qantas-group.com Open in urlscan Pro
202.74.70.115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hr-dept.io/461b9544449079aa?l=12
Effective URL:
https://qantas-group.com/JIYFU/QA/qg.html
Submission: On December 04 via manual (December 4th 2024, 1:01:26 am UTC) from PH — Scanned from AU

Summary HTTP 63 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 63 HTTP transactions. The main IP is 202.74.70.115, located in Australia and belongs to ISEEK-AS-AP iseek Communications Pty Ltd, AU. The main domain is qantas-group.com.
TLS certificate: Issued by R10 on November 7th 2024. Valid for: 3 months.

This is the only time qantas-group.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41	52.63.112.4 52.63.112.4	16509 (AMAZON-02) (AMAZON-02)
8	3.5.10.11 3.5.10.11	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2600:1415:11:... 2600:1415:11::1720:5bf	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
6	202.74.70.115 202.74.70.115	9723 (ISEEK-AS-...) (ISEEK-AS-AP iseek Communications Pty Ltd)
2	2404:6800:400... 2404:6800:4004:813::2008	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
63	7

41 52.63.112.4 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

hr-dept.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.5.10.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

tslp.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1415:11::1720:5bf (Sydney, Australia) 1 redirects

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

java.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.java.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 202.74.70.115 (Australia)

ASN9723 (ISEEK-AS-AP iseek Communications Pty Ltd, AU)
PTR: host40.conetix.com.au

qantas-group.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:813::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	hr-dept.io hr-dept.io	58 KB
8	amazonaws.com tslp.s3.amazonaws.com — Cisco Umbrella Rank: 148129	157 KB
6	qantas-group.com qantas-group.com	137 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	189 KB
2	java.com 1 redirects java.com — Cisco Umbrella Rank: 38199 www.java.com — Cisco Umbrella Rank: 69972	7 KB
0	edgefonts.net Failed use.edgefonts.net Failed
63	7

	Domain	Requested by
41	hr-dept.io	hr-dept.io
8	tslp.s3.amazonaws.com	hr-dept.io
6	qantas-group.com	hr-dept.io qantas-group.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	qantas-group.com www.googletagmanager.com
1	www.java.com	hr-dept.io
1	java.com	1 redirects
0	use.edgefonts.net Failed	qantas-group.com
63	8

This site contains no links.

Subject Issuer	Validity	Valid
gift-club.site Amazon RSA 2048 M03	`2024-03-18` - `2025-04-16`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
qantas-group.com R10	`2024-11-07` - `2025-02-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://qantas-group.com/JIYFU/QA/qg.html
Frame ID: A8485006FEBA72DFAA6DF090A18AB0F8
Requests: 63 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Phishing Simulation

Page URL History Show full URLs

https://hr-dept.io/461b9544449079aa?l=12 Page URL
https://qantas-group.com/JIYFU/QA/qg.html Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

95 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

569 kB
Transfer

1044 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hr-dept.io/461b9544449079aa?l=12 Page URL
https://qantas-group.com/JIYFU/QA/qg.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://java.com/js/deployJava.js HTTP 302
https://www.java.com/js/deployJava.js

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 461b9544449079aa Show response
hr-dept.io/ 4 KB
1 KB 33ms
21ms Document
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

6d4f79ae976b0b70a8589e794e5a2606cbb78d3d81e4353dfbc8cbae2ab42a1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 04 Dec 2024 01:01:20 GMT
etag: W/"6d4f79ae976b0b70a8589e794e5a2606"
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-host-info: lw-prod-ap-i-024ea17cb88d0adb6 ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
x-permitted-cross-domain-policies: none
x-request-id: b7218dfa-8b67-4296-a496-392e35772367
x-runtime: 0.015619
x-xss-protection: 1; mode=block

GET alt_pixel_click_1b95449079.gif
hr-dept.io/ 0
0

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 864ms
303ms Script
text/javascript 3.5.10.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=1b95449079&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d
Requested by: Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.10.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/

