Submitted URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Effective URL: https://www.varian.com/you-have-been-phished-vit
Submission: On June 26 via manual from SG

Summary

This website contacted 27 IPs in 5 countries across 24 domains to perform 114 HTTP transactions. The main IP is 151.101.38.133, located in Amsterdam, Netherlands and belongs to FASTLY - Fastly, US. The main domain is www.varian.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 2nd 2018. Valid for: a year.
This is the only time www.varian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 52.31.150.82 16509 (AMAZON-02)
1 2a02:26f0:f1:... 20940 (AKAMAI-ASN1)
1 52.222.149.64 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.186.205.6 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
29 34.248.190.238 16509 (AMAZON-02)
38 151.101.38.133 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a04:4e42::621 54113 (FASTLY)
1 152.199.19.160 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.208.178.139 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.222.157.214 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 52.21.178.134 14618 (AMAZON-AES)
1 52.211.94.188 16509 (AMAZON-02)
1 52.222.157.75 16509 (AMAZON-02)
2 2 52.213.63.19 16509 (AMAZON-02)
1 52.222.157.125 16509 (AMAZON-02)
1 34.95.92.78 15169 (GOOGLE)
2 3 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2620:109:c002... 14413 (LINKEDIN)
1 52.222.149.144 16509 (AMAZON-02)
1 34.194.52.254 14618 (AMAZON-AES)
5 54.76.203.99 16509 (AMAZON-02)
1 54.72.143.230 16509 (AMAZON-02)
114 27
Domain Requested by
38 www.varian.com www.varian.com
ajax.aspnetcdn.com
32 www.hr-internal.co www.hr-internal.co
ajax.googleapis.com
5 consent.trustarc.com consent.truste.com
4 cdn.jsdelivr.net www.varian.com
4 www.google-analytics.com www.hr-internal.co
www.varian.com
3 px.ads.linkedin.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 pi.pardot.com www.varian.com
pi.pardot.com
2 cdnjs.cloudflare.com www.varian.com
1 consent-pref.trustarc.com consent.trustarc.com
1 us2.siteimprove.com
1 d6tizftlrpuof.cloudfront.net www.varian.com
1 www.linkedin.com 1 redirects
1 id.rlcdn.com
1 segments.company-target.com
1 api.company-target.com scripts.demandbase.com
1 w.usabilla.com www.varian.com
1 snap.licdn.com www.varian.com
1 scripts.demandbase.com www.varian.com
1 siteimproveanalytics.com www.varian.com
1 consent.truste.com www.varian.com
1 www.googletagmanager.com www.varian.com
1 ajax.aspnetcdn.com www.varian.com
1 notify.bugsnag.com www.hr-internal.co
1 ajax.googleapis.com www.hr-internal.co
1 d2wy8f7a9ursnm.cloudfront.net www.hr-internal.co
1 java.com www.hr-internal.co
0 tslp.s3.amazonaws.com Failed www.hr-internal.co
114 28
Subject Issuer Validity Valid
www.java.com
DigiCert ECC Extended Validation Server CA
2018-02-21 -
2020-02-21
2 years crt.sh

1970-01-01 -
1970-01-01
a few seconds crt.sh
*.bugsnag.com
COMODO RSA Domain Validation Secure Server CA
2018-05-18 -
2020-06-01
2 years crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-06-11 -
2019-09-03
3 months crt.sh
varian.com
DigiCert SHA2 Secure Server CA
2018-10-02 -
2019-10-03
a year crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-03-02 -
2019-09-08
6 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-05-29 -
2020-04-23
a year crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2
2018-03-30 -
2020-03-30
2 years crt.sh
*.truste.com
Go Daddy Secure Certificate Authority - G2
2018-01-26 -
2021-03-06
3 years crt.sh
ssl379359.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-05-27 -
2019-12-03
6 months crt.sh
*.demandbase.com
Go Daddy Secure Certificate Authority - G2
2018-09-20 -
2020-11-19
2 years crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2019-04-01 -
2021-05-07
2 years crt.sh
*.pardot.com
DigiCert SHA2 Secure Server CA
2019-01-21 -
2020-01-22
a year crt.sh
w.usabilla.com
Amazon
2019-05-08 -
2020-06-08
a year crt.sh
*.company-target.com
Go Daddy Secure Certificate Authority - G2
2017-08-18 -
2019-08-18
2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-04-24 -
2020-04-23
a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2019-05-29 -
2021-06-29
2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2
2018-10-08 -
2019-10-09
a year crt.sh
*.siteimprove.com
DigiCert SHA2 Secure Server CA
2018-01-03 -
2020-03-11
2 years crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2
2017-07-18 -
2020-07-17
3 years crt.sh

This page contains 4 frames:

Primary Page: https://www.varian.com/you-have-been-phished-vit
Frame ID: 8029AE2E707E98E86E491C8201FA41D7
Requests: 111 HTTP requests in this frame

