hsmcareers.info Open in urlscan Pro
188.114.97.9 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://klickme.gleeze.com/rd/c12317hOHST5304276RhEX5Knv2195KKxd2786
Effective URL:
https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585
Submission: On December 18 via manual (December 18th 2023, 12:41:22 pm UTC) from IT — Scanned from IT

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 6 countries across 8 domains to perform 28 HTTP transactions. The main IP is 188.114.97.9, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is hsmcareers.info.
TLS certificate: Issued by GTS CA 1P5 on December 11th 2023. Valid for: 3 months.

This is the only time hsmcareers.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 2	37.221.212.82 37.221.212.82	41075 (ATW-AS) (ATW-AS)
1 1	35.189.245.169 35.189.245.169	15169 (GOOGLE) (GOOGLE)
1 1	35.205.251.103 35.205.251.103	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	172.86.96.155 172.86.96.155	53667 (PONYNET) (PONYNET)
1 22	188.114.97.9 188.114.97.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.141.13 172.64.141.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.21.67.146 104.21.67.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	20.50.64.3 20.50.64.3	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
28	5

2 37.221.212.82 (Hatvan, Hungary) 1 redirects

ASN41075 (ATW-AS, HU)

klickme.gleeze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.189.245.169 (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 169.245.189.35.bc.googleusercontent.com

twice-best.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.205.251.103 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.251.205.35.bc.googleusercontent.com

linkingroutes5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.86.96.155 (Staten Island, United States) 1 redirects

ASN53667 (PONYNET, US)
PTR: 172-86-96-155.static.cloudzy.com

www.visitorinformations.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 188.114.97.9 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hsmcareers.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.141.13 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.67.146 (None, )

ASN13335 (CLOUDFLARENET, US)

virtualpushplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.64.3 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pushvisit.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	hsmcareers.info 1 redirects hsmcareers.info	2 MB
3	virtualpushplatform.com virtualpushplatform.com — Cisco Umbrella Rank: 337702	4 KB
2	pushvisit.xyz pushvisit.xyz — Cisco Umbrella Rank: 344593	2 KB
2	gleeze.com 1 redirects klickme.gleeze.com	573 B
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 971	426 KB
1	visitorinformations.com 1 redirects www.visitorinformations.com	654 B
1	linkingroutes5.com 1 redirects linkingroutes5.com	753 B
1	twice-best.com 1 redirects twice-best.com	294 B
28	8

	Domain	Requested by
22	hsmcareers.info	1 redirects klickme.gleeze.com hsmcareers.info
3	virtualpushplatform.com	hsmcareers.info virtualpushplatform.com
2	pushvisit.xyz	virtualpushplatform.com
2	klickme.gleeze.com	1 redirects
1	use.fontawesome.com	hsmcareers.info
1	www.visitorinformations.com	1 redirects
1	linkingroutes5.com	1 redirects
1	twice-best.com	1 redirects
28	8

This site contains no links.

Subject Issuer	Validity	Valid
hsmcareers.info GTS CA 1P5	`2023-12-11` - `2024-03-10`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-14` - `2024-02-13`	a year	crt.sh
pushvisit.xyz Sectigo RSA Domain Validation Secure Server CA	`2023-08-02` - `2024-08-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585
Frame ID: BC749DA67A31A966DFA6C28333BDEBFB
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Récompenses du sondage

Page URL History Show full URLs

http://klickme.gleeze.com/rd/c12317hOHST5304276RhEX5Knv2195KKxd2786 Page URL
http://klickme.gleeze.com/track/c12317hOHST5304276RhEX5Knv2195KKxd2786 HTTP 302
https://twice-best.com/?a=3585&oc=18770&c=50824&m=3&s1=11&s2=2786-12317&s3=5304276-5-2195 HTTP 302
https://linkingroutes5.com/?a=3585&oc=18770&c=50824&m=3&s1=11&s2=2786-12317&s3=5304276-5-2195&ckmguid=d... HTTP 302
https://www.visitorinformations.com/B1Z33J/KKJW2S4/?sub2=344255062&source_id=3585 HTTP 302
https://hsmcareers.info/DYuZkSCWgk/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&... HTTP 302
https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