Response headers

ETag: "00a513f07603df01e3b99be00f370754"
x-amz-version-id: null
x-amz-request-id: DFKGHB00PH6YVM6H
Accept-Ranges: bytes
Content-Length: 50085
Date: Wed, 04 Dec 2024 01:01:22 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Content-Type: text/javascript
Server: AmazonS3
x-amz-id-2: 8j/l5xTMsvkUOjpM0whJZQp2SXFL24cW2DPgrejlmEvXHu8MOcwYh7VOhQk5XVFZQ+v1wE57/1/pSU/HvXFGfg==

GET
H/1.1 200
OK java.js Show response
tslp.s3.amazonaws.com/detect/ 50 KB
50 KB 861ms
300ms Script
text/javascript 3.5.10.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/java.js?guid=1b95449079&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d
Requested by: Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.10.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/

Response headers

ETag: "2bec0061039dc3fb25fc20aaf611d5b9"
x-amz-version-id: null
x-amz-request-id: DFKVBPA1F20SY4BX
Accept-Ranges: bytes
Content-Length: 50717
Date: Wed, 04 Dec 2024 01:01:22 GMT
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
Content-Type: text/javascript
Server: AmazonS3
x-amz-id-2: HlL2UeigR6ANuCg6mRx+K74V+yntqdqhGXa1Ax5DDO3CdxNpHCa/C8iVLXX1xywxE3GlZz+TUIHjjMFN6qcVzA==

GET
H2

200

deployJava.js Show response
www.java.com/js/
Redirect Chain

https://java.com/js/deployJava.js
https://www.java.com/js/deployJava.js

18 KB
6 KB

37ms
21ms

Script
application/javascript

2600:1415:11::1720:5bf
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.java.com/js/deployJava.js

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Server

2600:1415:11::1720:5bf Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400;includeSubDomains;preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/

Response headers

content-encoding: gzip
etag: "D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19"
x-content-type-options: nosniff, nosniff
expires: Thu, 05 Dec 2024 01:01:21 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1733274081140_387974587_122216509_90_14564_3_0_182";dur=1
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: application/javascript
content-disposition: attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
vary: Accept-Encoding
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
strict-transport-security: max-age=86400;includeSubDomains;preload
cache-control: public, max-age=86400
x-oracle-dms-ecid: 001a9d60-98be-4256-836d-8aa582d79f43-0080f791
accept-ranges: bytes
content-length: 5512
akamai-grn: 0.bb052017.1733274081.748e03d
x-xss-protection: 1
x-oracle-dms-rid: 0

Redirect headers

cache-control: max-age=86400
location: https://www.java.com/js/deployJava.js
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 01:01:21 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1733274081069_387974587_122216483_24_14896_1_32_182";dur=1
content-length: 0
date: Wed, 04 Dec 2024 01:01:21 GMT
akamai-grn: 0.bb052017.1733274081.748e023
x-xss-protection: 1
server: AkamaiGHost

GET
H/1.1 200
OK flash.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 853ms
298ms Script
text/javascript 3.5.10.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/flash.js?guid=1b95449079&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d
Requested by: Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.10.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/

Response headers

ETag: "f9ad9a096894ba248e4a1f73e7eba1be"
x-amz-version-id: null
x-amz-request-id: DFKYJ7EW1J66ECJB
Accept-Ranges: bytes
Content-Length: 6680
Date: Wed, 04 Dec 2024 01:01:22 GMT
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
Content-Type: text/javascript
Server: AmazonS3
x-amz-id-2: xy4ubYgw20WfPuqWH+rIl0yZC5uDZ1xS288TTjbeIgDeZGwNfjJh4Tca65g0W7L3H3PvFpQXCVybn7VWBOsfKg==

GET
H/1.1 200
OK pdf.js Show response
tslp.s3.amazonaws.com/detect/ 22 KB
23 KB 860ms
302ms Script
text/javascript 3.5.10.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/pdf.js?guid=1b95449079&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d
Requested by: Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.10.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/