Frame: https://w.usabilla.com/43d051c3eef2.js?lv=1
Frame ID: 1D04E3B9EE8EDC0017E14D22D18F03B0
Requests: 1 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/varian-medical-systems-button-3714f7c9eb6a13e2258af0815eeb493a.png
Frame ID: 6D7675B280F25345D267799A44DCF74C
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=varian&site=varian.com&action=notice&country=de&locale=en&behavior=expressed&layout=default_eu&from=https://consent.trustarc.com/
Frame ID: 90F8513F505C1D37D8C3466048F154BF
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.hr-internal.co/Compensation/e0caa67cdf?l=10 Page URL
  2. https://www.varian.com/you-have-been-phished-vit Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /drupal\.js/i
  • meta generator /^Drupal(?:\s([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /drupal\.js/i
  • meta generator /^Drupal(?:\s([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • headers server /ATS\/?([\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • script /lightbox.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

114
Requests

62 %
HTTPS

36 %
IPv6

24
Domains

28
Subdomains

27
IPs

5
Countries

1278 kB
Transfer

2611 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.hr-internal.co/Compensation/e0caa67cdf?l=10 Page URL
  2. https://www.varian.com/you-have-been-phished-vit Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 46
  • http://www.google-analytics.com/r/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1783371878&gjid=1289000678&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&_r=1&z=1112162050 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1783371878&gjid=1289000678&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&_r=1&z=1112162050
Request Chain 47
  • http://www.google-analytics.com/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&z=1106074112 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&z=1106074112
Request Chain 101
  • https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
  • https://segments.company-target.com/log?vendor=choca&user_id=AAIdOk66Jq8AABbEFq2vNQ
Request Chain 103
  • https://px.ads.linkedin.com/collect/?time=1561548625676&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1 HTTP 302
  • https://px.ads.linkedin.com/collect/?time=1561548625676&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1561548625676%26pid%3D942233%26url%3Dhttps%253A%252F%252Fwww.varian.com%252Fyou-have-been-phished-vit%26fmt%3Djs%26s%3D1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect/?time=1561548625676&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1&cookiesTest=true&liSync=true

114 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set e0caa67cdf
www.hr-internal.co/Compensation/
4 KB
2 KB
Document
General
Full URL
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
4b1fe8343e20efd635f8686a576fbf1179c21e5e20344e684c4de38649a9f90a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.hr-internal.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 26 Jun 2019 11:30:06 GMT
ETag
W/"c384d8159d736b37260a5f2ec968edaf"
Server
ThreatSim-Web-Server
Set-Cookie
EXFILGUID=e0caa67cdf; path=/ link_clicked_e0caa67cdf=1; path=/
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Request-Id
f83871d8-9799-48db-96e8-9499c5949ec4
X-Runtime
0.008509
X-XSS-Protection
1; mode=block
Content-Length
948
Connection
keep-alive
alt_pixel_click_e0caa67cdf.gif
www.hr-internal.co/
0
0

plugin_detect.js
tslp.s3.amazonaws.com/detect/
0
0

java.js
tslp.s3.amazonaws.com/detect/
0
0

deployJava.js
java.com/js/
18 KB
18 KB
Script
General
Full URL
https://java.com/js/deployJava.js
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f1:281::196 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Oracle-HTTP-Server /
Resource Hash
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:06 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename=deployJava.js;filename*=UTF-8''deployJava.js
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
18444
x-xss-protection
1
mdt-type
abinary;charset=UTF-8
last-modified
Fri, 07 Jul 2017 23:29:07 GMT
server
Oracle-HTTP-Server
x-frame-options
SAMEORIGIN
x-oracle-dms-ecid
005Kza_iK0l9Tcw70Fj8EF0003jI005QfZ
content-type
application/javascript
expires
Thu, 27 Jun 2019 11:30:06 GMT
cache-control
max-age=86400
x-oracle-dms-rid
0:1
flash.js
tslp.s3.amazonaws.com/detect/
0
0