28
Requests

96 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

5
IPs

6
Countries

2138 kB
Transfer

2986 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://klickme.gleeze.com/rd/c12317hOHST5304276RhEX5Knv2195KKxd2786 Page URL
http://klickme.gleeze.com/track/c12317hOHST5304276RhEX5Knv2195KKxd2786 HTTP 302
https://twice-best.com/?a=3585&oc=18770&c=50824&m=3&s1=11&s2=2786-12317&s3=5304276-5-2195 HTTP 302
https://linkingroutes5.com/?a=3585&oc=18770&c=50824&m=3&s1=11&s2=2786-12317&s3=5304276-5-2195&ckmguid=d86940c3-0ed2-4fd4-a274-085ffc9a385c HTTP 302
https://www.visitorinformations.com/B1Z33J/KKJW2S4/?sub2=344255062&source_id=3585 HTTP 302
https://hsmcareers.info/DYuZkSCWgk/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 HTTP 302
https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	c12317hOHST5304276RhEX5Knv2195KKxd2786 klickme.gleeze.com/rd/	235 B 352 B	93ms 70ms	Document text/html	37.221.212.82 ATW-AS
General Check archive.org Show headers Download Go to Full URL http://klickme.gleeze.com/rd/c12317hOHST5304276RhEX5Knv2195KKxd2786 Protocol HTTP/1.1 Server 37.221.212.82 Hatvan, Hungary, ASN41075 (ATW-AS, HU), Reverse DNS Software / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers Content-Length 235 Content-Type text/html; charset=utf-8 Date Mon, 18 Dec 2023 12:41:15 GMT
GET H2	200	Primary Request / Show response hsmcareers.info/ Redirect Chain http://klickme.gleeze.com/track/c12317hOHST5304276RhEX5Knv2195KKxd2786 https://twice-best.com/?a=3585&oc=18770&c=50824&m=3&s1=11&s2=2786-12317&s3=5304276-5-2195 https://linkingroutes5.com/?a=3585&oc=18770&c=50824&m=3&s1=11&s2=2786-12317&s3=5304276-5-2195&ckmguid=d86940c3-0ed2-4fd4-a274-085ffc9a385c https://www.visitorinformations.com/B1Z33J/KKJW2S4/?sub2=344255062&source_id=3585 https://hsmcareers.info/DYuZkSCWgk/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585	29 KB 6 KB	123ms 122ms	Document text/html	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Requested by Host: klickme.gleeze.com URL: http://klickme.gleeze.com/rd/c12317hOHST5304276RhEX5Knv2195KKxd2786 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `340e7d47c7b0ee18747f67299993fb1a904f06f1513bd45de035a55043181230` Request headers Referer http://klickme.gleeze.com/rd/c12317hOHST5304276RhEX5Knv2195KKxd2786 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 83777aab88aa0da6-MRS content-encoding br content-type text/html date Mon, 18 Dec 2023 12:41:17 GMT last-modified Sat, 16 Dec 2023 22:21:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WuC97QxzBs9bFotkhc39ceQcgDLr7x5%2FjuzpqAdVAgZzz80JX7RLe%2BEalQhhGWv5XToHmvYY0xQcPgPEdvZpHHNeiSFL5VPC5vT4ZtiMBHn4SwhZ0DR8cDnCc8lN%2BjQ2IDY%3D"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 83777aaa8f360da6-MRS content-type text/html date Mon, 18 Dec 2023 12:41:17 GMT location https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbl25yOq1gbOZLKARcIGy6xQdBwk2GS1eIZFUwOyVaBuxdCIFJ%2B0BYfxb%2B73ytmTquR7MR7czvYa8%2FGJvPzKuowCjU26M%2BTyaZwI0sxu1ceHFT1ibvIZA%2B%2Fnl%2B9FjfcpywU%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	style.css hsmcareers.info/css/	17 KB 4 KB	135ms 134ms	Stylesheet text/css	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hsmcareers.info/css/style.css Requested by Host: hsmcareers.info URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0dda363b63a3ccd26b84c081a5212deab00504cabe723f805c43a9b63a0fed40` Request headers accept-language it-IT,it;q=0.9 Referer https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 08 May 2023 17:32:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3263233041" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YTOUrCGvrcBR1iY7wpPQwD0IxYjGx%2Bfm%2BcnvfKrJk%2BNNGok5yT%2BtUsZYQOgc41LnI7v7o933G9IBOw70M5HiX9oSYEEzBHPoBcXHf2UGYqx7eKrBAFS2VSxMnSdNXapfYs%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cf-ray 83777aac5cb7ba8f-MXP alt-svc h3=":443"; ma=86400
GET H3	200	animate.min.css hsmcareers.info/css/	70 KB 6 KB	203ms 202ms	Stylesheet text/css	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hsmcareers.info/css/animate.min.css Requested by Host: hsmcareers.info URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f` Request headers accept-language it-IT,it;q=0.9 Referer https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT content-encoding br cf-cache-status DYNAMIC last-modified Tue, 28 Jun 2022 17:36:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1259793493" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44w6e0HaIxpgz%2FB6CBLpMHz2TIL1tBoc%2B7FfR0dHKKWp0VrKD2E4vT1g1g%2FdMwJFDQoOPwWClshDp0BODWcPJzr0ZM0EkxDJA97AkyT%2FQhDZiivR7QRtcipzF2kL6mj6KX0%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cf-ray 83777aac5cbaba8f-MXP alt-svc h3=":443"; ma=86400