Response headers

ETag: "0d5882d41c8b6e40059c8d9acbcf1518"
x-amz-version-id: null
x-amz-request-id: DFKKR527DDT64VDF
Accept-Ranges: bytes
Content-Length: 22855
Date: Wed, 04 Dec 2024 01:01:22 GMT
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
Content-Type: text/javascript
Server: AmazonS3
x-amz-id-2: 4VtoVi9AKle3Zw8XMuFe79ZNGADOPaWHdxL3kyP4TiEIAhrwznRCPXzPOlR77mHBTYsvTFvi6GMbkOVSb7N4lA==

GET
H/1.1 200
OK quicktime.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 862ms
301ms Script
text/javascript 3.5.10.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=1b95449079&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d
Requested by: Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.10.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/

Response headers

ETag: "ee73f2f47d51116dc40b85a6b57eaf20"
x-amz-version-id: null
x-amz-request-id: DFKG7TFRTE35NZF2
Accept-Ranges: bytes
Content-Length: 6999
Date: Wed, 04 Dec 2024 01:01:22 GMT
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
Content-Type: text/javascript
Server: AmazonS3
x-amz-id-2: 6yzQ1WzTRxDDxTBbXd53MP/VRwaN5hEZFfWvlXA1l94x23dqCUvd6RezLEzZyN4wcUo+2dxHgcJiLPWb2GbD8Q==

GET
H/1.1 200
OK realplayer.js Show response
tslp.s3.amazonaws.com/detect/ 10 KB
10 KB 872ms
311ms Script
text/javascript 3.5.10.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=1b95449079&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d
Requested by: Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.10.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/

Response headers

ETag: "3d7be656672c16a34806c13388410325"
x-amz-version-id: null
x-amz-request-id: DFKNC970M6ZJ28NK
Accept-Ranges: bytes
Content-Length: 9775
Date: Wed, 04 Dec 2024 01:01:22 GMT
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
Content-Type: text/javascript
Server: AmazonS3
x-amz-id-2: LpMIlF+i+s0OO7WuxZe0pdtyzIJKxDhH1xP3QAudX5PxfAjlFmil8fbQZ/iUOqdpsZAQZmJENaKSmvcyXcNA4A==

GET
H/1.1 200
OK silverlight.js Show response
tslp.s3.amazonaws.com/detect/ 4 KB
5 KB 294ms
293ms Script
text/javascript 3.5.10.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=1b95449079&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d
Requested by: Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.10.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/

Response headers

ETag: "e6dd596d2bc204ea573b868b92028c26"
x-amz-version-id: null
x-amz-request-id: DFKHCHHMW7JMF5MW
Accept-Ranges: bytes
Content-Length: 4234
Date: Wed, 04 Dec 2024 01:01:22 GMT
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
Content-Type: text/javascript
Server: AmazonS3
x-amz-id-2: ozfyC7ic+lJNHkHfU4hz/ojgvaO/gGYstlyN6wa0x92IJyWEJASUtqrAGzpsKUlBBYir76j2aGJIAGZi8MPd5w==

GET
H/1.1 200
OK wmp.js Show response
tslp.s3.amazonaws.com/detect/ 6 KB
6 KB 299ms
299ms Script
text/javascript 3.5.10.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/wmp.js?guid=1b95449079&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d
Requested by: Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.10.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/

Response headers

ETag: "ffd2cc77bb64d40beeb5d561fffe1f79"
x-amz-version-id: null
x-amz-request-id: DFKY0VFWHMAG8MQF
Accept-Ranges: bytes
Content-Length: 5941
Date: Wed, 04 Dec 2024 01:01:22 GMT
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
Content-Type: text/javascript
Server: AmazonS3
x-amz-id-2: mPIOmnFdw18/WFTwWF+O0TIbFOrMSC3D/bZtFVTAJdEJ4Js15IRL3Vw7wZfrd6xlC0uDxJMq4hkNHszd9LtTuw==