pdf.js
tslp.s3.amazonaws.com/detect/
0
0

quicktime.js
tslp.s3.amazonaws.com/detect/
0
0

realplayer.js
tslp.s3.amazonaws.com/detect/
0
0

silverlight.js
tslp.s3.amazonaws.com/detect/
0
0

wmp.js
tslp.s3.amazonaws.com/detect/
0
0

bugsnag-2.min.js
d2wy8f7a9ursnm.cloudfront.net/
6 KB
3 KB
Script
General
Full URL
http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
52.222.149.64 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 02 Jun 2019 00:52:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Aug 2016 00:30:49 GMT
Server
AmazonS3
Age
294268
ETag
"6103bb5e4ec6141e19e1100caafc780c"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 e9cb084a7980d1028202eee7e07a5589.cloudfront.net (CloudFront)
Cache-Control
public, max-age=604800
X-Amz-Cf-Pop
FRA53
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2962
X-Amz-Cf-Id
8qCWmBxM_XHgx3SVBGgVHQpNfZIOxS7hg1vPugOwJ81OeZ8PyOwNSg==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/
90 KB
33 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 02 Jun 2019 04:33:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
2098570
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
33018
X-XSS-Protection
0
Expires
Mon, 01 Jun 2020 04:33:56 GMT
google-tracking.js
www.hr-internal.co/assets/
455 B
707 B
Script
General
Full URL
http://www.hr-internal.co/assets/google-tracking.js?g=e0caa67cdf
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 26 Jun 2019 11:30:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jun 2019 20:27:12 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Content-Length
316
Expires
Thu, 31 Dec 2037 23:55:55 GMT
all.js
www.hr-internal.co/assets/
28 KB
8 KB
Script
General
Full URL
http://www.hr-internal.co/assets/all.js?g=e0caa67cdf
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
edba6d4362d8932fef1145d56e534e6746d379187b36eefc6b409764135ef242