GET H2	200	all.js Show response use.fontawesome.com/releases/v5.15.4/js/	1 MB 426 KB	189ms 83ms	Script application/javascript	172.64.141.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.15.4/js/all.js Requested by Host: hsmcareers.info URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.141.13 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf` Request headers Referer https://hsmcareers.info/ Origin https://hsmcareers.info accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Sep 2023 01:45:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 253582 etag W/"5e29440867fdb02a48dffded02338c31" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QuQE%2FVWNp0hzEB0TLAe5%2BK88bBpN8025N3UVlYQftK5isvNxB%2Bg00IkFgy6sBLtTI6ELoxom%2FIY0Tc7AIJeKfAmOYJvR2wBM0M1Y3hPOwdOOIhjjFBbgT9OccmT4PGnwnMTtNOuk"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=31556926 cf-ray 83777aae6ede5c3c-AMS alt-svc h3=":443"; ma=86400
GET H3	200	datehead.js Show response hsmcareers.info/js/	2 KB 994 B	118ms 118ms	Script application/javascript	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hsmcareers.info/js/datehead.js Requested by Host: hsmcareers.info URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2a7c8cd7e91584a085baf5356fd9ab39bc3c671870e3786cbe33c3db256b5604` Request headers accept-language it-IT,it;q=0.9 Referer https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT content-encoding br cf-cache-status DYNAMIC last-modified Tue, 07 Feb 2023 18:51:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2135713445" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0V8b20hPCWrBnUoDy%2BqfCc5Z1FpeTu8ArjEw%2BuevZTvo76ATvoybDxkEOiUS%2FvhqMCnC3atgHEdQloBa8pOWMBmd3m5XcObnDGfCYJBQf7KCzYGpAVEf4Gli2cJN8Vn%2B4VU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 83777aac5cbbba8f-MXP alt-svc h3=":443"; ma=86400
GET H2	200	ace-push.js Show response virtualpushplatform.com/	10 KB 4 KB	147ms 51ms	Script text/javascript	104.21.67.146 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://virtualpushplatform.com/ace-push.js Requested by Host: hsmcareers.info URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.67.146 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5b7b38d49ff538ea30f98de682751d8edd607525a9f204564ed9353f6e678d06` Request headers accept-language it-IT,it;q=0.9 Referer https://hsmcareers.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1374 cf-polished origSize=13415 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Fri, 10 Nov 2023 12:52:28 GMT server cloudflare etag W/"1da13d4c29e7a67" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVKXZsAJG8m9dBW3MiMRNLxb7Fo6ngrp2mL3QXONWOK4SiVop0s0otitN4giehjNdQxHlHGW6GmV8aWMI6fbHv7oi5DT1DfmRd6uvy9gP5o9z2YecRybafXjem8R5%2B89kmuuj61N5dqnGQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=3600 cf-ray 83777aacfbff73c3-MRS
GET H3	200	logo.png hsmcareers.info/images/	11 KB 12 KB	141ms 141ms	Image image/png	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hsmcareers.info/images/logo.png Requested by Host: hsmcareers.info URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6a9251f89a6881f12818f5828abe92a1394276147b5154deda045ad0896c48d3` Request headers accept-language it-IT,it;q=0.9 Referer https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT cf-cache-status DYNAMIC last-modified Mon, 08 May 2023 16:06:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "165447634" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWR7qW1pZ0YTV1mScCYA8ef%2FwwHhz22s%2BBqxT7ppsPzxCW9LsjTmPEOTgTed0ThtUm2jRnjKoV6Te3afdu1E89u1jMlOBke6UZGFUJmqdPTNkWKxJZMzqFBgTbEj5UfNSn4%3D"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 83777aac5cbcba8f-MXP alt-svc h3=":443"; ma=86400 content-length 11550