GET
H2 200 jquery.min.js Show response
hr-dept.io/assets/ajax/libs/jquery/1.9.1/ 90 KB
32 KB 10ms
9ms Script
application/javascript 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hr-dept.io/assets/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by: Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

cache-control: max-age=315360000, public
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Wed, 04 Dec 2024 01:01:20 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 13:21:20 GMT
vary: Accept-Encoding
server: ThreatSim-Web-Server

GET
H2 200 all.js Show response
hr-dept.io/assets/ 28 KB
7 KB 4ms
3ms Script
application/javascript 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hr-dept.io/assets/all.js?g=1b95449079
Requested by: Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

cache-control: max-age=315360000, public
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7191
date: Wed, 04 Dec 2024 01:01:20 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 13:21:21 GMT
vary: Accept-Encoding
server: ThreatSim-Web-Server

POST
H2 200 browser_post Show response
hr-dept.io/secure/ 0
487 B 15ms
13ms XHR
image/gif 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hr-dept.io/secure/browser_post

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/assets/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hr-dept.io/461b9544449079aa?l=12
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-request-id: b7917c80-242a-4c45-947e-bf28db59d826
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0088aaf247d5e7098, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: image/gif; charset=utf-8
vary: Accept-Encoding, Accept
x-runtime: 0.008474
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 8ms
6ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 44875656-fd71-4e92-a5e9-c110aba752af
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0a4c1a4c5d58e58cc, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.002031
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 9ms
7ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 462d1b39-f43f-48e1-b17c-71e331736a03
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-024ea17cb88d0adb6, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001827
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 6ms
6ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: d47ad6cb-daeb-4265-b39f-ad10908729df
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0c66942e838062248, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001838
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 6ms
6ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: d2e249eb-3e78-4b84-9b64-3dcbe439a364
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0088aaf247d5e7098, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001593
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 6ms
6ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=BrowserDetect%20-%20browser_version%20%3D%20131&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 06b9aa81-64fa-4976-9a2c-d4b15aca8500
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0a4c1a4c5d58e58cc, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001702
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 7ms
6ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 8f5a72e3-ce13-48a7-adac-db82524c60fb
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0c66942e838062248, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001910
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 7ms
7ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 3a9b91ff-c58a-4d9f-b9ff-3a4362efe59e
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-024ea17cb88d0adb6, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.002019
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 7ms
6ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=BrowserDetect%20-%20language%20%3D%20en-AU&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 280c007f-2585-4b7d-9da0-901ba679ae43
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0088aaf247d5e7098, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001926
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 7ms
7ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 65d5cf87-25e0-4274-8731-481c673b076d
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0a4c1a4c5d58e58cc, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001464
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 7ms
6ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: e42beeba-34cd-4e69-8415-e517a47d8b21
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-024ea17cb88d0adb6, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001898
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 5ms
5ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 78868df9-1f27-421f-ae02-1b53573dc407
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0088aaf247d5e7098, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001627
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 6ms
6ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=BrowserDetect%20-%20plugin%20PDF%20Viewer&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: b70e9742-05f5-4a37-b852-74157b0f3e47
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0c66942e838062248, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001725
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 6ms
5ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: ff81ef7c-01e4-44dd-b465-2203a072ab23
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0a4c1a4c5d58e58cc, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001856
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 7ms
7ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=BrowserDetect%20-%20plugin%20Chromium%20PDF%20Viewer&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 668f79a7-84fd-4c33-a24c-d5426ec219c5
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-024ea17cb88d0adb6, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001594
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 7ms
6ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=BrowserDetect%20-%20plugin%20Microsoft%20Edge%20PDF%20Viewer&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: ca8c7553-4625-4c9d-93ba-0a958af140c2
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0c66942e838062248, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001704
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 5ms
5ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 0c5920a4-4a98-4386-9ca0-0f29d966d8e2
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0088aaf247d5e7098, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001916
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 6ms
6ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 9ae00bdb-743f-4a53-bd30-011a5e2ae79d
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0a4c1a4c5d58e58cc, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001873
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 7ms
7ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: ce587e86-c31b-47c7-a486-ebd81a70f453
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-024ea17cb88d0adb6, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001967
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 5ms
5ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=java_version_pl%20%3D%20unknown&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 19224868-cc61-4bb7-bb76-b819d9fb16ce
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0c66942e838062248, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001845
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 7ms
6ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 02280928-20bd-488e-ab7d-a78f5d45f742
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0088aaf247d5e7098, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001685
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 6ms
6ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=java_version_jres%20%3D%20unknown&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: f9624fbc-2644-426e-902e-0144f0826889
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0a4c1a4c5d58e58cc, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001901
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 8ms
8ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=java_version%20%3D%20undefined&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 3ae56a47-3138-4b16-af7d-107b6792c784
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-024ea17cb88d0adb6, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001815
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 7ms
6ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=Loading%20flash%20version&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: e2ba99cb-3a44-4a86-99f2-8b4f94f45319
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0c66942e838062248, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001796
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 7ms
5ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=flash%20%3D%20unknown&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 02ffca95-32fe-4e01-8802-8cb1dd357e3d
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0088aaf247d5e7098, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001754
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 8ms
6ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=Loading%20pdf%20version&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: cd345a97-c0a4-47f8-8bf9-4e4ac82d3985
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0a4c1a4c5d58e58cc, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.002231
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 9ms
7ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 8382943d-149c-4044-b3a0-9aaccac2dcbe
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-024ea17cb88d0adb6, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.002319
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 12ms
10ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=pdf%20%3D%20unknown&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 7f528d62-b237-42f0-8cd8-c83ab1523695
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0c66942e838062248, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.002220
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 8ms
6ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=Loading%20quicktime%20version&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 039cecec-6deb-4240-a4e3-6ab6a8f09867
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0088aaf247d5e7098, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001630
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 11ms
9ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=quicktime%20%3D%20unknown&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: c8e4640d-d32b-412e-a8f9-7adf12bb38dd
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0088aaf247d5e7098, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001376
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
465 B 9ms
7ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=Loading%20RealPlayer%20version&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 5bc62ba9-ac5d-419e-81c0-6f49a02ab2ed
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0a4c1a4c5d58e58cc, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.002298
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 11ms
9ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=realplayer%20%3D%20unknown&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 93ac6cfb-56d8-4edf-934a-6ebd15a60296
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-024ea17cb88d0adb6, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.002626
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 11ms
10ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=Loading%20Silverlight%20version&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: fe8ba071-d155-47a7-bc1a-0d43eec38497
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0a4c1a4c5d58e58cc, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.002620
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 10ms
9ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=silverlight%20%3D%20unknown&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 8cf6e97a-06fc-4b46-9de7-354080e9dd8d
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0c66942e838062248, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.002879
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 12ms
11ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: e76fd332-7dfa-4ca2-9e97-87c9fef32595
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0a4c1a4c5d58e58cc, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001778
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
467 B 13ms
11ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=wmp%20%3D%20unknown&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 33b71086-b73f-450d-bd8b-1b32bbbb154a
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-024ea17cb88d0adb6, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001852
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 14ms
12ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=redirecting%20to%20https%3A%2F%2Fqantas-group.com%2FJIYFU%2FQA%2Fqg.html&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: 05f85688-1517-42e7-a1c8-ffe642b8ba7c
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0c66942e838062248, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001735
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 trace
hr-dept.io/ 0
466 B 14ms
12ms Image
text/html 52.63.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr-dept.io/trace?id=1b95449079&msg=browser_post_successful&correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Requested by

Host: hr-dept.io
URL: https://hr-dept.io/461b9544449079aa?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.112.4 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-112-4.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hr-dept.io/461b9544449079aa?l=12

Response headers

x-request-id: da46e12d-b78b-4904-9a86-97592cf5ac3a
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-host-info: lw-prod-ap-i-0088aaf247d5e7098, ; 0da5ba7d895b06faeafb82a0cb17eda7e84d5ead
date: Wed, 04 Dec 2024 01:01:21 GMT
content-type: text/html
vary: Accept-Encoding
x-runtime: 0.001870
x-frame-options: SAMEORIGIN
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: ThreatSim-Web-Server

GET
H2 200 Primary Request qg.html Show response
qantas-group.com/JIYFU/QA/ 5 KB
2 KB 74ms
17ms Document
text/html 202.74.70.115
ISEEK-AS-AP iseek...