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 26 Jun 2019 11:30:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jun 2019 13:15:03 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Content-Length
7344
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js
notify.bugsnag.com/
0
110 B
Image
General
Full URL
https://notify.bugsnag.com/js?notifierVersion=2.5.0&apiKey=dfe0bf684022c9c6cd5177bd22c32dc4&projectRoot=http%3A%2F%2Fwww.hr-internal.co&context=%2FCompensation%2Fe0caa67cdf&metaData%5Btarget%5D%5Bguid%5D=e0caa67cdf&metaData%5Btarget%5D%5Bcampaign_guid%5D=c2add3b833&metaData%5Btarget%5D%5Btest_mode%5D=false&metaData%5Btarget%5D%5Bredirect_url%5D=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&metaData%5Btarget%5D%5Boutside_window%5D=false&metaData%5Btarget%5D%5Bjava_detection%5D=true&metaData%5Btarget%5D%5Bsilverlight_detection%5D=true&metaData%5Btarget%5D%5Bquicktime_detection%5D=true&metaData%5Btarget%5D%5Badobe_flash_detection%5D=true&metaData%5Btarget%5D%5Bwmp_detection%5D=true&metaData%5Btarget%5D%5Badobe_pdf_detection%5D=true&metaData%5Btarget%5D%5Brealplayer_detection%5D=true&metaData%5Btarget%5D%5Bcorrelation_id%5D=f54acaf9-bfda-4dcf-b4f0-3a4a6a4f7570&metaData%5Btarget%5D%5Bbase_post_url%5D=https%3A%2F%2Fdataentry.eu.threatsim.com&metaData%5Bscript%5D%5Bsrc%5D=&metaData%5Bscript%5D%5Bcontent%5D=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20window.plugin_detector%20%20%3D%20PluginDetect%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20window.console_debug%20%20%20%20%3D%20false%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20window.guid%20%20%20%20%20%20%20%20%20%20%20%20%20%3D%20%22e0caa67cdf%22%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20window.test_mode%20%20%20%20%20%20%20%20%3D%20false%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20window.tracking_id%20%20%20%20%20%20%3D%20%22e0caa67cdf%22%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20window.correlation_id%20%20%20%3D%20%22f54acaf9-bfda-4dcf-b4f0-3a4a6a4f7570%22%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20window.redirect_url%20%20%3D%20%22https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit%22%3B%20%20%20%20%20%20%20%20%20%20%20%20window.base_post_url%20%3D%20%22https%3A%2F%2Fdataentry.eu.threatsim.com%22%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20&releaseStage=production&appVersion=dffc383c1c13270b269aced2e033d64e2b1c81a4&url=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&userAgent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&language=en-US&severity=error&name=ReferenceError&message=Uncaught%20ReferenceError%3A%20PluginDetect%20is%20not%20defined&stacktrace=ReferenceError%3A%20PluginDetect%20is%20not%20defined%0A%20%20%20%20at%20http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10%3A44%3A41&file=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&lineNumber=44&columnNumber=41&payloadVersion=2&ct=img&cb=1561548623080
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.205.6 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
6.205.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:23 GMT
via
1.1 google
access-control-allow-origin
*
content-type
image/jpeg
status
200
bugsnag-event-id
5d13574f0045f51da7410000
alt-svc
clear
content-length
0
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:35:04 GMT
server
Golfe2
age
165
date
Wed, 26 Jun 2019 11:27:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17707
expires
Wed, 26 Jun 2019 13:27:38 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002673
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
f494de38-8fd0-4cb2-846b-4a39280e3604
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002689
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
44f36490-f619-4a6c-bfb4-9958da0ca09a
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=unknown&msg=found%20guid%20in%20last%20part%20of%20location&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.003059
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
19d132a5-ba04-4118-9620-2efb4352bb81
browser_post
www.hr-internal.co/secure/
0
563 B
XHR
General
Full URL
http://www.hr-internal.co/secure/browser_post
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Origin
http://www.hr-internal.co
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-Runtime
0.008344
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
2b9cad6d-4b72-4152-b526-f6170b7efa69
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002027
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
68b38668-5aa1-404b-bf29-01db1da0272b
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002937
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
57cfcc80-921a-4ff2-914c-642b284a8a7d
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.003317
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
66e0b417-de0f-4dc6-9774-541f95bf2126
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.005562
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
3fb4cb75-7be7-4cea-8055-b7d059669623
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20browser_version%20%3D%2074&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.003593
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
78158287-eae9-4e46-80d9-cbf0364a1f8b
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002781
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
4e0bb44a-e113-4559-9a03-d6f464d3d63e
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20os_version%20%3D%2010.14.5&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002616
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
2d446526-72d2-4f61-a0df-45540346467b
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.006079
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
da7065fb-a319-4436-9f5e-40797ade4d5e
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.001452
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
ee60bbc4-996a-44a3-8d50-2067281be50e
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002075
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
911c4559-0b41-45cb-97ae-1e9f8bd9bac9
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002325
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
f12d918a-e97b-47e8-b14d-3d7a6cf67bf2
log
www.hr-internal.co/
0
563 B
Image
General
Full URL
http://www.hr-internal.co/log?id=e0caa67cdf&sev=1&msg=PluginDetect%20is%20not%20defined&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002566
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
12d1ed81-9159-4369-8a04-90563933bdba
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.001869
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
6658d586-13bd-43c9-aad5-e3cc70e003bc
log
www.hr-internal.co/
0
563 B
Image
General
Full URL
http://www.hr-internal.co/log?id=e0caa67cdf&sev=1&msg=Cannot%20read%20property%20%27getVersion%27%20of%20undefined&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002899
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
4c279b74-4f42-4dec-a18b-d49354b6fcb4
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.001594
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
80da408f-23a4-48f6-9b32-be9c5d1790c8
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=java_version_jres%20%3D%20unknown&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.001998
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
774a2203-677f-4a55-bf89-2f4e44f54fdf
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=java_version%20%3D%20undefined&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.004500
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
4522983a-3b25-4842-a4fd-251c5e77acfa
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20flash%20version&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002419
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
1af21e16-b8d0-4fa1-8a1c-e1ea8acb1bd6
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20pdf%20version&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.003990
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
783bffc6-16dc-4f05-8fa9-eae0e5a0e066
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20quicktime%20version&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002714
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
a293ce45-74b9-4015-b25b-a212355e6d69
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20RealPlayer%20version&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002267
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
2d0e3b95-2212-4799-a9db-52ed7538fee6
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20Silverlight%20version&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.001407
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
73ee44ba-e055-4143-bcbd-ba3fa412098a
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.001906
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
c910c2ab-9158-4182-bbf2-a8d5162ebc94
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=redirect_url%20is%20undefined&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002321
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-07f9f70d6eb4fa45e, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
f37f8c92-9e12-43a6-b606-8a91b3840dd4
trace
www.hr-internal.co/
0
564 B
Image
General
Full URL
http://www.hr-internal.co/trace?id=e0caa67cdf&msg=browser_post_successful&correlation_id=undefined
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
HTTP/1.1
Security
, ,
Server
34.248.190.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-190-238.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.001861
Date
Wed, 26 Jun 2019 11:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-eu-i-0417ea1d517861d5a, ; dffc383c1c13270b269aced2e033d64e2b1c81a4
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
X-XSS-Protection
1; mode=block
X-Request-Id
97ead52d-35a2-4936-868b-c890aac84d11
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp...
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&v...
35 B
124 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1783371878&gjid=1289000678&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&_r=1&z=1112162050
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2019 11:30:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1783371878&gjid=1289000678&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&_r=1&z=1112162050
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1...
  • https://www.google-analytics.com/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=...
35 B
198 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&z=1106074112
Requested by
Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jun 2019 03:54:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1064145
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j77&a=1436560980&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2Fe0caa67cdf%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=2113607341.1561548624&tid=UA-83403-17&_gid=35597598.1561548624&z=1106074112
Non-Authoritative-Reason
HSTS
Primary Request you-have-been-phished-vit
www.varian.com/
94 KB
15 KB
Document
General
Full URL
https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
ebecf9d1791ce8bc2c1c11bd9a41b0030c20874d5a01571dd3c1d0d32978e1f3
Security Headers
Name Value
Strict-Transport-Security max-age=900
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.varian.com
:scheme
https
:path
/you-have-been-phished-vit
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.hr-internal.co/Compensation/e0caa67cdf?l=10