GET H3	200	flaglogo.png hsmcareers.info/images/	2 KB 3 KB	117ms 117ms	Image image/png	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hsmcareers.info/images/flaglogo.png Requested by Host: hsmcareers.info URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `34dec14054d91cc30a846052731bae860fb13fa5cbe2b62dc955930ed81ebb6c` Request headers accept-language it-IT,it;q=0.9 Referer https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT cf-cache-status DYNAMIC last-modified Thu, 03 Nov 2022 06:50:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1225021926" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56VAX6h5TSEtPlfbHbiCQxnVoQnPeXn3EJn7svwHqZn9iYmQdoQ%2Fd72uEIXucPrqFJZ6hEHIXmsky8GQ3Vs6iYlZhlXgtr%2Br0u7bpObD6Hq%2Fl0cwm%2B%2FuaAzPmPFWHOQgZps%3D"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 83777aac5cbdba8f-MXP alt-svc h3=":443"; ma=86400 content-length 2308
GET H3	200	product.png hsmcareers.info/images/	518 KB 519 KB	115ms 114ms	Image image/png	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hsmcareers.info/images/product.png Requested by Host: hsmcareers.info URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d0cdba2c922eda972c2f9a96abf69ca9f9ac0a4d9386e8de5b00c71ba4d15449` Request headers accept-language it-IT,it;q=0.9 Referer https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT cf-cache-status DYNAMIC last-modified Thu, 04 May 2023 22:31:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2307865611" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Djoqg04%2FgXm0bRniYCaKVcJLVIwKsWZbKcn9n23UrxmFZPAPBliWVaXU08DaIAFZtt8XN49pFK9ro0afb31kGU3YPxbxS2MGgGa3VD1pN%2B2JHc2gtV9GjoCynazTKGAHfDc%3D"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 83777aad1dd3ba8f-MXP alt-svc h3=":443"; ma=86400 content-length 530709
GET H3	200	loadingRD.gif hsmcareers.info/images/	121 KB 122 KB	200ms 200ms	Image image/gif	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hsmcareers.info/images/loadingRD.gif Requested by Host: hsmcareers.info URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0bd0d5e70f48939d0f06dc174eabc2f89f8215cf23f22df0cecdfa4e3f648064` Request headers accept-language it-IT,it;q=0.9 Referer https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT cf-cache-status DYNAMIC last-modified Mon, 08 May 2023 16:13:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "3828094289" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0GmjD7mI6h1quv1oudmMN1Ftty2w1Rj1KqQT5jFdNJTmTB28VEXQQHYeqbY5FCOobuhxQKiMETA%2BktImcIFLP%2F7gRXBVn1anH0wrzyhO1PHy9aNT66DFwxw1wI1Ee6bLGM%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif accept-ranges bytes cf-ray 83777aad6e3aba8f-MXP alt-svc h3=":443"; ma=86400 content-length 124326
GET H3	200	prize1.png hsmcareers.info/images/	467 KB 467 KB	165ms 164ms	Image image/png	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hsmcareers.info/images/prize1.png Requested by Host: hsmcareers.info URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4dfc10d7b7789510e5b20b85e582e4fca1a346c87473de5bbca1c8c3ecd257e` Request headers accept-language it-IT,it;q=0.9 Referer https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT cf-cache-status DYNAMIC last-modified Thu, 04 May 2023 22:30:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "3414934024" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApS%2F0OS1M5RE4J8UWOeaCdzQFPYykpfkD1NDSGqqPzzFoQWEAv1aWpcW2YuaHo8RoytOIeVaCjl%2FmlPW%2BguOhFynHg7PRkBxaDpC3V9w5lsiysztlQG5qwJ%2BWP%2FFVqmVlvo%3D"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 83777aadae75ba8f-MXP alt-svc h3=":443"; ma=86400 content-length 478039
GET H3	200	1.jpg hsmcareers.info/images/	53 KB 53 KB	198ms 197ms	Image image/jpeg	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hsmcareers.info/images/1.jpg Requested by Host: hsmcareers.info URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `609638eda5a0802f689f6cd7093b8c04203e8a7d380560703427202a0669c754` Request headers accept-language it-IT,it;q=0.9 Referer https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT cf-cache-status DYNAMIC last-modified Thu, 27 Oct 2022 08:19:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "3440217940" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKnX8uNEJ%2Bob0tDuUpCdNWMnAc2MJaO4BLN1bAUwPRKqhd2kVX0TguSNMrIqOd8RxG6yGfhV5o7FOHVXUcisDOZYx%2BL9yu0%2Bj6DJrtIcpWiFQbcgVsjAPQCoi3nqQjzwMUo%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg accept-ranges bytes cf-ray 83777aadae7aba8f-MXP alt-svc h3=":443"; ma=86400 content-length 53891
GET H3	200	2.jpg hsmcareers.info/images/	38 KB 39 KB	200ms 199ms	Image image/jpeg	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hsmcareers.info/images/2.jpg Requested by Host: hsmcareers.info URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3726b1f4b3896a1732d72294945c4d459fcfa3341cd52eba3c53c2695e6ddc0a` Request headers accept-language it-IT,it;q=0.9 Referer https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT cf-cache-status DYNAMIC last-modified Thu, 27 Oct 2022 08:20:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "4238671700" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DsHEXoeZG7MaXmbjVN5kwuMbLrM3dWgL5hMmXTZoVzpo0V%2Fwy6Hdkvp9kjouENx0OV817aVk9T%2BiDlIvzPMVV%2BY%2BfDly%2B6DfNhq%2Fhznwwua35YizZUcheeT1ZqPUqL2U43A%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg accept-ranges bytes cf-ray 83777aadae7eba8f-MXP alt-svc h3=":443"; ma=86400 content-length 39092
GET H3	200	comm_pic_1.jpg hsmcareers.info/images/	72 KB 73 KB	202ms 200ms	Image image/jpeg	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hsmcareers.info/images/comm_pic_1.jpg Requested by Host: hsmcareers.info URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6502cf5a2a5769fe9372669a3ad7c7ec7c13b64550c414bd12332c0418888f1f` Request headers accept-language it-IT,it;q=0.9 Referer https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT cf-cache-status DYNAMIC last-modified Thu, 04 May 2023 22:33:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1751002632" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZhSRIKAwkqVz0bmTNjWTsC91qaCiDC%2BVyZzaV7GGhQ2DxNzRXySDKdlDiewd4A7JLoTQQbnGT8ABL7SuhYGzE96UJ8RR0gMvg%2B8YLxGZ1pumULDLsca0uZJrjwZFHGVHBaY%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg accept-ranges bytes cf-ray 83777aadae80ba8f-MXP alt-svc h3=":443"; ma=86400 content-length 74030
GET H3	200	3.jpg hsmcareers.info/images/	46 KB 47 KB	206ms 205ms	Image image/jpeg	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hsmcareers.info/images/3.jpg Requested by Host: hsmcareers.info URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0c7a3b7317394dd60e3133f86ca4e82ca5107a00c93fe248b1e377c9ace8e4ce` Request headers accept-language it-IT,it;q=0.9 Referer https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT cf-cache-status DYNAMIC last-modified Thu, 27 Oct 2022 08:20:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "3754721108" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZI7xu%2FvPIKyuomrWB9%2FnefOh8YNDcVOCf2R5KPMLsDQkkRKcCQ4SuVxSDx92OWkcozgc%2FExcTwRZgYT1B26TLkh2pPBuLHejMCik5NaNK8BKiUd5pv%2BBPtenah3Z%2BuzT%2FeU%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg accept-ranges bytes cf-ray 83777aadae81ba8f-MXP alt-svc h3=":443"; ma=86400 content-length 47320
GET H3	200	4.jpg hsmcareers.info/images/	35 KB 35 KB	224ms 223ms	Image image/jpeg	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hsmcareers.info/images/4.jpg Requested by Host: hsmcareers.info URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `126d10d15fe82745b61efa4b92471ab582ba2057a2aadffd8a0c0d846550407a` Request headers accept-language it-IT,it;q=0.9 Referer https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT cf-cache-status DYNAMIC last-modified Thu, 27 Oct 2022 08:20:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2899365716" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6P3m9zrCwYTn2zsF2GGpwqQANnjjvgesPJe3AQAE4TJhPQn%2Fqk%2FnTJBUCJNEG77Jyc4wFax09XVZuss%2FRutZpk6cA7YZqxJR%2BA1%2BbQdx653mB6l5%2Fgk2wubL8Otteq6ipEE%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg accept-ranges bytes cf-ray 83777aadae83ba8f-MXP alt-svc h3=":443"; ma=86400 content-length 35770
GET H3	200	comm_pic_2.jpg hsmcareers.info/images/	79 KB 79 KB	225ms 223ms	Image image/jpeg	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hsmcareers.info/images/comm_pic_2.jpg Requested by Host: hsmcareers.info URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `adc69e4dc6ca8be9efc957fd8235cb61a53b678a8e6d852dcdaefaa825190543` Request headers accept-language it-IT,it;q=0.9 Referer https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT cf-cache-status DYNAMIC last-modified Thu, 04 May 2023 22:33:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2138631688" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wMeVX5yIY29h%2FlWSJXNNtxGD7I4lJxcHvvtFFalllI0dk2gXl3RmfvnxhiNx59XjYSGS%2B8i75yJJ9Eb2uc5QqhRgcsiBm5mdr4Jdml4uyoobl%2FHGrjZyRxchxBR4DBov9mk%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg accept-ranges bytes cf-ray 83777aadae85ba8f-MXP alt-svc h3=":443"; ma=86400 content-length 80842
GET H3	200	5.jpg hsmcareers.info/images/	48 KB 49 KB	226ms 225ms	Image image/jpeg	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hsmcareers.info/images/5.jpg Requested by Host: hsmcareers.info URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `369a79cca006827baf7e0cd3fe2482a2c2395965ddeb2523109075c281cb35ee` Request headers accept-language it-IT,it;q=0.9 Referer https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT cf-cache-status DYNAMIC last-modified Thu, 27 Oct 2022 08:20:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2590629716" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4JLBP2J4A74YzKjRz44E8rYrHRKlUgVj9u28QD8uDc6px9z1ZDLqBbKkEEn6Gf4N69pX46pOF9oj7nzdwDSn3A6U2GWasq0pJvHlcV8x%2B5z63kVmUrFI14cZXBZMkkQubw%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg accept-ranges bytes cf-ray 83777aadae87ba8f-MXP alt-svc h3=":443"; ma=86400 content-length 49519
GET H3	200	f_guarantee.png hsmcareers.info/images/	6 KB 7 KB	227ms 226ms	Image image/png	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hsmcareers.info/images/f_guarantee.png Requested by Host: hsmcareers.info URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b` Request headers accept-language it-IT,it;q=0.9 Referer https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT cf-cache-status DYNAMIC last-modified Thu, 21 Apr 2022 15:23:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "3483794721" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOl0wcLlnmkeKABbF%2F0KgH1ul%2BtxmLS7fS4Q%2BFO%2Bu4IgRNm2EFGPJBNx%2BUPYSabxSlvJ3JFycmuPK%2BY%2BDqlhbnK2%2FqwcijSuQogYmei6ecT%2FHP9ofQIViiqsJw%2F4jwOwJrY%3D"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 83777aadae88ba8f-MXP alt-svc h3=":443"; ma=86400 content-length 6352
GET H3	200	f_secure_1.png hsmcareers.info/images/	10 KB 10 KB	228ms 227ms	Image image/png	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hsmcareers.info/images/f_secure_1.png Requested by Host: hsmcareers.info URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95` Request headers accept-language it-IT,it;q=0.9 Referer https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT cf-cache-status DYNAMIC last-modified Thu, 21 Apr 2022 15:23:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2635726114" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJmNWVBVd0kzOYiIR9RPi4aaprNTVna0pjFWETUHf3rJmxSVjF1tjmw%2FNhwg9H33sC8GyqofWnJ0JpsOAk3mPLnoXPWyfjSpCbxn%2BxdIK4CNZW2JJwSun2iE2aARmG5g%2BTA%3D"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 83777aadae8bba8f-MXP alt-svc h3=":443"; ma=86400 content-length 9862
GET H3	200	logo2.png hsmcareers.info/images/	11 KB 12 KB	228ms 227ms	Image image/png	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hsmcareers.info/images/logo2.png Requested by Host: hsmcareers.info URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `02ffa19f3baadc4092dfcd8b133a653767dd0879a62945464dc23f943a83fd8c` Request headers accept-language it-IT,it;q=0.9 Referer https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT cf-cache-status DYNAMIC last-modified Mon, 08 May 2023 16:06:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "513484562" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUU17uwUSZ37pb5pzGl5sx1iBgAVFNBMxwk6HayXTCXM3D3RrCPquhTxqOhUXLU6KjPG%2BQPM1ArrbyACx108KjR7NHtiPwR7h5%2Bm6UnHZMbbFAy9iGKTsJWWL6PNvFGJlPQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 83777aadae8cba8f-MXP alt-svc h3=":443"; ma=86400 content-length 11510
GET H3	200	script.js Show response hsmcareers.info/js/	8 KB 2 KB	197ms 196ms	Script application/javascript	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hsmcareers.info/js/script.js Requested by Host: hsmcareers.info URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `777d05e0f787d4704c670a85a8d41dbab248821292cb0e384f2afb1e36b2c44f` Request headers accept-language it-IT,it;q=0.9 Referer https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 31 Aug 2022 07:03:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1109250559" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gg4mnSnwvKGKZMXTi9J6yenP9dtI0EqjfdBYJ7WJFuIhcbHj4PVaCY9ZGB2OzMcb5fpeaXSn%2BT1B1tHFLe4lYyRkIC62deda5zfENIS7ub%2B9Ggn0V1bvUGWb0UakYAR5JoY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 83777aadae77ba8f-MXP alt-svc h3=":443"; ma=86400
