employee.samuelsre.com Open in urlscan Pro
104.219.72.98 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://employee.samuelsre.com/
Submission: On August 24 via automatic, source certstream-suspicious (August 24th 2024, 2:59:49 am UTC) — Scanned from IT

Summary HTTP 10 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 104.219.72.98, located in Chicago, United States and belongs to LAYERSHIFT-NETWORKS, GB. The main domain is employee.samuelsre.com.
TLS certificate: Issued by R11 on August 23rd 2024. Valid for: 3 months.

This is the only time employee.samuelsre.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
10	104.219.72.98 104.219.72.98		211675 (LAYERSHIF...) (LAYERSHIFT-NETWORKS)
10	1

10 104.219.72.98 (Chicago, United States)

ASN211675 (LAYERSHIFT-NETWORKS, GB)
PTR: sam-web01.us.plesk-server.com

employee.samuelsre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	samuelsre.com employee.samuelsre.com	227 KB
10	1

	Domain	Requested by
10	employee.samuelsre.com	employee.samuelsre.com
10	1

This site contains links to these domains. Also see Links.

Domain
www.samuelsre.com
samuelsandassociates.easecentral.com

Subject Issuer	Validity	Valid
samuelsre.com R11	`2024-08-23` - `2024-11-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://employee.samuelsre.com/
Frame ID: 2CA6E2EDE8DE0262449283B86420045F
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HR Portal

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

227 kB
Transfer

357 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.samuelsre.com/
Title: Back to Samuelsre.com

Search URL Search Domain Scan URL

URL: https://samuelsandassociates.easecentral.com/?CCh5DmKolLIXrWjfVuX7nA==_2517a82cc29415d44309d582250ac8a214728d788298e9e98e3d1d8b30b83380ec
Title: link