Response headers

status
200
cache-control
public, max-age=10800
content-encoding
gzip
content-language
en
content-type
text/html; charset=utf-8
etag
"1561537334-1"
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Wed, 26 Jun 2019 08:22:14 GMT
link
<https://www.varian.com/you-have-been-phished-vit>; rel="canonical",<https://www.varian.com/node/71371>; rel="shortlink"
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-drupal-cache
HIT
x-frame-options
SAMEORIGIN
x-generator
Drupal 7 (https://www.drupal.org)
x-platform-server
i-052edb9d6808215c1
x-request-id
woguy5soffrs3tefz3n4rezg
via
1.1 varnish 1.1 varnish
accept-ranges
bytes
date
Wed, 26 Jun 2019 11:30:24 GMT
age
0
x-served-by
cache-iad2125-IAD, cache-ams21027-AMS
x-cache
MISS, MISS
x-cache-hits
0, 0
vary
Cookie, Accept-Encoding
strict-transport-security
max-age=900
content-length
15093
css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css
www.varian.com/sites/default/files/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.varian.com/sites/default/files/css/css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
9506997e3569c0ffe818da9db56092a494f510ca9774c894f387a42cbc509dce
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
638533
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
1046
x-request-id
ae3gqrzp3xih6jhid4lcum5i
x-served-by
cache-iad2141-IAD, cache-ams21027-AMS
last-modified
Thu, 13 Jun 2019 08:38:38 GMT
etag
"5d020b8e-416"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=1209600
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 03 Jul 2019 02:08:12 GMT
css_agZGe2JJulOVesmAwsRiWw4h7p0nQU4coTnkS_WQtRA.css
www.varian.com/sites/default/files/css/
18 KB
4 KB
Stylesheet
General
Full URL
https://www.varian.com/sites/default/files/css/css_agZGe2JJulOVesmAwsRiWw4h7p0nQU4coTnkS_WQtRA.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
6a06467b6249ba53957ac980c2c4625b0e21ee9d27414e1ca139e44bf590b510
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
1209188
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
3996
x-request-id
gjq2pkg5gvcxkuck3lz33xyo
x-served-by
cache-iad2141-IAD, cache-ams21027-AMS
last-modified
Tue, 14 May 2019 08:05:03 GMT
etag
"5cda76af-f9c"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=1209600
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 12 Jun 2019 11:37:05 GMT
css_5-ZSonHe8e0CRCx-HUUuCfzkovcWJdGFxPtiOU5-83I.css
www.varian.com/sites/default/files/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://www.varian.com/sites/default/files/css/css_5-ZSonHe8e0CRCx-HUUuCfzkovcWJdGFxPtiOU5-83I.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e7e652a271def1ed02442c7e1d452e09fce4a2f71625d185c4fb62394e7ef372
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
505463
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
1508
x-request-id
wojzw5gi44u42w4zenmezl7w
x-served-by
cache-iad2131-IAD, cache-ams21027-AMS
last-modified
Thu, 13 Jun 2019 08:38:38 GMT
etag
"5d020b8e-5e4"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=1209600
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Thu, 04 Jul 2019 15:06:01 GMT
jquery.qtip.min.css
cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/
9 KB
2 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/jquery.qtip.min.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1132573cc6851509b093bbc0ae558a50adcfaffb3ce09df37e25c2f373e2db18
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
br
cf-cache-status
HIT
age
6182536
cf-ray
4eced95a0ff7d72d-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
last-modified
Thu, 17 May 2018 09:25:16 GMT
server
cloudflare
etag
W/"5afd4a7c-240a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Mon, 15 Jun 2020 11:30:24 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.035
css_LqzqgCscQm_7Ncub_pT57LHyUKa_IBGUCayp2f3XkVI.css
www.varian.com/sites/default/files/css/
687 B
482 B
Stylesheet
General
Full URL
https://www.varian.com/sites/default/files/css/css_LqzqgCscQm_7Ncub_pT57LHyUKa_IBGUCayp2f3XkVI.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
2eacea802b1c426ffb35cb9bfe94f9ecb1f250a6bf20119409aca9d9fdd79152
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
505463
x-cache
HIT, HIT
status
200
x-cache-hits
6, 2
strict-transport-security
max-age=900
content-length
324
x-request-id
yz4wukdes353e4sx4a6yfg7f
x-served-by
cache-iad2145-IAD, cache-ams21027-AMS
last-modified
Thu, 13 Jun 2019 08:38:38 GMT
etag
"5d020b8e-144"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=1209600
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Thu, 04 Jul 2019 15:06:01 GMT
bootstrap.min.css
cdn.jsdelivr.net/bootstrap/3.3.7/css/
118 KB
19 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Wed, 26 Jun 2019 11:30:24 GMT
content-length
19740
x-served-by
cache-ams21036-AMS, cache-fra19127-FRA
etag
W/"1d970-ZSfYvz4ek2i6uMe2D1a8Afo6/Wg"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
drupal-bootstrap.min.css
cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.3.1/7.x-3.x/
13 KB
3 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.3.1/7.x-3.x/drupal-bootstrap.min.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
8df03bcf9f789b2985e22d3126245b64ea863898d6f45a9454fbb7a606773ab2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Wed, 26 Jun 2019 11:30:24 GMT
content-length
3216
x-served-by
cache-ams21041-AMS, cache-fra19127-FRA
etag