GET H3	200	bg.png hsmcareers.info/images/	162 KB 162 KB	228ms 228ms	Image image/png	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hsmcareers.info/images/bg.png Requested by Host: hsmcareers.info URL: https://hsmcareers.info/css/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `133bddbbaa4e71d24dd6de60682c957d940113d36733b938d520ca37a488583b` Request headers accept-language it-IT,it;q=0.9 Referer https://hsmcareers.info/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 12:41:17 GMT cf-cache-status DYNAMIC last-modified Tue, 07 Feb 2023 19:01:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "467554853" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZH1l5BG%2BEmRFPiw0AcEimZUGghrtRYilXwZlohX0pIeTMLHl8f9FBm0yTK1jhTXg9NeZLAItcZZCiq3eQef6hvTbUYmeCjsITy2T4R5X7Wx28MW3cKWr1d15eXg%2F3SYuUq0%3D"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 83777aadae8eba8f-MXP alt-svc h3=":443"; ma=86400 content-length 165467
POST H2	200	visit Show response pushvisit.xyz/api/v1/	1 KB 2 KB	71ms 71ms	Fetch application/json	20.50.64.3 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pushvisit.xyz/api/v1/visit Requested by Host: virtualpushplatform.com URL: https://virtualpushplatform.com/ace-push.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Kestrel / Resource Hash `707d60ddb12117373552ff80b3a450c576b78c1b0f383ddaeb6f99f8fc671e8b` Request headers Referer https://hsmcareers.info/ accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-type application/json Response headers access-control-allow-origin * date Mon, 18 Dec 2023 12:41:17 GMT server Kestrel content-length 1492 content-type application/json; charset=utf-8
OPTIONS H2	200	visit pushvisit.xyz/api/v1/	0 0	271ms 65ms	Preflight	20.50.64.3 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pushvisit.xyz/api/v1/visit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://hsmcareers.info Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-origin * content-length 0 date Mon, 18 Dec 2023 12:41:18 GMT
POST H3	200	log-client-error virtualpushplatform.com/api/v1/visit/	0 0	88ms 88ms	Fetch	104.21.67.146 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://virtualpushplatform.com/api/v1/visit/log-client-error Requested by Host: virtualpushplatform.com URL: https://virtualpushplatform.com/ace-push.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.67.146 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://hsmcareers.info/ accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-type application/json Response headers date Mon, 18 Dec 2023 12:41:18 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VFLtian5XDQ5MnFD%2FI7Fdl3spsO0aBJ0ksKOR3QiAZXvtsGlBeFcl7UczF0Rv2cTZObl86mXvb2iESUXnjNmHMHKL09tpcYJOXFf6EN116vDYX2CwLC%2FM5GrAJVc7xJE7yCVgSRgdcs3w%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 83777ab43f2c0c44-MRS alt-svc h3=":443"; ma=86400 content-length 0
OPTIONS H3	200	log-client-error virtualpushplatform.com/api/v1/visit/	0 0	248ms 201ms	Preflight	104.21.67.146 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://virtualpushplatform.com/api/v1/visit/log-client-error Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.67.146 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://hsmcareers.info Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 83777ab2ecc30c44-MRS content-length 0 date Mon, 18 Dec 2023 12:41:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8qTNdjj3oStRHw%2FWBoXTp7V%2Bd27IKOzEmw7NXpYOaSJnv1ZNU2QiKI401yZ0gby2y%2FhzGJzhtbQLTwpBnnXkwSOytqo%2FDE%2BIjJuqU5LfQpQBJHpK%2Fe2%2B5alVyYv%2BiYG4ELICLMSexXFvw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.linkingroutes5.com/	1969-12-31 23:59:59	Name: sfd Value: V7JcQ28ZYSG20omSiWvkV+LkgaQX55U4pVS3AWnHPLn2aBCje3PiiA==
.linkingroutes5.com/	1970-01-21 02:37:43	Name: ti Value: T8pbuSua6JJ3IFqEiR35LOLkgaQX55U4pVS3AWnHPLn2aBCje3PiiA==
.linkingroutes5.com/	1970-01-20 17:44:55	Name: c18718 Value: V7JcQ28ZYSG7eRgU/XSBfwgNFzKoO9a+OZsrrZv5iPNANDGXlX2GeQ==
hsmcareers.info/	1969-12-31 23:59:59	Name: SESSIONIDS Value: DYuZkSCWgk