General

Check archive.org

Show headers Download Go to

Full URL: https://qantas-group.com/JIYFU/QA/qg.html
Requested by: Host: hr-dept.io
URL: https://hr-dept.io/assets/all.js?g=1b95449079
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.74.70.115 , Australia, ASN9723 (ISEEK-AS-AP iseek Communications Pty Ltd, AU),
Reverse DNS: host40.conetix.com.au
Software: nginx / PleskLin
Resource Hash: 6b46ddae8a96cf7713cc57439a3160ccdeea1279ac5d17376f71718839eeab46

Request headers

Referer: https://hr-dept.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: text/html
date: Wed, 04 Dec 2024 01:01:23 GMT
etag: W/"674e47a6-12c0"
last-modified: Mon, 02 Dec 2024 23:49:58 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PleskLin

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 404ms
151ms Script
application/javascript 2404:6800:4004:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-130663057-1

Requested by

Host: qantas-group.com
URL: https://qantas-group.com/JIYFU/QA/qg.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c267994f8faacfba1c589acdc8f1a1700a1a25296259eb09ccb1d356a16e5e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qantas-group.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 04 Dec 2024 01:01:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 01:01:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 04 Dec 2024 00:35:44 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81569
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 singlePageTemplate.css
qantas-group.com/css/ 8 KB
2 KB 17ms
15ms Stylesheet
text/css 202.74.70.115
ISEEK-AS-AP iseek...

General

Check archive.org

Show headers Download Go to

Full URL: https://qantas-group.com/css/singlePageTemplate.css
Requested by: Host: qantas-group.com
URL: https://qantas-group.com/JIYFU/QA/qg.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.74.70.115 , Australia, ASN9723 (ISEEK-AS-AP iseek Communications Pty Ltd, AU),
Reverse DNS: host40.conetix.com.au
Software: nginx / PleskLin
Resource Hash: 4c75c1fbdd33a001501137a6abe430c98decaaf288d81b19fa5311b3de40b616

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qantas-group.com/JIYFU/QA/qg.html

Response headers

content-encoding: br
etag: W/"6746ae91-21df"
date: Wed, 04 Dec 2024 01:01:23 GMT
content-type: text/css
x-powered-by: PleskLin
server: nginx
last-modified: Wed, 27 Nov 2024 05:30:57 GMT
vary: Accept-Encoding

GET
H2 200 Top_Banner_QA.png
qantas-group.com/JIYFU/QA/Images/ 34 KB
35 KB 29ms
28ms Image
image/png 202.74.70.115
ISEEK-AS-AP iseek...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qantas-group.com/JIYFU/QA/Images/Top_Banner_QA.png
Requested by: Host: qantas-group.com
URL: https://qantas-group.com/JIYFU/QA/qg.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.74.70.115 , Australia, ASN9723 (ISEEK-AS-AP iseek Communications Pty Ltd, AU),
Reverse DNS: host40.conetix.com.au
Software: nginx / PleskLin
Resource Hash: 52e59b60b84228c2fa9798b1974e22bcfefcf358d7df7e07af482bfcc4e75f1f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qantas-group.com/JIYFU/QA/qg.html

Response headers

etag: "674e3b6d-8961"
accept-ranges: bytes
content-length: 35169
date: Wed, 04 Dec 2024 01:01:23 GMT
content-type: image/png
last-modified: Mon, 02 Dec 2024 22:57:49 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 QA_Email.png
qantas-group.com/JIYFU/QA/Images/ 95 KB
95 KB 41ms
40ms Image
image/png 202.74.70.115
ISEEK-AS-AP iseek...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qantas-group.com/JIYFU/QA/Images/QA_Email.png
Requested by: Host: qantas-group.com
URL: https://qantas-group.com/JIYFU/QA/qg.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.74.70.115 , Australia, ASN9723 (ISEEK-AS-AP iseek Communications Pty Ltd, AU),
Reverse DNS: host40.conetix.com.au
Software: nginx / PleskLin
Resource Hash: 54beb2cdcf552219b60034eb802c54b2dc6c17f3b750ebc5ea6b92eb21ab5704

