.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e7e652a271def1ed02442c7e1d452e09fce4a2f71625d185c4fb62394e7ef372
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
505463
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
1508
x-request-id
wojzw5gi44u42w4zenmezl7w
x-served-by
cache-iad2131-IAD, cache-ams21027-AMS
last-modified
Thu, 13 Jun 2019 08:38:38 GMT
etag
"5d020b8e-5e4"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=1209600
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Thu, 04 Jul 2019 15:06:01 GMT
jquery.qtip.min.css
cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/jquery.qtip.min.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1132573cc6851509b093bbc0ae558a50adcfaffb3ce09df37e25c2f373e2db18
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
br
cf-cache-status
HIT
age
6182536
cf-ray
4eced95a0ff7d72d-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
last-modified
Thu, 17 May 2018 09:25:16 GMT
server
cloudflare
etag
W/"5afd4a7c-240a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Mon, 15 Jun 2020 11:30:24 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.035
css_LqzqgCscQm_7Ncub_pT57LHyUKa_IBGUCayp2f3XkVI.css
www.varian.com/sites/default/files/css/ 		687 B
482 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/default/files/css/css_LqzqgCscQm_7Ncub_pT57LHyUKa_IBGUCayp2f3XkVI.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
2eacea802b1c426ffb35cb9bfe94f9ecb1f250a6bf20119409aca9d9fdd79152
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
505463
x-cache
HIT, HIT
status
200
x-cache-hits
6, 2
strict-transport-security
max-age=900
content-length
324
x-request-id
yz4wukdes353e4sx4a6yfg7f
x-served-by
cache-iad2145-IAD, cache-ams21027-AMS
last-modified
Thu, 13 Jun 2019 08:38:38 GMT
etag
"5d020b8e-144"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=1209600
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Thu, 04 Jul 2019 15:06:01 GMT
bootstrap.min.css
cdn.jsdelivr.net/bootstrap/3.3.7/css/ 		118 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Wed, 26 Jun 2019 11:30:24 GMT
content-length
19740
x-served-by
cache-ams21036-AMS, cache-fra19127-FRA
etag
W/"1d970-ZSfYvz4ek2i6uMe2D1a8Afo6/Wg"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
drupal-bootstrap.min.css
cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.3.1/7.x-3.x/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.3.1/7.x-3.x/drupal-bootstrap.min.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
8df03bcf9f789b2985e22d3126245b64ea863898d6f45a9454fbb7a606773ab2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Wed, 26 Jun 2019 11:30:24 GMT
content-length
3216
x-served-by
cache-ams21041-AMS, cache-fra19127-FRA
etag
W/"33c6-cJMaJha/fM38xNtzJuDgevbSnmI"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
www.varian.com/sites/default/files/css/ 		675 KB
112 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e24c4cf2a491d2345863a7a7f3cbb8dd1296061c46078507e0545edf4e29952b
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
696580
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
114267
x-request-id
usgcv7ari2qvwlw34htcyj4u
x-served-by
cache-iad2132-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:44:00 GMT
etag
"5d07b540-1be5b"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=1209600
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Tue, 02 Jul 2019 10:00:45 GMT
jquery-1.10.2.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.10.2.min.js
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F47) /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
status
200
content-length
32915
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:10:49 GMT
server
ECAcc (frc/8F47)
etag
"80228f4cc33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
jquery-extend-3.4.0.js
www.varian.com/misc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/misc/jquery-extend-3.4.0.js?v=1.10.2
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
c54103ba57ee210ca55c052e70415402707548a4e6a68dd6efb3895019bee392
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
37
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
strict-transport-security
max-age=900
content-length
1416
x-request-id
uqkjyukueoiticskqexw3min
x-served-by
cache-iad2127-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:02 GMT
etag
W/"5d07b506-d57"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Tue, 25 Jun 2019 01:45:09 GMT
jquery.once.js
www.varian.com/misc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/misc/jquery.once.js?v=1.2
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
1430f42c0d760ba8e05bb3762480502e541f654fec5739ee40625ab22dc38c4f
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
39
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
strict-transport-security
max-age=900
content-length
1135
x-request-id
evvve7sgbkz5wl5iinkeieqi
x-served-by
cache-iad2131-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:02 GMT
etag
W/"5d07b506-b9e"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Thu, 20 Jun 2019 22:36:27 GMT
drupal.js
www.varian.com/misc/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/misc/drupal.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
5968e6fd2bb447f04cfccd4629a337a9668e8ca1731bf03eefd2ed9840d9a43d
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
91
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
strict-transport-security
max-age=900
content-length
7891
x-request-id
r56ifpld2l6r2czitclnfj4c
x-served-by
cache-iad2138-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:02 GMT
etag
W/"5d07b506-4efb"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
bootstrap.min.js
cdn.jsdelivr.net/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
MISS, HIT
status
200
date
Wed, 26 Jun 2019 11:30:24 GMT
content-length
9832
x-served-by
cache-ams21048-AMS, cache-fra19127-FRA
etag
W/"90b5-QwpEPXSDD+m+Ju/KQx9EjBs3QPk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
fancyfiledelete.js
www.varian.com/sites/all/modules/contrib/fancy_file_delete/js/ 		265 B
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/all/modules/contrib/fancy_file_delete/js/fancyfiledelete.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
4690e8b7c7c1d07d0f3b8fd2e00231ac8ac67a7a821a0cde1cdee8fba89b870b
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
122
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
strict-transport-security
max-age=900
content-length
193
x-request-id
hvglvuxkdsavcg6qeg6k7uwd
x-served-by
cache-iad2125-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:03 GMT
etag
W/"5d07b507-109"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
fancybox.js
www.varian.com/sites/all/modules/contrib/fancybox/ 		1 KB
536 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/all/modules/contrib/fancybox/fancybox.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
62baaba65b3849ef119a1a63b9ffa5cb188c99bc72a9c585650dfe00c6677160
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-052edb9d6808215c1
age
110
x-cache
HIT, HIT
status
200
x-cache-hits
140, 1
strict-transport-security
max-age=900
content-length
403
x-request-id
mf5d5nsfgdrfkd3lchenruaf
x-served-by
cache-iad2128-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:03 GMT
etag
W/"5d07b507-454"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
jquery.fancybox.pack.js
www.varian.com/sites/all/libraries/fancybox/source/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/all/libraries/fancybox/source/jquery.fancybox.pack.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
161
x-cache
HIT, HIT
status
200
x-cache-hits
2, 1
strict-transport-security
max-age=900
content-length
9692
x-request-id
56bgnimp5cyzqdkynwoe4mrs
x-served-by
cache-iad2130-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:03 GMT
etag
W/"5d07b507-5a5f"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
jquery.mousewheel-3.0.6.pack.js
www.varian.com/sites/all/libraries/fancybox/lib/ 		1 KB
878 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/all/libraries/fancybox/lib/jquery.mousewheel-3.0.6.pack.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
122
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
strict-transport-security
max-age=900
content-length
724
x-request-id
yly7cnfl77evv3mxhmbcewv2
x-served-by
cache-iad2138-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:03 GMT
etag
W/"5d07b507-568"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
jquery.qtip.min.js
cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/ 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/jquery.qtip.min.js
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
322afd5c4ad9ff1122d7eac8414a69ee716764bb097d44b7db9894bc70d4a726
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
br
cf-cache-status
HIT
age
6182557
cf-ray
4eced95a0ff9d72d-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
last-modified
Thu, 17 May 2018 09:25:16 GMT
server
cloudflare
etag
W/"5afd4a7c-ad08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 15 Jun 2020 11:30:24 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.022
views-bootstrap-carousel.js
www.varian.com/sites/all/modules/contrib/views_bootstrap/js/ 		842 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/all/modules/contrib/views_bootstrap/js/views-bootstrap-carousel.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e5b51901312c47d085a0ec9880e52b73cd8cb8b1c2f0103bf66405a1325dbdd1
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
85
x-cache
HIT, HIT
status
200
x-cache-hits
182, 1
strict-transport-security
max-age=900
content-length
351
x-request-id
woaarzcyj27443k5ud4anzob
x-served-by
cache-iad2132-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
W/"5d07b508-34a"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
googleanalytics.js
www.varian.com/sites/all/modules/contrib/google_analytics/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/all/modules/contrib/google_analytics/googleanalytics.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
312d73c2d350568c141e8b4eb5b3a2eca40d64b56ecf50eb80e37a1f70e1fc2c
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
106
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
strict-transport-security
max-age=900
content-length
2052
x-request-id
6viac3bkqdg7q7denpy55znc
x-served-by
cache-iad2133-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:03 GMT
etag
W/"5d07b507-1874"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
qtip.js
www.varian.com/sites/all/modules/contrib/qtip/js/ 		2 KB
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/all/modules/contrib/qtip/js/qtip.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
2a6a8d7c39d6c358f0b98b7572a56dd1c37ce00a2f906d016aa1468e522f408a
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
91
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
strict-transport-security
max-age=900
content-length
863
x-request-id
qgxyzjycf2mc6badfobzvyf4
x-served-by
cache-iad2146-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:03 GMT
etag
W/"5d07b507-8ce"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
jquery.hoverIntent.js
www.varian.com/sites/all/themes/varian_bootstrap/js/build/ 		1 KB
801 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/jquery.hoverIntent.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
d7a65482b04e0c1cec1e03112dc893864ad730fd473b37ce424f259193425fdb
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
91
x-cache
HIT, HIT
status
200
x-cache-hits
1, 15
strict-transport-security
max-age=900
content-length
591
x-request-id
galnumb6ffebwsxfdoizp35v
x-served-by
cache-iad2145-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
W/"5d07b508-567"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
jquery.lazyload.js
www.varian.com/sites/all/themes/varian_bootstrap/js/build/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/jquery.lazyload.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
9f3c3c551c86975bab0c70f0d3fe75d14b6496198636b6004423e0a1b5cef28a
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
105
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
strict-transport-security
max-age=900
content-length
1294
x-request-id
qumnfukotr63mkfyuj7mb2ur
x-served-by
cache-iad2128-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
W/"5d07b508-cf8"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
jquery.isonscreen.min.js
www.varian.com/sites/all/themes/varian_bootstrap/js/build/ 		451 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/jquery.isonscreen.min.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
bd94d3ffc2629e2f302dcb3ca1aec5ea0e9a1d86cb2d2b2599712d89f065af0d
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
104
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
strict-transport-security
max-age=900
content-length
283
x-request-id
2aiia4lsskwe543dyu2nhydk
x-served-by
cache-iad2151-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
W/"5d07b508-1c3"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
ekko-lightbox.min.js
www.varian.com/sites/all/themes/varian_bootstrap/js/build/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/ekko-lightbox.min.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
5d644f1a2d803750758d828a83ac7418c1753001cd446e4fa39aee33f6d26483
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-052edb9d6808215c1
age
104
x-cache
HIT, HIT
status
200
x-cache-hits
2, 1
strict-transport-security
max-age=900
content-length
4889
x-request-id
hkdwrae37gjvb6zlwpep6nzi
x-served-by
cache-iad2142-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
W/"5d07b508-3934"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
varian.js
www.varian.com/sites/all/themes/varian_bootstrap/js/build/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/varian.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e388c79096e39a793cdf1dc4a442b29884ae1665e79970950f44744c6c674608
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
105
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
strict-transport-security
max-age=900
content-length
13009
x-request-id
jfhmsdcrqysvmaop2q3zzqzi
x-served-by
cache-iad2138-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
W/"5d07b508-af0a"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
logoWhiteSmall.png
www.varian.com/sites/all/themes/varian_bootstrap/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/images/logoWhiteSmall.png
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
393c82aadf1d1b263a352cd66d8385de31e711b745d01be8b0ab4e3aed30aafd
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-0a340618b900f1e59
age
20
x-cache
HIT, HIT
status
200
content-length
20386
x-request-id
czaoxwbxxnsorjytb3npvh22
x-served-by
cache-iad2138-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
"5d07b508-4fa2"
strict-transport-security
max-age=900
content-type
image/png
expires
Fri, 21 Jun 2019 22:26:58 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
2, 1
lazy.gif
www.varian.com/sites/all/themes/varian_bootstrap/images/ 		42 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/images/lazy.gif
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-052edb9d6808215c1
age
144
x-cache
HIT, HIT
status
200
content-length
42
x-request-id
cjxsr4ps324hd24wifjrnkyq
x-served-by
cache-iad2132-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
"5d07b508-2a"
strict-transport-security
max-age=900
content-type
image/gif
expires
Sun, 23 Jun 2019 17:20:09 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 1
phishing_small.jpg
www.varian.com/sites/default/files/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.varian.com/sites/default/files/phishing_small.jpg
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
6b03344710b3004beecb8645a7679bb057d65bf1faf1cb41f542ba74a09eb76f
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-0a340618b900f1e59
age
0
x-cache
MISS, MISS
status
200
content-length
59440
x-request-id
iocp5ecrjofi4at3hlpiixlb
x-served-by
cache-iad2135-IAD, cache-ams21027-AMS
last-modified
Mon, 27 Aug 2018 17:04:46 GMT
etag
"5b842f2e-e830"
strict-transport-security
max-age=900
content-type
image/jpeg
expires
Wed, 26 Jun 2019 11:35:25 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
0, 0
phish_circle.jpg
www.varian.com/sites/default/files/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.varian.com/sites/default/files/phish_circle.jpg
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e6b29b31a54468f48b1d9afca085ff9519528225005003fe6c61d7d9b5e98606
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-052edb9d6808215c1
age
0
x-cache
MISS, MISS
status
200
content-length
16665
x-request-id
4w5537oiu3vfom7r5hcuv7za
x-served-by
cache-iad2145-IAD, cache-ams21027-AMS
last-modified
Mon, 27 Aug 2018 17:05:19 GMT
etag
"5b842f4f-4119"
strict-transport-security
max-age=900
content-type
image/jpeg
expires
Wed, 26 Jun 2019 11:35:25 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
0, 0
logoFooter.png
www.varian.com/sites/all/themes/varian_bootstrap/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/images/logoFooter.png
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
a6c60b251a29da5144ea1a00e54507aea9d39280482c2810f3539b2786b60b88
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-0a340618b900f1e59
age
144
x-cache
HIT, HIT
status
200
content-length
24014
x-request-id
mns7m7d5e6vvsemx3whldybb
x-served-by
cache-iad2130-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
"5d07b508-5dce"
strict-transport-security
max-age=900
content-type
image/png
expires
Tue, 25 Jun 2019 23:34:26 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 1
bootstrap.js
www.varian.com/sites/all/themes/bootstrap/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/all/themes/bootstrap/js/bootstrap.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
0c8a4fa988b7615aa50d5322931e3031ca3d79fdbda4fe47d5dd2eeed05a3d72
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
content-encoding
gzip
x-platform-server
i-052edb9d6808215c1
age
103
x-cache
HIT, HIT
status
200
x-cache-hits
2, 1
strict-transport-security
max-age=900
content-length
3142
x-request-id
zbzkjx3qunubfmm4tmn6o4ve
x-served-by
cache-iad2127-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
W/"5d07b508-26bb"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
analytics.js
www.varian.com/sites/default/files/googleanalytics/ 		43 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/default/files/googleanalytics/analytics.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
140
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
strict-transport-security
max-age=900
content-length
17707
x-request-id
hqq5kpo4e7hxxdsdmwbz357x
x-served-by
cache-iad2140-IAD, cache-ams21027-AMS
last-modified
Wed, 26 Jun 2019 07:04:04 GMT
etag
"5d1318e4-452b"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
fontawesome-webfont.woff2
www.varian.com/sites/all/themes/varian_bootstrap/webfonts// 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/webfonts//fontawesome-webfont.woff2?v=4.6.2
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
2932abf996373e87fbf2e950876b1962f1b57db954a1643ea68831d9fbb74da4
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
Origin
https://www.varian.com