W/"33c6-cJMaJha/fM38xNtzJuDgevbSnmI"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
www.varian.com/sites/default/files/css/
675 KB
112 KB
Stylesheet
General
Full URL
https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e24c4cf2a491d2345863a7a7f3cbb8dd1296061c46078507e0545edf4e29952b
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
696580
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
strict-transport-security
max-age=900
content-length
114267
x-request-id
usgcv7ari2qvwlw34htcyj4u
x-served-by
cache-iad2132-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:44:00 GMT
etag
"5d07b540-1be5b"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=1209600
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Tue, 02 Jul 2019 10:00:45 GMT
jquery-1.10.2.min.js
ajax.aspnetcdn.com/ajax/jQuery/
91 KB
32 KB
Script
General
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.10.2.min.js
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F47) /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
status
200
content-length
32915
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:10:49 GMT
server
ECAcc (frc/8F47)
etag
"80228f4cc33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
jquery-extend-3.4.0.js
www.varian.com/misc/
3 KB
2 KB
Script
General
Full URL
https://www.varian.com/misc/jquery-extend-3.4.0.js?v=1.10.2
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
c54103ba57ee210ca55c052e70415402707548a4e6a68dd6efb3895019bee392
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
37
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
strict-transport-security
max-age=900
content-length
1416
x-request-id
uqkjyukueoiticskqexw3min
x-served-by
cache-iad2127-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:02 GMT
etag
W/"5d07b506-d57"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Tue, 25 Jun 2019 01:45:09 GMT
jquery.once.js
www.varian.com/misc/
3 KB
1 KB
Script
General
Full URL
https://www.varian.com/misc/jquery.once.js?v=1.2
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
1430f42c0d760ba8e05bb3762480502e541f654fec5739ee40625ab22dc38c4f
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
39
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
strict-transport-security
max-age=900
content-length
1135
x-request-id
evvve7sgbkz5wl5iinkeieqi
x-served-by
cache-iad2131-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:02 GMT
etag
W/"5d07b506-b9e"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Thu, 20 Jun 2019 22:36:27 GMT
drupal.js
www.varian.com/misc/
20 KB
8 KB
Script
General
Full URL
https://www.varian.com/misc/drupal.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
5968e6fd2bb447f04cfccd4629a337a9668e8ca1731bf03eefd2ed9840d9a43d
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
91
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
strict-transport-security
max-age=900
content-length
7891
x-request-id
r56ifpld2l6r2czitclnfj4c
x-served-by
cache-iad2138-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:02 GMT
etag
W/"5d07b506-4efb"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
bootstrap.min.js
cdn.jsdelivr.net/bootstrap/3.3.7/js/
36 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
MISS, HIT
status
200
date
Wed, 26 Jun 2019 11:30:24 GMT
content-length
9832
x-served-by
cache-ams21048-AMS, cache-fra19127-FRA
etag
W/"90b5-QwpEPXSDD+m+Ju/KQx9EjBs3QPk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
fancyfiledelete.js
www.varian.com/sites/all/modules/contrib/fancy_file_delete/js/
265 B
332 B
Script
General
Full URL
https://www.varian.com/sites/all/modules/contrib/fancy_file_delete/js/fancyfiledelete.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
4690e8b7c7c1d07d0f3b8fd2e00231ac8ac67a7a821a0cde1cdee8fba89b870b
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
122
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
strict-transport-security
max-age=900
content-length
193
x-request-id
hvglvuxkdsavcg6qeg6k7uwd
x-served-by
cache-iad2125-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:03 GMT
etag
W/"5d07b507-109"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
fancybox.js
www.varian.com/sites/all/modules/contrib/fancybox/
1 KB
536 B
Script
General
Full URL
https://www.varian.com/sites/all/modules/contrib/fancybox/fancybox.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
62baaba65b3849ef119a1a63b9ffa5cb188c99bc72a9c585650dfe00c6677160
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-052edb9d6808215c1
age
110
x-cache
HIT, HIT
status
200
x-cache-hits
140, 1
strict-transport-security
max-age=900
content-length
403
x-request-id
mf5d5nsfgdrfkd3lchenruaf
x-served-by
cache-iad2128-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:03 GMT
etag
W/"5d07b507-454"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
jquery.fancybox.pack.js
www.varian.com/sites/all/libraries/fancybox/source/
23 KB
10 KB
Script
General
Full URL
https://www.varian.com/sites/all/libraries/fancybox/source/jquery.fancybox.pack.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
161
x-cache
HIT, HIT
status
200
x-cache-hits
2, 1
strict-transport-security
max-age=900
content-length
9692
x-request-id
56bgnimp5cyzqdkynwoe4mrs
x-served-by
cache-iad2130-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:03 GMT
etag
W/"5d07b507-5a5f"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
jquery.mousewheel-3.0.6.pack.js
www.varian.com/sites/all/libraries/fancybox/lib/
1 KB
878 B