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://hsmcareers.info/?encoded_value=B1Z33J&sub1=&sub2=344255062&sub3=&sub4=&sub5=9367&source_id=3585 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hsmcareers.info
klickme.gleeze.com
linkingroutes5.com
pushvisit.xyz
twice-best.com
use.fontawesome.com
virtualpushplatform.com
www.visitorinformations.com
104.21.67.146
172.64.141.13
172.86.96.155
188.114.97.9
20.50.64.3
35.189.245.169
35.205.251.103
37.221.212.82
02ffa19f3baadc4092dfcd8b133a653767dd0879a62945464dc23f943a83fd8c
0bd0d5e70f48939d0f06dc174eabc2f89f8215cf23f22df0cecdfa4e3f648064
0c7a3b7317394dd60e3133f86ca4e82ca5107a00c93fe248b1e377c9ace8e4ce
0dda363b63a3ccd26b84c081a5212deab00504cabe723f805c43a9b63a0fed40
126d10d15fe82745b61efa4b92471ab582ba2057a2aadffd8a0c0d846550407a
133bddbbaa4e71d24dd6de60682c957d940113d36733b938d520ca37a488583b
2a7c8cd7e91584a085baf5356fd9ab39bc3c671870e3786cbe33c3db256b5604
340e7d47c7b0ee18747f67299993fb1a904f06f1513bd45de035a55043181230
34dec14054d91cc30a846052731bae860fb13fa5cbe2b62dc955930ed81ebb6c
369a79cca006827baf7e0cd3fe2482a2c2395965ddeb2523109075c281cb35ee
3726b1f4b3896a1732d72294945c4d459fcfa3341cd52eba3c53c2695e6ddc0a
5b7b38d49ff538ea30f98de682751d8edd607525a9f204564ed9353f6e678d06
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
609638eda5a0802f689f6cd7093b8c04203e8a7d380560703427202a0669c754
6502cf5a2a5769fe9372669a3ad7c7ec7c13b64550c414bd12332c0418888f1f
6a9251f89a6881f12818f5828abe92a1394276147b5154deda045ad0896c48d3
707d60ddb12117373552ff80b3a450c576b78c1b0f383ddaeb6f99f8fc671e8b
777d05e0f787d4704c670a85a8d41dbab248821292cb0e384f2afb1e36b2c44f
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
adc69e4dc6ca8be9efc957fd8235cb61a53b678a8e6d852dcdaefaa825190543
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
d0cdba2c922eda972c2f9a96abf69ca9f9ac0a4d9386e8de5b00c71ba4d15449
f4dfc10d7b7789510e5b20b85e582e4fca1a346c87473de5bbca1c8c3ecd257e

hsmcareers.info Open in urlscan Pro 188.114.97.9 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

96 %HTTPS

0 %IPv6

8 Domains

8 Subdomains

5 IPs

6 Countries

2138 kBTransfer

2986 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hsmcareers.info Open in urlscan Pro
188.114.97.9 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

96 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

5
IPs

6
Countries

2138 kB
Transfer

2986 kB
Size

4
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!