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-05e86949aa238c1c7
age
264
x-cache
HIT, HIT
status
200
content-length
71760
x-request-id
2qn2g43cyzk2ul6uru3v3qau
x-served-by
cache-iad2142-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
"5d07b508-11850"
strict-transport-security
max-age=900
content-type
font/woff2
expires
Sat, 22 Jun 2019 16:31:42 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 1
298938_C_0.woff
www.varian.com/sites/all/themes/varian_bootstrap/webfonts/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/webfonts/298938_C_0.woff
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
39d78049b553bf7900010de8b76ebb17c7bd5b885ff4f432365c85ab9694329d
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
Origin
https://www.varian.com

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-05e86949aa238c1c7
age
143
x-cache
HIT, HIT
status
200
content-length
71780
x-request-id
uvdakj3j6tvismibrwdiqyb7
x-served-by
cache-iad2123-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
"5d07b508-11864"
strict-transport-security
max-age=900
content-type
font/woff
expires
Wed, 26 Jun 2019 03:20:58 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
2, 1
298938_D_0.woff
www.varian.com/sites/all/themes/varian_bootstrap/webfonts/ 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/webfonts/298938_D_0.woff
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
93f28432edd5197c0a4b4bae5953e57c0179bcd1cb8941c7ab564aaa1642518c
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
Origin
https://www.varian.com

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-0a340618b900f1e59
age
144
x-cache
HIT, HIT
status
200
content-length
77756
x-request-id
2qrp2zddgsjblg3qta2nn37s
x-served-by
cache-iad2147-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
"5d07b508-12fbc"
strict-transport-security
max-age=900
content-type
font/woff
expires
Sun, 23 Jun 2019 20:13:53 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
3, 1
glyphicons-halflings-regular.woff2
www.varian.com/sites/all/themes/varian_bootstrap/bootstrap/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/bootstrap/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
Origin
https://www.varian.com

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-052edb9d6808215c1
age
122
x-cache
HIT, HIT
status
200
content-length
18028
x-request-id
d5stdpjppfwb4bveme63yhup
x-served-by
cache-iad2120-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
"5d07b508-466c"
strict-transport-security
max-age=900
content-type
font/woff2
expires
Wed, 26 Jun 2019 10:09:53 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 1
298938_E_0.woff
www.varian.com/sites/all/themes/varian_bootstrap/webfonts/ 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/webfonts/298938_E_0.woff
Requested by
Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.10.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
8811a5e2337b921c7c4aebe8000a1b82cabd24c1f5c50873c57067558cf3eaf7
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
Origin
https://www.varian.com

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-0a340618b900f1e59
age
143
x-cache
HIT, HIT
status
200
content-length
67614
x-request-id
elu3hck4j7puvfys3wb6uccj
x-served-by
cache-iad2138-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
"5d07b508-1081e"
strict-transport-security
max-age=900
content-type
font/woff
expires
Tue, 25 Jun 2019 02:31:42 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 1
298938_B_0.woff
www.varian.com/sites/all/themes/varian_bootstrap/webfonts/ 		82 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/webfonts/298938_B_0.woff
Requested by
Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.10.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
4811efd696ea2d6877a357cd875b59848221d215a12e1f2fe5407a0dae43518c
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
Origin
https://www.varian.com

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-052edb9d6808215c1
age
143
x-cache
HIT, HIT
status
200
content-length
83458
x-request-id
xocakl6e5sx7bkgg4xkl5hr3
x-served-by
cache-iad2121-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
"5d07b508-14602"
strict-transport-security
max-age=900
content-type
font/woff
expires
Sun, 23 Jun 2019 14:57:39 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 1
298938_0_0.woff
www.varian.com/sites/all/themes/varian_bootstrap/webfonts/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/webfonts/298938_0_0.woff
Requested by
Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.10.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
77b4a3f56116e4faabbe3bdaa79755afb2ff75fd1afdcd2bbddeda531f29f5c1
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
Origin
https://www.varian.com

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-0a340618b900f1e59
age
143
x-cache
HIT, HIT
status
200
content-length
40683
x-request-id
4kwvwado534fzk6n22x6w4wj
x-served-by
cache-iad2144-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
"5d07b508-9eeb"
strict-transport-security
max-age=900
content-type
font/woff
expires
Wed, 26 Jun 2019 00:12:17 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 1
298938_A_0.woff
www.varian.com/sites/all/themes/varian_bootstrap/webfonts/ 		85 KB
85 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/webfonts/298938_A_0.woff
Requested by
Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.10.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
c5d155a87e3dbc7c782700ecdbd7afa57930358aa98dfcc52e9ef317e6f3c3f6
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
Origin
https://www.varian.com

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-052edb9d6808215c1
age
143
x-cache
HIT, HIT
status
200
content-length
86566
x-request-id
nzme76d2dp2vtml256d4hjtk
x-served-by
cache-iad2139-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
"5d07b508-15226"
strict-transport-security
max-age=900
content-type
font/woff
expires
Sat, 22 Jun 2019 15:42:49 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 1
you-have-been-phished-vit
www.varian.com/ 		94 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.varian.com/you-have-been-phished-vit
Requested by
Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.10.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
ebecf9d1791ce8bc2c1c11bd9a41b0030c20874d5a01571dd3c1d0d32978e1f3
Security Headers
Name Value
Strict-Transport-Security max-age=900
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.varian.com/you-have-been-phished-vit
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
0
x-cache
MISS, MISS
status
200
strict-transport-security
max-age=900
content-length
15093
x-request-id
ikbsg4i3mpd7d5v2adeqsitw
x-served-by
cache-iad2128-IAD, cache-ams21027-AMS
last-modified
Wed, 26 Jun 2019 08:22:14 GMT
cache-control
public, max-age=10800
x-frame-options
SAMEORIGIN
etag
"1561537334-1"
vary
Cookie, Accept-Encoding
content-language
en
via
1.1 varnish, 1.1 varnish
x-generator
Drupal 7 (https://www.drupal.org)
expires
Sun, 19 Nov 1978 05:00:00 GMT
x-debug-info
eyJyZXRyaWVzIjowfQ==
accept-ranges
bytes
content-type
text/html; charset=utf-8
link
<https://www.varian.com/you-have-been-phished-vit>; rel="canonical",<https://www.varian.com/node/71371>; rel="shortlink"
x-drupal-cache
HIT
x-cache-hits
0, 0
BRAND_001_960x196_BG_6.png
www.varian.com/sites/default/files/default_images/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.varian.com/sites/default/files/default_images/BRAND_001_960x196_BG_6.png
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
da301bacb049c1300be61603ed1bbab216c9c2c089c89ad65bc14571a5ccb1bf
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-0a340618b900f1e59
age
245
x-cache
HIT, MISS
status
200
content-length
143490
x-request-id
qj6437gpgeydsocxgezzvjlr
x-served-by
cache-iad2135-IAD, cache-ams21027-AMS
last-modified
Thu, 24 Sep 2015 17:54:28 GMT
etag
"560438d4-23082"
strict-transport-security
max-age=900
content-type
image/png
expires
Wed, 26 Jun 2019 06:43:21 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
2, 0
glyphicons-halflings-regular.woff2
cdn.jsdelivr.net/bootstrap/3.3.7/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: www.varian.com
URL: https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/varian.js?ptp54e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://cdn.jsdelivr.net/bootstrap/3.3.7/css/bootstrap.min.css
Origin
https://www.varian.com

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
etag
W/"466c-yjW2l9mcrk0bYPLWD803dxmH6wc"
vary
Accept-Encoding
x-cache
HIT, HIT
content-type
font/woff2
status
200
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
date
Wed, 26 Jun 2019 11:30:25 GMT
accept-ranges
bytes
timing-allow-origin
*
content-length
18028
x-served-by
cache-ams21038-AMS, cache-fra19134-FRA
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j77&a=877467885&t=pageview&_s=1&dl=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&dr=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&dt=You%20have%20been%20phished%20by%20VIT!%20%7C%20Varian%20Medical%20Systems&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1913241100&gjid=632869064&cid=148475335.1561548625&tid=UA-3907074-1&_gid=1249190981.1561548625&_r=1&z=125915170
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2019 11:30:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		65 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-5118829
Requested by
Host: www.varian.com
URL: https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/varian.js?ptp54e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fcbe798451bb65737d70860b3296282cba11e22a39c82c56110974d2f7ade4a0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
25485
x-xss-protection
0
expires
Wed, 26 Jun 2019 11:30:25 GMT
notice
consent.truste.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.truste.com/notice?domain=varian.com&c=teconsent&js=bb&noticeType=bb
Requested by
Host: www.varian.com
URL: https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/varian.js?ptp54e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.178.139 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-208-178-139.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
de34321911a0a0b5b2851763a4db240ccb40ecda6507c798d2463f4b1c26235d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.varian.com/you-have-been-phished-vit
Origin
https://www.varian.com

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
status
200
cache-control
no-cache
content-length
1521
expires
Wed, 26 Jun 2019 11:30:24 GMT
siteanalyze_6121624.js
siteimproveanalytics.com/js/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteimproveanalytics.com/js/siteanalyze_6121624.js
Requested by
Host: www.varian.com
URL: https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/varian.js?ptp54e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:8a76 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef253b4fecc2d7667e7c5039fdb44dc14b0a34b42d5ccda9fd6e3a761973429e

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
content-encoding
br
cf-cache-status
HIT
age
3872
status
200
x-amz-request-id
A991659680557E1C
x-amz-id-2
NIKPoaC98Pf3suXwYQP7lVzC9G5aUgQ4wTGwKTcnWmzhF30yXCaX5gYxx67TiJJPuPmpnCL2N6o=
last-modified
Wed, 28 Mar 2018 13:00:23 GMT
server
cloudflare
etag
W/"f402b801c78bd1911de9e16af506b979"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400
cf-ray
4eced95e6fa1d6dd-FRA
expires
Thu, 27 Jun 2019 11:30:25 GMT
jTxiSeMj.min.js
scripts.demandbase.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.demandbase.com/jTxiSeMj.min.js
Requested by
Host: www.varian.com
URL: https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/varian.js?ptp54e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.157.214 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-157-214.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c9254715ba595a1e0e29fd31826a11a21dcfcb9aedde1155cdb5f5f81ba38d5

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
ELS4p3ASSMUI2R19s2LrcbB6bQrVkJ2Q
content-encoding
gzip
last-modified
Thu, 20 Jun 2019 18:41:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
date
Wed, 26 Jun 2019 03:13:57 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=3600
x-amz-cf-id
BK3DuNA35FS8KQlzF0366qNk-CkcJxmpT6TOzunvf1bpCivztFyGOA==
via
1.1 ed0c487879f809919537bf00a2f2dc8f.cloudfront.net (CloudFront)
insight.min.js
snap.licdn.com/li.lms-analytics/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.varian.com
URL: https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/varian.js?ptp54e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 26 Jun 2019 11:30:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 23:03:30 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=79834
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4571
pd.js
pi.pardot.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: www.varian.com
URL: https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/varian.js?ptp54e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
pi0-lba1-2-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
f6652dacc3641651bf842bb18861c6fbb66581a3dd2c41dde3226764740684b6

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 26 Jun 2019 11:30:25 GMT
Content-Encoding
gzip
X-Pardot-Route
ea50fcd3dcf777490e1499615b883deb
X-Pardot-LB
7044ba9c794aba658bc1be2f8b8ad85c
Last-Modified
Mon, 29 Oct 2018 18:54:48 GMT
Server
PardotServer
ETag
"13e7-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=63072000
Accept-Ranges
bytes
Content-Length
1817
Expires
Fri, 25 Jun 2021 11:30:25 GMT
43d051c3eef2.js
w.usabilla.com/ Frame 1D04 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.usabilla.com/43d051c3eef2.js?lv=1
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.94.188 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-211-94-188.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
231689e9f8e2c81d3ca91b6b031935bb9d8f070b57a3580c479d0ffb5a1e57a8

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2019 11:30:25 GMT
content-encoding
gzip
x-widget-server
2.1
etag
"758c206832ebe509a18dc595a48f7f49"
content-type
text/javascript
status
200
cache-control
public,max-age=0
content-length
10457
ip.json
api.company-target.com/api/v2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.company-target.com/api/v2/ip.json?referrer=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&page=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&page_title=You%20have%20been%20phished%20by%20VIT!%20%7C%20Varian%20Medical%20Systems&key=a8cb2c9b2d96cb0beed4a0cd63c66c7a&src=tag
Requested by
Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/jTxiSeMj.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.157.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-157-75.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
5ac894538abeaec31a9e7e00750c8dc45b8e3065138ef038c485c2a686bc827b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.varian.com/you-have-been-phished-vit
Origin
https://www.varian.com

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
content-encoding
gzip
x-amz-cf-pop
FRA53
x-cache
Miss from cloudfront
status
200
access-control-max-age
1728000
request-id
f2e5e476-1cd9-4157-9b83-05f4ae62062b
content-length
570
x-amz-cf-id
iQ78LvzvbTvf-CEystEgVKOKOmgns-bas3z139iek10XrhtdLlcbDQ==
pragma
no-cache
access-control-allow-origin
https://www.varian.com
server
nginx
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
via
1.1 b2eb119180a1f499dade55aa4e26c619.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
api-version
v2
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
identification-source
STANDARD
expires
Tue, 25 Jun 2019 11:30:25 GMT
log
segments.company-target.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/demandbase
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
  • https://segments.company-target.com/log?vendor=choca&user_id=AAIdOk66Jq8AABbEFq2vNQ
26 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segments.company-target.com/log?vendor=choca&user_id=AAIdOk66Jq8AABbEFq2vNQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.157.125 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-157-125.fra53.r.cloudfront.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 26 Jun 2019 11:30:26 GMT
Via
1.1 e8929a64b6920fabf88f772b8cd0125c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53
Vary
Origin
X-Cache
Miss from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
26
X-Amz-Cf-Id
x_1mgZwoadPqyNJCCurPRBR3D7UQJDxslT79Iy2I1XYfAEJQNcfNZw==

Redirect headers

location
https://segments.company-target.com/log?vendor=choca&user_id=AAIdOk66Jq8AABbEFq2vNQ
Date
Wed, 26 Jun 2019 11:30:25 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
464526.gif
id.rlcdn.com/ 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/464526.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.92.78 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
78.92.95.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Wed, 26 Jun 2019 11:30:25 GMT
via
1.1 google
alt-svc
clear
/
px.ads.linkedin.com/collect/
Redirect Chain
  • https://px.ads.linkedin.com/collect/?time=1561548625676&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1
  • https://px.ads.linkedin.com/collect/?time=1561548625676&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1561548625676%26pid%3D942233%26url%3Dhttps%253A%252F%252Fwww.varian.com%252Fyou-have-been-phishe...
  • https://px.ads.linkedin.com/collect/?time=1561548625676&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1&cookiesTest=true&liSync=true
0
232 B 		Script
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/collect/?time=1561548625676&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1&cookiesTest=true&liSync=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:26 GMT
content-encoding
gzip
server
Play
vary
Accept-Encoding
x-li-fabric
prod-lor1
status
200
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
20
x-li-uuid
Xnvebze8qxUAwg+uNisAAA==

Redirect headers

date
Wed, 26 Jun 2019 11:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
302
x-li-pop
prod-edc2
content-length
20
x-li-uuid
dPeNwzO8qxXg6RH5hCsAAA==
pragma
no-cache
server
Play
x-frame-options
sameorigin
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary
Accept-Encoding
strict-transport-security
max-age=2592000
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect/?time=1561548625676&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1&cookiesTest=true&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
varian-medical-systems-button-3714f7c9eb6a13e2258af0815eeb493a.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame 6D76 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d6tizftlrpuof.cloudfront.net/themes/production/varian-medical-systems-button-3714f7c9eb6a13e2258af0815eeb493a.png
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.149.144 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-144.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f532e06ce3c3b7df87c829a48ca396d73d782d815b23638de1b2fd6764ef1d6a

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 05 May 2019 05:40:01 GMT
Via
1.1 a9e1c5fff6a2739d3f7026c216819292.cloudfront.net (CloudFront)
Last-Modified
Mon, 30 Oct 2017 13:57:07 GMT
Server
AmazonS3
Age
4513824
ETag
"3714f7c9eb6a13e2258af0815eeb493a"
X-Cache
Hit from cloudfront
x-amz-version-id
8DnKtE0mPJwCIzbGtGGO3_kx_75aW1WZ
Cache-Control
max-age=315360000, no-transform, public
X-Amz-Cf-Pop
FRA53
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
1731
X-Amz-Cf-Id
a_4n84aJMjB-LUX-S-xo0aW9K9VqAhOmf0w25GSxSQ6d1UTII-MmLQ==
image.aspx
us2.siteimprove.com/ 		34 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us2.siteimprove.com/image.aspx?url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&ref=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&title=You%20have%20been%20phished%20by%20VIT!%20%7C%20Varian%20Medical%20Systems&res=1600x1200&accountid=6121624&rt=999&prev=1561548625792&luid=75eb6ecf-8cf0-d0df-3c6c-fd7968106c8c&rnd=93271
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.52.254 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-194-52-254.compute-1.amazonaws.com
Software
/ ASP.NET
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 26 Jun 2019 11:30:21 GMT
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="NOI OUR IND COM NAV INT"
Cache-Control
private
Connection
keep-alive
Content-Type
image/gif
Content-Length
34
Expires
Wed, 26 Jun 2019 11:29:22 GMT
v1.7-2
consent.trustarc.com/asset/notice.js/v/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-2
Requested by
Host: consent.truste.com
URL: https://consent.truste.com/notice?domain=varian.com&c=teconsent&js=bb&noticeType=bb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.203.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-203-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ee50c67d5eceaa52cd7a377d69af2dac37a554cc572d53ab22c38598bfeb63c2
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.varian.com/you-have-been-phished-vit
Origin
https://www.varian.com

Response headers

pragma
public
date
Wed, 26 Jun 2019 11:30:25 GMT
content-encoding
gzip
last-modified
Mon, 17 Jun 2019 07:12:11 GMT
server
nginx
access-control-allow-origin
*
x-frame-options
ALLOWALL
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=2592000
expires
Fri, 26 Jul 2019 11:30:25 GMT
/
consent-pref.trustarc.com/ Frame 90F8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/?type=varian&site=varian.com&action=notice&country=de&locale=en&behavior=expressed&layout=default_eu&from=https://consent.trustarc.com/
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.143.230 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-72-143-230.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
consent-pref.trustarc.com
:scheme
https
:path
/?type=varian&site=varian.com&action=notice&country=de&locale=en&behavior=expressed&layout=default_eu&from=https://consent.trustarc.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.varian.com/you-have-been-phished-vit
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.varian.com/you-have-been-phished-vit