Script
General
Full URL
https://www.varian.com/sites/all/libraries/fancybox/lib/jquery.mousewheel-3.0.6.pack.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
122
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
strict-transport-security
max-age=900
content-length
724
x-request-id
yly7cnfl77evv3mxhmbcewv2
x-served-by
cache-iad2138-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:03 GMT
etag
W/"5d07b507-568"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
jquery.qtip.min.js
cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/
43 KB
16 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/jquery.qtip.min.js
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
322afd5c4ad9ff1122d7eac8414a69ee716764bb097d44b7db9894bc70d4a726
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
br
cf-cache-status
HIT
age
6182557
cf-ray
4eced95a0ff9d72d-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
last-modified
Thu, 17 May 2018 09:25:16 GMT
server
cloudflare
etag
W/"5afd4a7c-ad08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 15 Jun 2020 11:30:24 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.022
views-bootstrap-carousel.js
www.varian.com/sites/all/modules/contrib/views_bootstrap/js/
842 B
581 B
Script
General
Full URL
https://www.varian.com/sites/all/modules/contrib/views_bootstrap/js/views-bootstrap-carousel.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e5b51901312c47d085a0ec9880e52b73cd8cb8b1c2f0103bf66405a1325dbdd1
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
85
x-cache
HIT, HIT
status
200
x-cache-hits
182, 1
strict-transport-security
max-age=900
content-length
351
x-request-id
woaarzcyj27443k5ud4anzob
x-served-by
cache-iad2132-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
W/"5d07b508-34a"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
googleanalytics.js
www.varian.com/sites/all/modules/contrib/google_analytics/
6 KB
2 KB
Script
General
Full URL
https://www.varian.com/sites/all/modules/contrib/google_analytics/googleanalytics.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
312d73c2d350568c141e8b4eb5b3a2eca40d64b56ecf50eb80e37a1f70e1fc2c
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
106
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
strict-transport-security
max-age=900
content-length
2052
x-request-id
6viac3bkqdg7q7denpy55znc
x-served-by
cache-iad2133-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:03 GMT
etag
W/"5d07b507-1874"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
qtip.js
www.varian.com/sites/all/modules/contrib/qtip/js/
2 KB
997 B
Script
General
Full URL
https://www.varian.com/sites/all/modules/contrib/qtip/js/qtip.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
2a6a8d7c39d6c358f0b98b7572a56dd1c37ce00a2f906d016aa1468e522f408a
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
91
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
strict-transport-security
max-age=900
content-length
863
x-request-id
qgxyzjycf2mc6badfobzvyf4
x-served-by
cache-iad2146-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:03 GMT
etag
W/"5d07b507-8ce"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
jquery.hoverIntent.js
www.varian.com/sites/all/themes/varian_bootstrap/js/build/
1 KB
801 B
Script
General
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/jquery.hoverIntent.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
d7a65482b04e0c1cec1e03112dc893864ad730fd473b37ce424f259193425fdb
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
91
x-cache
HIT, HIT
status
200
x-cache-hits
1, 15
strict-transport-security
max-age=900
content-length
591
x-request-id
galnumb6ffebwsxfdoizp35v
x-served-by
cache-iad2145-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
W/"5d07b508-567"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
jquery.lazyload.js
www.varian.com/sites/all/themes/varian_bootstrap/js/build/
3 KB
1 KB
Script
General
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/jquery.lazyload.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
9f3c3c551c86975bab0c70f0d3fe75d14b6496198636b6004423e0a1b5cef28a
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
105
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
strict-transport-security
max-age=900
content-length
1294
x-request-id
qumnfukotr63mkfyuj7mb2ur
x-served-by
cache-iad2128-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
W/"5d07b508-cf8"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
jquery.isonscreen.min.js
www.varian.com/sites/all/themes/varian_bootstrap/js/build/
451 B
464 B
Script
General
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/jquery.isonscreen.min.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
bd94d3ffc2629e2f302dcb3ca1aec5ea0e9a1d86cb2d2b2599712d89f065af0d
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-05e86949aa238c1c7
age
104
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
strict-transport-security
max-age=900
content-length
283
x-request-id
2aiia4lsskwe543dyu2nhydk
x-served-by
cache-iad2151-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
W/"5d07b508-1c3"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
ekko-lightbox.min.js
www.varian.com/sites/all/themes/varian_bootstrap/js/build/
14 KB
5 KB
Script
General
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/ekko-lightbox.min.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