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qantas-group.com/JIYFU/QA/qg.html

Response headers

etag: "674e4365-17c94"
accept-ranges: bytes
content-length: 97428
date: Wed, 04 Dec 2024 01:01:23 GMT
content-type: image/png
last-modified: Mon, 02 Dec 2024 23:31:49 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 QLogo.png
qantas-group.com/JIYFU/QA/Images/ 2 KB
3 KB 34ms
33ms Image
image/png 202.74.70.115
ISEEK-AS-AP iseek...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qantas-group.com/JIYFU/QA/Images/QLogo.png
Requested by: Host: qantas-group.com
URL: https://qantas-group.com/JIYFU/QA/qg.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.74.70.115 , Australia, ASN9723 (ISEEK-AS-AP iseek Communications Pty Ltd, AU),
Reverse DNS: host40.conetix.com.au
Software: nginx / PleskLin
Resource Hash: 851bd703cd7017e79c4951c1b377e5a381f82627b1c7623fa7b45729d812babf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qantas-group.com/JIYFU/QA/qg.html

Response headers

etag: "674e3b6d-9e5"
accept-ranges: bytes
content-length: 2533
date: Wed, 04 Dec 2024 01:01:23 GMT
content-type: image/png
last-modified: Mon, 02 Dec 2024 22:57:49 GMT
server: nginx
x-powered-by: PleskLin

GET source-sans-pro:n2:default.js
use.edgefonts.net/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 330 KB
109 KB 158ms
158ms Script
application/javascript 2404:6800:4004:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FXWQE86JS9&l=dataLayer&cx=c&gtm=457e4bk0za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-130663057-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6181e05f60916393f63ccfd5a4e24c039685dddac683e7ece8647e5c734d76a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qantas-group.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 04 Dec 2024 01:01:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 01:01:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 111613
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 104ms
2ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-130663057-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qantas-group.com/

Response headers

content-encoding: gzip
age: 6327
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 04 Dec 2024 01:15:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 23:15:56 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
419 B 101ms
100ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=968871834&t=pageview&_s=1&dl=https%3A%2F%2Fqantas-group.com%2FJIYFU%2FQA%2Fqg.html&dr=https%3A%2F%2Fhr-dept.io%2F&ul=en-au&de=UTF-8&dt=Phishing%20Simulation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1843805825&gjid=501696147&cid=1860835606.1733274084&tid=UA-130663057-1&_gid=440755811.1733274084&_r=1&gtm=457e4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&jsscut=1&z=142936617

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://qantas-group.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 01:01:23 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://qantas-group.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 193ms
193ms Fetch
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FXWQE86JS9&gtm=45je4bk0v9104536927za200&_p=1733274083039&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=1860835606.1733274084&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1733274083&sct=1&seg=0&dl=https%3A%2F%2Fqantas-group.com%2FJIYFU%2FQA%2Fqg.html&dr=https%3A%2F%2Fhr-dept.io%2F&dt=Phishing%20Simulation&en=page_view&_fv=1&_ss=1&tfd=1066
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FXWQE86JS9&l=dataLayer&cx=c&gtm=457e4bk0za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qantas-group.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://qantas-group.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 01:01:24 GMT
content-type: text/plain
server: Golfe2

GET
H2 404 favicon.ico
qantas-group.com/ 808 B
536 B 15ms
15ms Other
text/html 202.74.70.115
ISEEK-AS-AP iseek...

