login.hr-internal.co Open in urlscan Pro
54.72.169.193  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://login.hr-internal.co/ Page URL
2. https://login.hr-internal.co/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	202	/ Show response login.hr-internal.co/	2 KB 2 KB	276ms 97ms	Document text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software awselb/2.0 / Resource Hash b40eca426c409ea6c26c2506b54092a1798fe3e440da0c7c2700d80afbd8d527 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-methods OPTIONS,GET,POST access-control-allow-origin * access-control-max-age 86400 cache-control no-store, max-age=0 content-length 1991 content-type text/html; charset=UTF-8 date Mon, 21 Oct 2024 18:50:25 GMT server awselb/2.0 x-amzn-waf-action challenge
GET H2	200	challenge.js Show response d52dbd6654f2.2bdc12a2.eu-west-1.token.awswaf.com/d52dbd6654f2/dbd80742a9c9/36e1b52fdbc4/	1 MB 286 KB	338ms 176ms	Script text/javascript	13.32.27.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d52dbd6654f2.2bdc12a2.eu-west-1.token.awswaf.com/d52dbd6654f2/dbd80742a9c9/36e1b52fdbc4/challenge.js Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-111.fra56.r.cloudfront.net Software / Resource Hash fe721a24c7021434977a8b839dfdf8bf31f9b2d527630590375f40a939313455 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-amz-cf-pop FRA56-C2 cache-control private, max-age=86400, stale-while-revalidate=604800 content-encoding gzip pragma no-cache via 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront) expires 0 alt-svc h3=":443"; ma=86400 x-amzn-waf-challenge-id Root=1-6716a271-4ad833be03a3c04c0b2c5f64 x-cache Miss from cloudfront x-amz-cf-id PrjOuPn17IIh9g7r6S1A-EOnNebul9H3vMVo5xrfKqMacCDdtW2Ouw== date Mon, 21 Oct 2024 18:50:25 GMT content-type text/javascript vary Accept-Encoding last-modified Mon, 21 Oct 2024 18:50:25 +0000
GET H2	202	favicon.ico login.hr-internal.co/	0 212 B	80ms 80ms	Other text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.hr-internal.co/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software awselb/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST access-control-allow-origin * content-length 0 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html; charset=UTF-8 server awselb/2.0 x-amzn-waf-action challenge
POST H3	200	verify Show response d52dbd6654f2.2bdc12a2.eu-west-1.token.awswaf.com/d52dbd6654f2/dbd80742a9c9/36e1b52fdbc4/	308 B 655 B	230ms 163ms	Fetch application/json	13.32.27.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d52dbd6654f2.2bdc12a2.eu-west-1.token.awswaf.com/d52dbd6654f2/dbd80742a9c9/36e1b52fdbc4/verify Requested by Host: d52dbd6654f2.2bdc12a2.eu-west-1.token.awswaf.com URL: https://d52dbd6654f2.2bdc12a2.eu-west-1.token.awswaf.com/d52dbd6654f2/dbd80742a9c9/36e1b52fdbc4/challenge.js Protocol H3 Security QUIC, , AES_128_GCM Server 13.32.27.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-111.fra56.r.cloudfront.net Software / Resource Hash d689cb2f88d69231d507c77b68d9ef96c57933d12e5a13755dd640d0ef9b1918 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://login.hr-internal.co/ Response headers x-cache Miss from cloudfront access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate pragma no-cache access-control-allow-methods OPTIONS,GET,POST via 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront) expires 0 alt-svc h3=":443"; ma=86400 access-control-allow-origin * content-length 308 x-amz-cf-id nw9nQBGqiFQ-YILT-1sz4nXQupQhD92Ye6TljIrezLkdMZ2q-wzeWA== date Mon, 21 Oct 2024 18:50:26 GMT content-type application/json x-amzn-waf-challenge-id Root=1-6716a272-74c1ff9934b7fe26225f7b53 x-amz-cf-pop FRA56-C2
GET H2	200	Primary Request / Show response login.hr-internal.co/	2 KB 2 KB	76ms 75ms	Document text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.hr-internal.co/ Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash c0623a98220d6586761a01bc71f85279d1893f40e75400864b0f9048bc2b0bfe Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://login.hr-internal.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-origin * cache-control max-age=0, private, must-revalidate content-encoding gzip content-type text/html; charset=utf-8 date Mon, 21 Oct 2024 18:50:26 GMT etag W/"c0623a98220d6586761a01bc71f85279" referrer-policy strict-origin-when-cross-origin server ThreatSim-Web-Server vary Accept-Encoding x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN x-host-info lw-prod-eu-i-0eba57e3d99218129 ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 x-permitted-cross-domain-policies none x-request-id 886bae4a-3354-4bc5-9018-fd5d636279c8 x-runtime 0.002205 x-xss-protection 1; mode=block
GET H2	200	jquery.min.js Show response login.hr-internal.co/assets/ajax/libs/jquery/1.11.0/	94 KB 33 KB	157ms 157ms	Script application/javascript	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.hr-internal.co/assets/ajax/libs/jquery/1.11.0/jquery.min.js Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers cache-control max-age=315360000, public content-encoding gzip expires Thu, 31 Dec 2037 23:55:55 GMT access-control-allow-origin * date Mon, 21 Oct 2024 18:50:26 GMT content-type application/javascript last-modified Mon, 23 Sep 2024 12:18:52 GMT vary Accept-Encoding server ThreatSim-Web-Server
GET H2	200	psat_logo.png login.hr-internal.co/assets/	11 KB 10 KB	156ms 155ms	Image image/png	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/assets/psat_logo.png Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash 313ac720267e0d852f0b17055b68087b1d1cc4ce24f075864d4ab57a7f83b199 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers cache-control max-age=315360000, public content-encoding gzip expires Thu, 31 Dec 2037 23:55:55 GMT access-control-allow-origin * date Mon, 21 Oct 2024 18:50:26 GMT content-type image/png last-modified Mon, 23 Sep 2024 12:19:01 GMT vary Accept-Encoding server ThreatSim-Web-Server
GET H2	200	all.js Show response login.hr-internal.co/assets/	28 KB 7 KB	74ms 74ms	Script application/javascript	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.hr-internal.co/assets/all.js?g=infopage Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers cache-control max-age=315360000, public content-encoding gzip expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes access-control-allow-origin * content-length 7191 date Mon, 21 Oct 2024 18:50:26 GMT content-type application/javascript last-modified Mon, 23 Sep 2024 12:18:52 GMT vary Accept-Encoding server ThreatSim-Web-Server
POST H2	200	browser_post Show response login.hr-internal.co/secure/	0 487 B	86ms 85ms	XHR image/gif	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.hr-internal.co/secure/browser_post Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/assets/ajax/libs/jquery/1.11.0/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://login.hr-internal.co/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept */* Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers x-request-id 40570124-ee4a-4b0a-823d-4f5ca3c1414a content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-0eba57e3d99218129, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type image/gif; charset=utf-8 vary Accept-Encoding, Accept x-runtime 0.004103 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 467 B	91ms 84ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id c7953856-44ed-490b-9803-7e728a32230c content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-0896fd8acd2a51750, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.002484 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 467 B	89ms 82ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id 1846c841-7b5e-4090-b8f3-0bf50eb4098c content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-0896fd8acd2a51750, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.002807 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 468 B	87ms 80ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id 637a1e45-fd85-43ff-968f-8fc376329726 content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-0993f4c0e0a43a099, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.001841 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 467 B	89ms 83ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id 92a71e25-c317-4cfc-9cb1-cef99114ff87 content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-0993f4c0e0a43a099, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.001938 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 466 B	91ms 84ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=BrowserDetect%20-%20browser_version%20%3D%20129&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id b1e58c71-f1ed-41e6-a670-e52e2bb25cbe content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-00306423ebc8d2a42, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.002949 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 467 B	87ms 81ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id c0acf57b-7702-4ab2-8960-d3f3fcb70fa1 content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-0eba57e3d99218129, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.001617 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 467 B	88ms 82ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id daea08e8-69af-42ce-9fda-80deb7274692 content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-00306423ebc8d2a42, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.002297 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 467 B	176ms 170ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=BrowserDetect%20-%20language%20%3D%20es-ES&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id 888ec7c3-d0d2-48c6-a3fd-41b5d0876166 content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-0eba57e3d99218129, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.002262 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 467 B	175ms 169ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id 9092bc08-a77b-47c9-9ff3-bee2ade513e0 content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-0993f4c0e0a43a099, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.002146 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 467 B	178ms 173ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id b1fe35bb-f366-4ad2-8654-23aeab7ab4be content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-0896fd8acd2a51750, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.002266 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 467 B	176ms 170ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id 1648e672-545c-40fc-b26c-99cab8d846d3 content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-0896fd8acd2a51750, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.002306 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 466 B	178ms 172ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=BrowserDetect%20-%20plugin%20PDF%20Viewer&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id 5e1062c1-4c56-44f9-be04-88011463c22e content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-00306423ebc8d2a42, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.002449 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 467 B	176ms 171ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id bac53123-bf4e-423d-b4b9-9ca2e5d7cb5d content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-00306423ebc8d2a42, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.002377 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 467 B	173ms 168ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=BrowserDetect%20-%20plugin%20Chromium%20PDF%20Viewer&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id 6d81c6f3-2fb5-4383-86b0-589fd1cec3aa content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-0993f4c0e0a43a099, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.001969 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 467 B	174ms 169ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=BrowserDetect%20-%20plugin%20Microsoft%20Edge%20PDF%20Viewer&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id e8a76462-1b65-4186-867f-5c3d735a2499 content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-0eba57e3d99218129, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.001944 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 467 B	181ms 176ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id c2aad903-e5b0-40c8-9e56-97f8802d904f content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-00306423ebc8d2a42, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.001499 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	log login.hr-internal.co/	0 477 B	180ms 175ms	Image image/gif	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/log?id=infopage&sev=1&msg=PluginDetect%20is%20not%20defined&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id 78b7ec9d-22d5-46b0-968e-37373aa794da content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-0896fd8acd2a51750, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type image/gif; charset=utf-8 vary Accept-Encoding x-runtime 0.001398 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 467 B	179ms 175ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=Skipping%20java%20detection&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id a9adac26-5bca-4337-bc37-996e44d07dfd content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-00306423ebc8d2a42, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.002056 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 467 B	180ms 176ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=Loading%20flash%20version&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id ca382a67-0785-42fa-82d2-cbde17e24db4 content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-0993f4c0e0a43a099, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.001346 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	log login.hr-internal.co/	0 477 B	177ms 173ms	Image image/gif	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/log?id=infopage&sev=1&msg=Cannot%20read%20properties%20of%20undefined%20(reading%20%27getVersion%27)&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id 9bfcdbdd-fd21-459d-87d1-9b25f7e6f31c content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-0896fd8acd2a51750, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type image/gif; charset=utf-8 vary Accept-Encoding x-runtime 0.002515 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 467 B	177ms 174ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=Loading%20pdf%20version&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id 6934917b-b295-4df6-ad07-6591350cc4e2 content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-0eba57e3d99218129, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.002130 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 467 B	176ms 173ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=Loading%20quicktime%20version&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id 450dd051-7285-4fd5-8e3d-7af097998200 content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-0eba57e3d99218129, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.001912 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 467 B	174ms 172ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=Loading%20RealPlayer%20version&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id 3b6511b0-946d-4d49-8e0b-241bc60f3476 content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-0993f4c0e0a43a099, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.001644 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 467 B	176ms 174ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=Loading%20Silverlight%20version&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id 3c45b6e0-1170-48d9-a33a-26fa747151d1 content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-00306423ebc8d2a42, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.002105 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 467 B	176ms 174ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id 3122a5f0-cf1d-482f-bddb-ed3b4347c39e content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-0993f4c0e0a43a099, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.002495 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 468 B	175ms 173ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=redirect_url%20is%20undefined&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id 7f41962f-7146-4299-b0b7-3278ff488fb6 content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-0896fd8acd2a51750, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.002094 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	trace login.hr-internal.co/	0 467 B	96ms 94ms	Image text/html	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.hr-internal.co/trace?id=infopage&msg=browser_post_successful&correlation_id=undefined Requested by Host: login.hr-internal.co URL: https://login.hr-internal.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers x-request-id 412f77e0-b34c-4c54-887a-82caa265647d content-encoding gzip x-permitted-cross-domain-policies none x-content-type-options nosniff x-host-info lw-prod-eu-i-0eba57e3d99218129, ; f2b5de6fff38e7dd7ac15e124f070d93bb1446d3 date Mon, 21 Oct 2024 18:50:26 GMT content-type text/html vary Accept-Encoding x-runtime 0.001124 x-frame-options SAMEORIGIN cache-control no-cache referrer-policy strict-origin-when-cross-origin x-download-options noopen access-control-allow-origin * x-xss-protection 1; mode=block server ThreatSim-Web-Server
GET H2	200	favicon.ico login.hr-internal.co/	0 160 B	79ms 79ms	Other image/x-icon	54.72.169.193 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.hr-internal.co/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.169.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-169-193.eu-west-1.compute.amazonaws.com Software ThreatSim-Web-Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.hr-internal.co/ Response headers etag "66f15cac-0" accept-ranges bytes access-control-allow-origin * content-length 0 date Mon, 21 Oct 2024 18:50:26 GMT content-type image/x-icon last-modified Mon, 23 Sep 2024 12:18:52 GMT server ThreatSim-Web-Server

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| do_not_detect_java string| tracking_id function| $ function| jQuery object| BrowserDetect object| $_GET function| log_error function| log_to_console function| log_message boolean| fingerprinted function| strip function| secureSubmitWithGuid function| secureSubmit function| findUsername function| checkPassword function| secureLogAndRedirect function| sendFingerprint function| imageSender function| sendIndividually function| loadAllInfo object| local_addresses function| redirector function| rewriteLinks function| isFormValid

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.login.hr-internal.co/	1970-01-21 00:31:22	Name: aws-waf-token Value: d99ae76a-4baa-453f-82ac-a9ca995af5b2:CgoAo26DfXcwAAAA:3RgdBUbkg37nweflfjqOYxhu6rcL0fPTlTxHvI5LvHhi7slh3FrBK85yrHz8nbte4b7URmo5FlFQDa8xntFnnh/KXbyrW/Bv87SGjy2omRpYPwrjsD+KWk5bpNuGgVSSwvFAQfjI48q1hYzSwGbNbRpqkWa3J48pyxlsqH0EXk+JjK8LQ/h8MtCNqLSUsF+MKNDgz9QCs+8ahmI1l3lnx5GkdwHjfM/Pvg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d52dbd6654f2.2bdc12a2.eu-west-1.token.awswaf.com
login.hr-internal.co
13.32.27.111
54.72.169.193
313ac720267e0d852f0b17055b68087b1d1cc4ce24f075864d4ab57a7f83b199
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b40eca426c409ea6c26c2506b54092a1798fe3e440da0c7c2700d80afbd8d527
c0623a98220d6586761a01bc71f85279d1893f40e75400864b0f9048bc2b0bfe
d689cb2f88d69231d507c77b68d9ef96c57933d12e5a13755dd640d0ef9b1918
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe721a24c7021434977a8b839dfdf8bf31f9b2d527630590375f40a939313455