5d644f1a2d803750758d828a83ac7418c1753001cd446e4fa39aee33f6d26483
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-052edb9d6808215c1
age
104
x-cache
HIT, HIT
status
200
x-cache-hits
2, 1
strict-transport-security
max-age=900
content-length
4889
x-request-id
hkdwrae37gjvb6zlwpep6nzi
x-served-by
cache-iad2142-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
W/"5d07b508-3934"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
varian.js
www.varian.com/sites/all/themes/varian_bootstrap/js/build/
44 KB
13 KB
Script
General
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/varian.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e388c79096e39a793cdf1dc4a442b29884ae1665e79970950f44744c6c674608
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
content-encoding
gzip
x-platform-server
i-0a340618b900f1e59
age
105
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
strict-transport-security
max-age=900
content-length
13009
x-request-id
jfhmsdcrqysvmaop2q3zzqzi
x-served-by
cache-iad2138-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
W/"5d07b508-af0a"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
expires
Wed, 26 Jun 2019 08:10:04 GMT
logoWhiteSmall.png
www.varian.com/sites/all/themes/varian_bootstrap/images/
20 KB
20 KB
Image
General
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/images/logoWhiteSmall.png
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
393c82aadf1d1b263a352cd66d8385de31e711b745d01be8b0ab4e3aed30aafd
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-0a340618b900f1e59
age
20
x-cache
HIT, HIT
status
200
content-length
20386
x-request-id
czaoxwbxxnsorjytb3npvh22
x-served-by
cache-iad2138-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
"5d07b508-4fa2"
strict-transport-security
max-age=900
content-type
image/png
expires
Fri, 21 Jun 2019 22:26:58 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
2, 1
lazy.gif
www.varian.com/sites/all/themes/varian_bootstrap/images/
42 B
196 B
Image
General
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/images/lazy.gif
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:24 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-052edb9d6808215c1
age
144
x-cache
HIT, HIT
status
200
content-length
42
x-request-id
cjxsr4ps324hd24wifjrnkyq
x-served-by
cache-iad2132-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
"5d07b508-2a"
strict-transport-security
max-age=900
content-type
image/gif
expires
Sun, 23 Jun 2019 17:20:09 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 1
phishing_small.jpg
www.varian.com/sites/default/files/
58 KB
58 KB
Image
General
Full URL
https://www.varian.com/sites/default/files/phishing_small.jpg
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
6b03344710b3004beecb8645a7679bb057d65bf1faf1cb41f542ba74a09eb76f
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-0a340618b900f1e59
age
0
x-cache
MISS, MISS
status
200
content-length
59440
x-request-id
iocp5ecrjofi4at3hlpiixlb
x-served-by
cache-iad2135-IAD, cache-ams21027-AMS
last-modified
Mon, 27 Aug 2018 17:04:46 GMT
etag
"5b842f2e-e830"
strict-transport-security
max-age=900
content-type
image/jpeg
expires
Wed, 26 Jun 2019 11:35:25 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
0, 0
phish_circle.jpg
www.varian.com/sites/default/files/
16 KB
16 KB
Image
General
Full URL
https://www.varian.com/sites/default/files/phish_circle.jpg
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e6b29b31a54468f48b1d9afca085ff9519528225005003fe6c61d7d9b5e98606
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-052edb9d6808215c1
age
0
x-cache
MISS, MISS
status
200
content-length
16665
x-request-id
4w5537oiu3vfom7r5hcuv7za
x-served-by
cache-iad2145-IAD, cache-ams21027-AMS
last-modified
Mon, 27 Aug 2018 17:05:19 GMT
etag
"5b842f4f-4119"
strict-transport-security
max-age=900
content-type
image/jpeg
expires
Wed, 26 Jun 2019 11:35:25 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
0, 0
logoFooter.png
www.varian.com/sites/all/themes/varian_bootstrap/images/
23 KB
24 KB
Image
General
Full URL
https://www.varian.com/sites/all/themes/varian_bootstrap/images/logoFooter.png
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
a6c60b251a29da5144ea1a00e54507aea9d39280482c2810f3539b2786b60b88
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
via
1.1 varnish, 1.1 varnish
x-platform-server
i-0a340618b900f1e59
age
144
x-cache
HIT, HIT
status
200
content-length
24014
x-request-id
mns7m7d5e6vvsemx3whldybb
x-served-by
cache-iad2130-IAD, cache-ams21027-AMS
last-modified
Mon, 17 Jun 2019 15:43:04 GMT
etag
"5d07b508-5dce"
strict-transport-security
max-age=900
content-type
image/png
expires
Tue, 25 Jun 2019 23:34:26 GMT
cache-control
max-age=300
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 1
bootstrap.js
www.varian.com/sites/all/themes/bootstrap/js/
10 KB
3 KB
Script
General
Full URL
https://www.varian.com/sites/all/themes/bootstrap/js/bootstrap.js?ptp54e
Requested by
Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
0c8a4fa988b7615aa50d5322931e3031ca3d79fdbda4fe47d5dd2eeed05a3d72
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.varian.com/you-have-been-phished-vit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 11:30:25 GMT
content-encoding
gzip
x-platform-server
i-052edb9d6808215c1
age
103
x-cache
HIT, HIT
status
200
x-cache-hits
2, 1
strict-transport-security
max-age=900
content-length
3142
x-request-id
zbzkjx3qunubfmm4tmn6o4ve