Response headers

status
200
date
Wed, 26 Jun 2019 11:30:26 GMT
content-type
text/html; charset=UTF-8
server
nginx
vary
Accept-Encoding
etag
W/"5700-1558354312000"
last-modified
Mon, 20 May 2019 12:11:52 GMT
content-encoding
gzip
get
consent.trustarc.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/get?name=trustarc_cookiepreferences.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.203.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-203-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4b0e644f809d6096b56f9e2c923959b6851fa72a59e5eeddfd2534e8ec38a114
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Wed, 26 Jun 2019 11:30:25 GMT
server
nginx
access-control-allow-origin
*
x-frame-options
ALLOWALL
content-type
image/png
status
200
cache-control
max-age=2592000
content-length
2016
expires
Fri, 26 Jul 2019 11:30:25 GMT
get
consent.trustarc.com/ 		95 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/get?name=transparent.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.203.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-203-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Wed, 26 Jun 2019 11:30:25 GMT
server
nginx
access-control-allow-origin
*
x-frame-options
ALLOWALL
content-type
image/png
status
200
cache-control
max-age=2592000
content-length
95
expires
Fri, 26 Jul 2019 11:30:25 GMT
noticemsg
consent.trustarc.com/ 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/noticemsg?action=consent&domain=varian.com&behavior=expressed&country=de&language=en&rand=0.9915573109333453
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.203.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-203-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2019 11:30:25 GMT
server
nginx
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache
content-length
43
expires
Wed, 26 Jun 2019 11:30:24 GMT
get
consent.trustarc.com/ 		923 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/get?name=trans.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.203.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-203-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2606b91cca1f76efe9c503aaef5b7956ef6415a9403b8bbc0f5eb857d515bb05
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Wed, 26 Jun 2019 11:30:25 GMT
server
nginx
access-control-allow-origin
*
x-frame-options
ALLOWALL
content-type
image/png
status
200
cache-control
max-age=2592000
content-length
923
expires
Fri, 26 Jul 2019 11:30:25 GMT
analytics
pi.pardot.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&pi_opt_in=&campaign_id=53018&account_id=31902&title=You%20have%20been%20phished%20by%20VIT!%20%7C%20Varian%20Medical%20Systems&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&referrer=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
pi0-lba1-2-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
58ebb199c05b754925a940b79fde8827a3547277725f61ae9019169e8dc5425e

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Jun 2019 11:30:26 GMT
Content-Encoding
gzip
X-Pardot-Route
13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB
7044ba9c794aba658bc1be2f8b8ad85c
X-Pardot-Rsp
16/65/119
Vary
Accept-Encoding,User-Agent
P3p
CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
797
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.hr-internal.co
URL
http://www.hr-internal.co:49152/alt_pixel_click_e0caa67cdf.gif?correlation_id=f54acaf9-bfda-4dcf-b4f0-3a4a6a4f7570
Domain
tslp.s3.amazonaws.com
URL
https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=e0caa67cdf&correlation_id=f54acaf9-bfda-4dcf-b4f0-3a4a6a4f7570
Domain
tslp.s3.amazonaws.com
URL
https://tslp.s3.amazonaws.com/detect/java.js?guid=e0caa67cdf&correlation_id=f54acaf9-bfda-4dcf-b4f0-3a4a6a4f7570
Domain
tslp.s3.amazonaws.com
URL
https://tslp.s3.amazonaws.com/detect/flash.js?guid=e0caa67cdf&correlation_id=f54acaf9-bfda-4dcf-b4f0-3a4a6a4f7570
Domain
tslp.s3.amazonaws.com
URL
https://tslp.s3.amazonaws.com/detect/pdf.js?guid=e0caa67cdf&correlation_id=f54acaf9-bfda-4dcf-b4f0-3a4a6a4f7570
Domain
tslp.s3.amazonaws.com
URL
https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=e0caa67cdf&correlation_id=f54acaf9-bfda-4dcf-b4f0-3a4a6a4f7570
Domain
tslp.s3.amazonaws.com
URL
https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=e0caa67cdf&correlation_id=f54acaf9-bfda-4dcf-b4f0-3a4a6a4f7570
Domain
tslp.s3.amazonaws.com
URL
https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=e0caa67cdf&correlation_id=f54acaf9-bfda-4dcf-b4f0-3a4a6a4f7570
Domain
tslp.s3.amazonaws.com
URL
https://tslp.s3.amazonaws.com/detect/wmp.js?guid=e0caa67cdf&correlation_id=f54acaf9-bfda-4dcf-b4f0-3a4a6a4f7570

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask undefined| $ function| jQuery object| Drupal object| jQuery1102036573806553296095 string| GoogleAnalyticsObject function| ga function| _typeof object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer function| lightningjs function| usabilla_live string| _linkedin_partner_id object| _linkedin_data_partner_ids string| piAId string| piCId string| piHostname object| google_tag_manager function| __extends object| Demandbase object| __db function| DBSegment function| _bizo_local_logger function| _bizo_fire_partners boolean| _bizo_main_already_called object| _sz function| _truste_eumap object| truste function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| piEnableTracking function| piDisableTracking function| piResponse

6 Cookies

Domain/Path Name / Value
.varian.com/ Name: _gid
Value: GA1.2.1249190981.1561548625
www.varian.com/ Name: adaptive_image
Value: 1600
.varian.com/ Name: _gat
Value: 1
.varian.com/ Name: _gcl_au
Value: 1.1.1471752702.1561548626
www.varian.com/ Name: has_js
Value: 1
.varian.com/ Name: _ga
Value: GA1.2.148475335.1561548625

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
ajax.googleapis.com
api.company-target.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
consent-pref.trustarc.com
consent.trustarc.com
consent.truste.com
d2wy8f7a9ursnm.cloudfront.net
d6tizftlrpuof.cloudfront.net
id.rlcdn.com
java.com
match.prod.bidr.io
notify.bugsnag.com
pi.pardot.com
px.ads.linkedin.com
scripts.demandbase.com
segments.company-target.com
siteimproveanalytics.com
snap.licdn.com
tslp.s3.amazonaws.com
us2.siteimprove.com
w.usabilla.com
www.google-analytics.com
www.googletagmanager.com
www.hr-internal.co
www.linkedin.com
www.varian.com
tslp.s3.amazonaws.com
www.hr-internal.co
151.101.38.133
152.199.19.160
2606:4700:20::6819:8a76
2606:4700::6813:c697
2620:109:c002::6cae:a0a
2a00:1450:4001:814::200e
2a00:1450:4001:815::200a
2a00:1450:4001:81a::2008
2a02:26f0:6c00:28c::25ea
2a02:26f0:f1:281::196
2a04:4e42::621
2a05:f500:11:101::b93f:9005
34.194.52.254
34.248.190.238
34.95.92.78
35.186.205.6
52.208.178.139
52.21.178.134
52.211.94.188
52.213.63.19
52.222.149.144
52.222.149.64
52.222.157.125
52.222.157.214
52.222.157.75
52.31.150.82
54.72.143.230
54.76.203.99
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0c8a4fa988b7615aa50d5322931e3031ca3d79fdbda4fe47d5dd2eeed05a3d72
1132573cc6851509b093bbc0ae558a50adcfaffb3ce09df37e25c2f373e2db18
1430f42c0d760ba8e05bb3762480502e541f654fec5739ee40625ab22dc38c4f
1c9254715ba595a1e0e29fd31826a11a21dcfcb9aedde1155cdb5f5f81ba38d5
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
231689e9f8e2c81d3ca91b6b031935bb9d8f070b57a3580c479d0ffb5a1e57a8
2606b91cca1f76efe9c503aaef5b7956ef6415a9403b8bbc0f5eb857d515bb05
2932abf996373e87fbf2e950876b1962f1b57db954a1643ea68831d9fbb74da4
2a6a8d7c39d6c358f0b98b7572a56dd1c37ce00a2f906d016aa1468e522f408a
2eacea802b1c426ffb35cb9bfe94f9ecb1f250a6bf20119409aca9d9fdd79152
312d73c2d350568c141e8b4eb5b3a2eca40d64b56ecf50eb80e37a1f70e1fc2c
322afd5c4ad9ff1122d7eac8414a69ee716764bb097d44b7db9894bc70d4a726
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
393c82aadf1d1b263a352cd66d8385de31e711b745d01be8b0ab4e3aed30aafd
39d78049b553bf7900010de8b76ebb17c7bd5b885ff4f432365c85ab9694329d
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
4690e8b7c7c1d07d0f3b8fd2e00231ac8ac67a7a821a0cde1cdee8fba89b870b
4811efd696ea2d6877a357cd875b59848221d215a12e1f2fe5407a0dae43518c
4b0e644f809d6096b56f9e2c923959b6851fa72a59e5eeddfd2534e8ec38a114
4b1fe8343e20efd635f8686a576fbf1179c21e5e20344e684c4de38649a9f90a
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
58ebb199c05b754925a940b79fde8827a3547277725f61ae9019169e8dc5425e
5968e6fd2bb447f04cfccd4629a337a9668e8ca1731bf03eefd2ed9840d9a43d
5ac894538abeaec31a9e7e00750c8dc45b8e3065138ef038c485c2a686bc827b
5d644f1a2d803750758d828a83ac7418c1753001cd446e4fa39aee33f6d26483
62baaba65b3849ef119a1a63b9ffa5cb188c99bc72a9c585650dfe00c6677160
687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879
6a06467b6249ba53957ac980c2c4625b0e21ee9d27414e1ca139e44bf590b510
6b03344710b3004beecb8645a7679bb057d65bf1faf1cb41f542ba74a09eb76f
77b4a3f56116e4faabbe3bdaa79755afb2ff75fd1afdcd2bbddeda531f29f5c1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8811a5e2337b921c7c4aebe8000a1b82cabd24c1f5c50873c57067558cf3eaf7
8df03bcf9f789b2985e22d3126245b64ea863898d6f45a9454fbb7a606773ab2
93f28432edd5197c0a4b4bae5953e57c0179bcd1cb8941c7ab564aaa1642518c
9506997e3569c0ffe818da9db56092a494f510ca9774c894f387a42cbc509dce
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9f3c3c551c86975bab0c70f0d3fe75d14b6496198636b6004423e0a1b5cef28a
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
a6c60b251a29da5144ea1a00e54507aea9d39280482c2810f3539b2786b60b88
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
bd94d3ffc2629e2f302dcb3ca1aec5ea0e9a1d86cb2d2b2599712d89f065af0d
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c54103ba57ee210ca55c052e70415402707548a4e6a68dd6efb3895019bee392
c5d155a87e3dbc7c782700ecdbd7afa57930358aa98dfcc52e9ef317e6f3c3f6
d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c
d7a65482b04e0c1cec1e03112dc893864ad730fd473b37ce424f259193425fdb
da301bacb049c1300be61603ed1bbab216c9c2c089c89ad65bc14571a5ccb1bf
de34321911a0a0b5b2851763a4db240ccb40ecda6507c798d2463f4b1c26235d
e24c4cf2a491d2345863a7a7f3cbb8dd1296061c46078507e0545edf4e29952b
e388c79096e39a793cdf1dc4a442b29884ae1665e79970950f44744c6c674608
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b51901312c47d085a0ec9880e52b73cd8cb8b1c2f0103bf66405a1325dbdd1
e6b29b31a54468f48b1d9afca085ff9519528225005003fe6c61d7d9b5e98606
e7e652a271def1ed02442c7e1d452e09fce4a2f71625d185c4fb62394e7ef372
ebecf9d1791ce8bc2c1c11bd9a41b0030c20874d5a01571dd3c1d0d32978e1f3
edba6d4362d8932fef1145d56e534e6746d379187b36eefc6b409764135ef242
ee50c67d5eceaa52cd7a377d69af2dac37a554cc572d53ab22c38598bfeb63c2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef253b4fecc2d7667e7c5039fdb44dc14b0a34b42d5ccda9fd6e3a761973429e
f532e06ce3c3b7df87c829a48ca396d73d782d815b23638de1b2fd6764ef1d6a
f6652dacc3641651bf842bb18861c6fbb66581a3dd2c41dde3226764740684b6
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fcbe798451bb65737d70860b3296282cba11e22a39c82c56110974d2f7ade4a0
fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c