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response employee.samuelsre.com/	33 KB 9 KB	646ms 253ms	Document text/html	104.219.72.98 LAYERSHIFT-NETWORKS
General Check archive.org Show headers Download Go to Full URL https://employee.samuelsre.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.219.72.98 Chicago, United States, ASN211675 (LAYERSHIFT-NETWORKS, GB), Reverse DNS sam-web01.us.plesk-server.com Software nginx / PHP/7.2.34 PleskLin Resource Hash `47732fba80dae44cc1eb3b93508ae36b002416d3fe84da1339f7fde78e44a560` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers content-encoding br content-type text/html; charset=UTF-8 date Sat, 24 Aug 2024 02:59:44 GMT link <https://employee.samuelsre.com/wp-json/>; rel="https://api.w.org/", <https://employee.samuelsre.com/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json", <https://employee.samuelsre.com/>; rel=shortlink server nginx vary Accept-Encoding x-powered-by PHP/7.2.34 PleskLin
GET H2	200	style.min.css employee.samuelsre.com/wp-includes/css/dist/block-library/	87 KB 11 KB	164ms 162ms	Stylesheet text/css	104.219.72.98 LAYERSHIFT-NETWORKS
General Check archive.org Show headers Download Go to Full URL https://employee.samuelsre.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0 Requested by Host: employee.samuelsre.com URL: https://employee.samuelsre.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.219.72.98 Chicago, United States, ASN211675 (LAYERSHIFT-NETWORKS, GB), Reverse DNS sam-web01.us.plesk-server.com Software nginx / PleskLin Resource Hash `d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08` Request headers Referer https://employee.samuelsre.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 24 Aug 2024 02:59:45 GMT content-encoding br last-modified Thu, 30 Jun 2022 17:05:56 GMT server nginx etag W/"62bdd7f4-15b26" x-powered-by PleskLin vary Accept-Encoding content-type text/css cache-control max-age=2592000 expires Mon, 23 Sep 2024 02:59:45 GMT
GET H2	200	app.css employee.samuelsre.com/wp-content/themes/samuelshr/assets/styles/	20 KB 4 KB	164ms 163ms	Stylesheet text/css	104.219.72.98 LAYERSHIFT-NETWORKS
General Check archive.org Show headers Download Go to Full URL https://employee.samuelsre.com/wp-content/themes/samuelshr/assets/styles/app.css?ver=1.017 Requested by Host: employee.samuelsre.com URL: https://employee.samuelsre.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.219.72.98 Chicago, United States, ASN211675 (LAYERSHIFT-NETWORKS, GB), Reverse DNS sam-web01.us.plesk-server.com Software nginx / PleskLin Resource Hash `31e39ba394ec3aa821a40c39b6e15cb63963b25499d88efdbfa131d2d958fc9c` Request headers Referer https://employee.samuelsre.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 24 Aug 2024 02:59:45 GMT content-encoding br last-modified Wed, 09 Jan 2019 15:37:03 GMT server nginx etag W/"5c36151f-4e1b" x-powered-by PleskLin vary Accept-Encoding content-type text/css cache-control max-age=2592000 expires Mon, 23 Sep 2024 02:59:45 GMT
GET H2	200	modernizr.js Show response employee.samuelsre.com/wp-content/themes/samuelshr/assets/js/	4 KB 2 KB	164ms 162ms	Script application/javascript	104.219.72.98 LAYERSHIFT-NETWORKS
General Check archive.org Show headers Download Go to Full URL https://employee.samuelsre.com/wp-content/themes/samuelshr/assets/js/modernizr.js?ver=3.0 Requested by Host: employee.samuelsre.com URL: https://employee.samuelsre.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.219.72.98 Chicago, United States, ASN211675 (LAYERSHIFT-NETWORKS, GB), Reverse DNS sam-web01.us.plesk-server.com Software nginx / PleskLin Resource Hash `2c3f707663485b9d06e00d6440fdfecc50720186f4d75bf23d2014c2c39c2c6a` Request headers Referer https://employee.samuelsre.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 24 Aug 2024 02:59:45 GMT content-encoding br last-modified Wed, 09 Jan 2019 11:48:00 GMT server nginx etag W/"5c35df70-fd0" x-powered-by PleskLin vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Mon, 23 Sep 2024 02:59:45 GMT
GET H2	200	pierce_copy-1024x640.jpg employee.samuelsre.com/wp-content/uploads/sites/2/2019/01/	145 KB 146 KB	257ms 256ms	Image image/jpeg	104.219.72.98 LAYERSHIFT-NETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://employee.samuelsre.com/wp-content/uploads/sites/2/2019/01/pierce_copy-1024x640.jpg Requested by Host: employee.samuelsre.com URL: https://employee.samuelsre.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.219.72.98 Chicago, United States, ASN211675 (LAYERSHIFT-NETWORKS, GB), Reverse DNS sam-web01.us.plesk-server.com Software nginx / PleskLin Resource Hash `26208959abae1e6e9123c2d0f4fd872ab13746995a73edd8a39c6bc758c0029b` Request headers Referer https://employee.samuelsre.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 24 Aug 2024 02:59:45 GMT last-modified Wed, 09 Jan 2019 12:11:21 GMT server nginx etag "5c35e4e9-24588" x-powered-by PleskLin content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes content-length 148872 expires Sun, 24 Aug 2025 02:59:45 GMT
GET H2	200	bundle.js Show response employee.samuelsre.com/wp-content/themes/samuelshr/assets/js/	1 KB 698 B	368ms 368ms	Script application/javascript	104.219.72.98 LAYERSHIFT-NETWORKS
General Check archive.org Show headers Download Go to Full URL https://employee.samuelsre.com/wp-content/themes/samuelshr/assets/js/bundle.js?ver=1.01 Requested by Host: employee.samuelsre.com URL: https://employee.samuelsre.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.219.72.98 Chicago, United States, ASN211675 (LAYERSHIFT-NETWORKS, GB), Reverse DNS sam-web01.us.plesk-server.com Software nginx / PleskLin Resource Hash `ebff3fab0f6a5efd9813192601ecfc1af03eb9ee33d1328cc725d753893ee84e` Request headers Referer https://employee.samuelsre.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 24 Aug 2024 02:59:45 GMT content-encoding br last-modified Wed, 09 Jan 2019 11:47:59 GMT server nginx etag W/"5c35df6f-44f" x-powered-by PleskLin vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Mon, 23 Sep 2024 02:59:45 GMT