General

Check archive.org

Show headers Download Go to

Full URL: https://qantas-group.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.74.70.115 , Australia, ASN9723 (ISEEK-AS-AP iseek Communications Pty Ltd, AU),
Reverse DNS: host40.conetix.com.au
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qantas-group.com/JIYFU/QA/qg.html

Response headers

content-encoding: br
etag: W/"328-6006a2f9c5a4e"
referrer-policy: same-origin
date: Wed, 04 Dec 2024 01:01:24 GMT
content-type: text/html
vary: Accept-Encoding
server: nginx
last-modified: Fri, 14 Jul 2023 03:38:45 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hr-dept.io
URL: https://hr-dept.io:49153/alt_pixel_click_1b95449079.gif?correlation_id=079531f5-9c69-4178-afd8-2cf71458b14d

Domain: use.edgefonts.net
URL: http://use.edgefonts.net/source-sans-pro:n2:default.js

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hr-dept.io/	1969-12-31 23:59:59	Name: EXFILGUID Value: 1b95449079
hr-dept.io/	1969-12-31 23:59:59	Name: link_clicked_1b95449079 Value: 1
java.com/	1970-01-21 01:27:54	Name: akaalb_OCE_Failover Value: 1733274141~op=JCOM_OCE:oceProdappJcomProdOrigin\|~rv=32~m=oceProdappJcomProdOrigin:0\|~os=2708f36cb43ca861e42dc0215e4669c5~id=10e62a54616c745aafdecd3ddb53d329
www.java.com/	1970-01-21 01:27:54	Name: akaalb_OCE_Failover Value: 1733274141~op=JCOM_OCE:oceProdappJcomProdOrigin\|~rv=91~m=oceProdappJcomProdOrigin:0\|~os=2708f36cb43ca861e42dc0215e4669c5~id=4fc3627db8bc0c36281fd1820c568063
.qantas-group.com/	1970-01-21 01:29:20	Name: _gid Value: GA1.2.440755811.1733274084
.qantas-group.com/	1970-01-21 01:27:54	Name: _gat_gtag_UA_130663057_1 Value: 1
.qantas-group.com/	1970-01-21 11:03:54	Name: _ga_FXWQE86JS9 Value: GS1.1.1733274083.1.0.1733274083.0.0.0
.qantas-group.com/	1970-01-21 11:03:54	Name: _ga Value: GA1.1.1860835606.1733274084

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://qantas-group.com/JIYFU/QA/qg.html Message: Mixed Content: The page at 'https://qantas-group.com/JIYFU/QA/qg.html' was loaded over HTTPS, but requested an insecure script 'http://use.edgefonts.net/source-sans-pro:n2:default.js'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://qantas-group.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hr-dept.io
java.com
qantas-group.com
tslp.s3.amazonaws.com
use.edgefonts.net
www.google-analytics.com
www.googletagmanager.com
www.java.com
hr-dept.io
use.edgefonts.net
2001:4860:4802:34::178
202.74.70.115
2404:6800:4004:813::2008
2600:1415:11::1720:5bf
3.5.10.11
52.63.112.4
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
4c75c1fbdd33a001501137a6abe430c98decaaf288d81b19fa5311b3de40b616
52e59b60b84228c2fa9798b1974e22bcfefcf358d7df7e07af482bfcc4e75f1f
54beb2cdcf552219b60034eb802c54b2dc6c17f3b750ebc5ea6b92eb21ab5704
6181e05f60916393f63ccfd5a4e24c039685dddac683e7ece8647e5c734d76a2
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19
6b46ddae8a96cf7713cc57439a3160ccdeea1279ac5d17376f71718839eeab46
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d4f79ae976b0b70a8589e794e5a2606cbb78d3d81e4353dfbc8cbae2ab42a1a
851bd703cd7017e79c4951c1b377e5a381f82627b1c7623fa7b45729d812babf
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c267994f8faacfba1c589acdc8f1a1700a1a25296259eb09ccb1d356a16e5e6f
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

qantas-group.com Open in urlscan Pro 202.74.70.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

95 %HTTPS

50 %IPv6

7 Domains

8 Subdomains

7 IPs

2 Countries

569 kBTransfer

1044 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

qantas-group.com Open in urlscan Pro
202.74.70.115 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

95 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

569 kB
Transfer

1044 kB
Size

8
Cookies

63 HTTP transactions
0 data transactions