GET H2	200	wp-emoji-release.min.js Show response employee.samuelsre.com/wp-includes/js/	18 KB 5 KB	310ms 309ms	Script application/javascript	104.219.72.98 LAYERSHIFT-NETWORKS
General Check archive.org Show headers Download Go to Full URL https://employee.samuelsre.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0 Requested by Host: employee.samuelsre.com URL: https://employee.samuelsre.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.219.72.98 Chicago, United States, ASN211675 (LAYERSHIFT-NETWORKS, GB), Reverse DNS sam-web01.us.plesk-server.com Software nginx / PleskLin Resource Hash `5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782` Request headers Referer https://employee.samuelsre.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 24 Aug 2024 02:59:45 GMT content-encoding br last-modified Thu, 30 Jun 2022 17:05:56 GMT server nginx etag W/"62bdd7f4-48b9" x-powered-by PleskLin vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Mon, 23 Sep 2024 02:59:45 GMT
GET H2	200	1f4274cd-2674-481e-9023-69e33ffca161.woff2 employee.samuelsre.com/wp-content/themes/samuelshr/assets/font/	20 KB 20 KB	301ms 300ms	Font application/font-woff2	104.219.72.98 LAYERSHIFT-NETWORKS
General Check archive.org Show headers Download Go to Full URL https://employee.samuelsre.com/wp-content/themes/samuelshr/assets/font/1f4274cd-2674-481e-9023-69e33ffca161.woff2 Requested by Host: employee.samuelsre.com URL: https://employee.samuelsre.com/wp-content/themes/samuelshr/assets/styles/app.css?ver=1.017 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.219.72.98 Chicago, United States, ASN211675 (LAYERSHIFT-NETWORKS, GB), Reverse DNS sam-web01.us.plesk-server.com Software nginx / PleskLin Resource Hash `caabbed7bc062b2789b6a5b5398118ed1856b4269e6aba9cd13f8da57d80777c` Request headers Referer https://employee.samuelsre.com/wp-content/themes/samuelshr/assets/styles/app.css?ver=1.017 Origin https://employee.samuelsre.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 24 Aug 2024 02:59:45 GMT last-modified Wed, 09 Jan 2019 11:47:55 GMT server nginx etag "5c35df6b-50e0" x-powered-by PleskLin content-type application/font-woff2 cache-control max-age=31536000 accept-ranges bytes content-length 20704 expires Sun, 24 Aug 2025 02:59:45 GMT
GET H2	200	08b57253-2e0d-4c12-9c57-107f6c67bc49.woff2 employee.samuelsre.com/wp-content/themes/samuelshr/assets/font/	28 KB 28 KB	300ms 300ms	Font application/font-woff2	104.219.72.98 LAYERSHIFT-NETWORKS
General Check archive.org Show headers Download Go to Full URL https://employee.samuelsre.com/wp-content/themes/samuelshr/assets/font/08b57253-2e0d-4c12-9c57-107f6c67bc49.woff2 Requested by Host: employee.samuelsre.com URL: https://employee.samuelsre.com/wp-content/themes/samuelshr/assets/styles/app.css?ver=1.017 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.219.72.98 Chicago, United States, ASN211675 (LAYERSHIFT-NETWORKS, GB), Reverse DNS sam-web01.us.plesk-server.com Software nginx / PleskLin Resource Hash `b889c3ba20d61a1dbf81230dcb46989cb433fe33926fbc2da19db0be3279581f` Request headers Referer https://employee.samuelsre.com/wp-content/themes/samuelshr/assets/styles/app.css?ver=1.017 Origin https://employee.samuelsre.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 24 Aug 2024 02:59:45 GMT last-modified Wed, 09 Jan 2019 11:47:56 GMT server nginx etag "5c35df6c-70b8" x-powered-by PleskLin content-type application/font-woff2 cache-control max-age=31536000 accept-ranges bytes content-length 28856 expires Sun, 24 Aug 2025 02:59:45 GMT
GET H2	200	favicon-32x32.png employee.samuelsre.com/	841 B 1 KB	141ms 140ms	Other image/png	104.219.72.98 LAYERSHIFT-NETWORKS
General Check archive.org Show headers Download Go to Full URL https://employee.samuelsre.com/favicon-32x32.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.219.72.98 Chicago, United States, ASN211675 (LAYERSHIFT-NETWORKS, GB), Reverse DNS sam-web01.us.plesk-server.com Software nginx / PleskLin Resource Hash `120d4c95540edea13ba19b66fda253fd1397cb039d05aefc2b149219db5a5b75` Request headers Referer https://employee.samuelsre.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 24 Aug 2024 02:59:45 GMT last-modified Wed, 19 Dec 2018 13:51:29 GMT server nginx x-accel-version 0.01 etag "349-57d604f9e3762" x-powered-by PleskLin content-type image/png cache-control max-age=31536000 accept-ranges bytes content-length 841 expires Sun, 24 Aug 2025 02:59:45 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings object| Modernizr object| twemoji object| wp

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://employee.samuelsre.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

employee.samuelsre.com
104.219.72.98
120d4c95540edea13ba19b66fda253fd1397cb039d05aefc2b149219db5a5b75
26208959abae1e6e9123c2d0f4fd872ab13746995a73edd8a39c6bc758c0029b
2c3f707663485b9d06e00d6440fdfecc50720186f4d75bf23d2014c2c39c2c6a
31e39ba394ec3aa821a40c39b6e15cb63963b25499d88efdbfa131d2d958fc9c
47732fba80dae44cc1eb3b93508ae36b002416d3fe84da1339f7fde78e44a560
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
b889c3ba20d61a1dbf81230dcb46989cb433fe33926fbc2da19db0be3279581f
caabbed7bc062b2789b6a5b5398118ed1856b4269e6aba9cd13f8da57d80777c
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
ebff3fab0f6a5efd9813192601ecfc1af03eb9ee33d1328cc725d753893ee84e

employee.samuelsre.com Open in urlscan Pro 104.219.72.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

227 kBTransfer

357 kBSize

0 Cookies

2 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

employee.samuelsre.com Open in urlscan Pro
104.219.72.98 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

227 kB
Transfer

357 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions