backgroundinvestigation.as.me Open in urlscan Pro
50.112.141.79  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request TI Show response backgroundinvestigation.as.me/	24 KB 9 KB	631ms 229ms	Document text/html	50.112.141.79 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://backgroundinvestigation.as.me/TI Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.112.141.79 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-50-112-141-79.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 9307a0901a4ba46be022daf6f7a316969ca1ef9edb256d4ad2c02751e4052adc Security Headers Name Value Strict-Transport-Security max-age=63072000; preload Request headers :method GET :authority backgroundinvestigation.as.me :scheme https :path /TI pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 200 date Fri, 12 Oct 2018 23:38:50 GMT content-type text/html; charset=UTF-8 set-cookie AWSALB=EWqONhg/EFwJd0Eco9qNWd+9JeYIB773BfxsiA95RUap14R42o08Aj6T2I01XvCGZ4BBIX7ZtYQ9JDjnr73hrqqNz3XMEjKbo7jWnhmKCEgMO75xvK1echsRDgc5; Expires=Fri, 19 Oct 2018 23:38:50 GMT; Path=/ PHPSESSID=tg9kgbls910nc45riqum3r5rr3; expires=Wed, 11-Oct-2023 23:38:50 GMT; Max-Age=157680000; path=/; secure; HttpOnly PHPSESSID=h4a3ubppv6nseamsoum3nvvi26; expires=Wed, 11-Oct-2023 23:38:50 GMT; Max-Age=157680000; path=/; secure; HttpOnly server nginx expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache p3p CP="CAO PSA OUR" vary Accept-Encoding,User-Agent content-encoding gzip strict-transport-security max-age=63072000; preload x-acuity-hostname eb567c5b0be5
GET H/1.1	200 OK	schedule.css d3gxy7nm8y4yjr.cloudfront.net/responsive/css/weekly/	130 KB 34 KB	47ms 7ms	Stylesheet text/css	52.85.182.158 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d3gxy7nm8y4yjr.cloudfront.net/responsive/css/weekly/schedule.css?v=349ccf Requested by Host: backgroundinvestigation.as.me URL: https://backgroundinvestigation.as.me/TI Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.85.182.158 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-52-85-182-158.fra50.r.cloudfront.net Software nginx / Resource Hash 86ae71b2cf2c140ed2999b5ccf5332b4fb6ae990dc4b0697041c82fc6ab8385b Security Headers Name Value Strict-Transport-Security max-age=63072000; preload Request headers Referer https://backgroundinvestigation.as.me/TI User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 12 Oct 2018 20:18:48 GMT Content-Encoding gzip Vary Accept-Encoding Age 12002 X-Cache Hit from cloudfront Connection keep-alive Content-Length 34596 Last-Modified Fri, 12 Oct 2018 20:14:18 GMT Server nginx ETag "31a6-207ca-5780dbb6dda80" Strict-Transport-Security max-age=63072000; preload Content-Type text/css Via 1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront) X-Acuity-Hostname fcfcead7090e Cache-Control max-age=2592000 Accept-Ranges bytes X-Amz-Cf-Id bi45efBiMfSrlbBXMWqGa4-m-iM9gOX0VtL91un5RJj2Vh_qsds7rA== Expires Sun, 11 Nov 2018 20:18:48 GMT
GET H/1.1	200 OK	domtext.js Show response d3jr8soghewg74.cloudfront.net/	112 KB 40 KB	51ms 6ms	Script application/javascript	52.85.182.62 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d3jr8soghewg74.cloudfront.net/domtext.js?11 Requested by Host: backgroundinvestigation.as.me URL: https://backgroundinvestigation.as.me/TI Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.85.182.62 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-52-85-182-62.fra50.r.cloudfront.net Software / Resource Hash 1bdea142b4cc68b0d71ab7fc15eaad707062a52b49b791d7451a53ba8c25151e Request headers Referer https://backgroundinvestigation.as.me/TI User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 20 Aug 2018 18:00:34 GMT Content-Encoding gzip Age 20155 ETag "bf47c2c0a8371603724a0142c304bc905696f69d" Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 3ccfbae98f5816b531634c1e82e45259.cloudfront.net (CloudFront) Cache-Control public, max-age=0, no-cache="set-cookie" Transfer-Encoding chunked Connection keep-alive Accept-Ranges bytes X-Amz-Cf-Id Vr7eI0bVroMBR9MhfZyORBIax76ehVTo2_EgZyeolHviCkdiYHD0YQ==
GET H/1.1	200 OK	EjARwJPiB9DomCrm4.json Show response d3jr8soghewg74.cloudfront.net/v1/transform/	42 B 514 B	57ms 12ms	Script text/x-json	52.85.182.62 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d3jr8soghewg74.cloudfront.net/v1/transform/EjARwJPiB9DomCrm4.json?callback=TransformPage.translateFromObject Requested by Host: backgroundinvestigation.as.me URL: https://backgroundinvestigation.as.me/TI Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.85.182.62 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-52-85-182-62.fra50.r.cloudfront.net Software / Resource Hash 86fb9809daa2ad10b83c3eb5177cb9d842d1b82a5b1ea5b447879916f99c12ad Request headers Referer https://backgroundinvestigation.as.me/TI User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 12 Oct 2018 18:41:53 GMT Content-Encoding gzip Age 17817 Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type text/x-json; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=604800 Transfer-Encoding chunked Connection keep-alive X-Amz-Cf-Id PJu5_67VYiwSf2IWt3rKiQdNrs1oAvMDm13O7xmi6VlERFm9u2Pr7A== Via 1.1 96c175ce63da79b249fc4597809077cc.cloudfront.net (CloudFront)
GET S	200	logo15413896.png acuitys-a299.kxcdn.com/	14 KB 14 KB	428ms 372ms	Image image/png	185.172.148.128 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://acuitys-a299.kxcdn.com/logo15413896.png?1529345418&hasAlpha=1&rectangular=1 Requested by Host: backgroundinvestigation.as.me URL: https://backgroundinvestigation.as.me/TI Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.172.148.128 , Germany, ASN44239 (PROINITY PROINITY, DE), Reverse DNS Software keycdn-engine / Resource Hash 4c6bff533a77d95a80aac86c0d8d436356370c9014c17832d7041d50492e6e27 Request headers Referer https://backgroundinvestigation.as.me/TI User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 12 Oct 2018 23:38:50 GMT x-amz-request-id 38B091531007E139 x-edge-location defr x-cache MISS status 200 content-length 14172 x-amz-id-2 RO2WdeOn2Tc9mCA4n0FXxRwjziP/aoMIwxSkswELsZMOsX3A4ounLddXjLyaGMg5E+5N0YKDJfU= x-shield active last-modified Mon, 18 Jun 2018 18:10:12 GMT server keycdn-engine etag "6a325a8d17a2e8f4a954739228f9d8b1" content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://acuitys.s3.amazonaws.com/logo15413896.png?1529345418&hasAlpha=1&rectangular=1>; rel="canonical" expires Fri, 19 Oct 2018 23:38:50 GMT
GET H/1.1	200 OK	schedule.all.js Show response d3gxy7nm8y4yjr.cloudfront.net/responsive/	582 KB 165 KB	6ms 6ms	Script text/javascript	52.85.182.158 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d3gxy7nm8y4yjr.cloudfront.net/responsive/schedule.all.js?v=349ccf Requested by Host: backgroundinvestigation.as.me URL: https://backgroundinvestigation.as.me/TI Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.85.182.158 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-52-85-182-158.fra50.r.cloudfront.net Software nginx / Resource Hash 7266423b007a1ccb38ab7c75faca38626b01982e34cbfc564130a3e0fe4806f3 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload Request headers Referer https://backgroundinvestigation.as.me/TI User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 12 Oct 2018 20:18:48 GMT Content-Encoding gzip Vary Accept-Encoding Age 12002 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Fri, 12 Oct 2018 20:14:32 GMT Server nginx ETag "854fd-91635-5780dbc437a00" Strict-Transport-Security max-age=63072000; preload Content-Type text/javascript Via 1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront) X-Acuity-Hostname fcfcead7090e Cache-Control max-age=2592000 Accept-Ranges bytes X-Amz-Cf-Id yJyRiJUdz9KDffebDIqfPdD_VpZLkgyifwHfIH8kkPVgm-xpDZscIw== Expires Sun, 11 Nov 2018 20:18:48 GMT
GET S	200	css fonts.googleapis.com/	5 KB 1005 B	37ms 16ms	Stylesheet text/css	2a00:1450:4001:814::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Requested by Host: backgroundinvestigation.as.me URL: https://backgroundinvestigation.as.me/TI Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:814::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash 73ed4957753f475d502c2ee4e56fc072150f9b323be22652c868ef7cb82a926c Security Headers Name Value Strict-Transport-Security max-age=604800 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://backgroundinvestigation.as.me/TI User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=604800 content-encoding gzip last-modified Fri, 12 Oct 2018 23:38:50 GMT server ESF link <https://fonts.gstatic.com>; rel=preconnect; crossorigin status 200 date Fri, 12 Oct 2018 23:38:50 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" x-xss-protection 1; mode=block expires Fri, 12 Oct 2018 23:38:50 GMT
GET S	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2 fonts.gstatic.com/s/sourcesanspro/v11/	13 KB 13 KB	41ms 6ms	Font font/woff2	2a00:1450:4001:814::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v11/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2 Requested by Host: backgroundinvestigation.as.me URL: https://backgroundinvestigation.as.me/TI Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Origin https://backgroundinvestigation.as.me Response headers date Tue, 02 Oct 2018 10:29:25 GMT x-content-type-options nosniff last-modified Wed, 11 Oct 2017 18:25:48 GMT server sffe age 911365 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 12960 x-xss-protection 1; mode=block expires Wed, 02 Oct 2019 10:29:25 GMT
GET S	200	platform.Extensions.js Show response connect.facebook.net/en_US/	145 KB 42 KB	43ms 9ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/platform.Extensions.js Requested by Host: d3gxy7nm8y4yjr.cloudfront.net URL: https://d3gxy7nm8y4yjr.cloudfront.net/responsive/schedule.all.js?v=349ccf Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 73c4c5a9fde3afe29ad2018a7b35f8655ddcf9f695d867a7bba48e8484ec77f8 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://backgroundinvestigation.as.me/TI User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 Ukd+Ue/sDPYBPXl7Ntpk4w== status 200 content-length 42199 x-xss-protection 0 x-fb-debug 3UHf3Rfw9I4OVSIvR0bCBONT7GuP6MO+eB3kLIIVJcYdA83x9C7157I21tifEIywIybVIJArjo9jc/s/IXh6Wg== x-fb-content-md5 ee7cb7928286bf7255c2bdf62d3da076 x-frame-options DENY date Fri, 12 Oct 2018 23:38:50 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 access-control-allow-credentials true etag "8176e5b6edbaca126e5b680c9f5292c6" content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; timing-allow-origin * expires Fri, 12 Oct 2018 23:45:05 GMT
POST H2	200	schedule.php Show response backgroundinvestigation.as.me/	5 KB 1 KB	397ms 396ms	XHR text/html	50.112.141.79 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://backgroundinvestigation.as.me/schedule.php?action=showCalendar&fulldate=1&owner=15413896&template=weekly Requested by Host: d3gxy7nm8y4yjr.cloudfront.net URL: https://d3gxy7nm8y4yjr.cloudfront.net/responsive/schedule.all.js?v=349ccf Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.112.141.79 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-50-112-141-79.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 6b47b4debba70814507152052f58ba4a218c05a98ff958c321c3692543f001af Security Headers Name Value Strict-Transport-Security max-age=63072000; preload Request headers :path /schedule.php?action=showCalendar&fulldate=1&owner=15413896&template=weekly pragma no-cache cookie AWSALB=EWqONhg/EFwJd0Eco9qNWd+9JeYIB773BfxsiA95RUap14R42o08Aj6T2I01XvCGZ4BBIX7ZtYQ9JDjnr73hrqqNz3XMEjKbo7jWnhmKCEgMO75xvK1echsRDgc5; PHPSESSID=h4a3ubppv6nseamsoum3nvvi26; TrackJS=d3448b80-cd72-4c4d-af16-81453820f7c0 origin https://backgroundinvestigation.as.me accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 content-type application/x-www-form-urlencoded; charset=UTF-8 accept */* cache-control no-cache :authority backgroundinvestigation.as.me x-requested-with XMLHttpRequest :scheme https referer https://backgroundinvestigation.as.me/TI content-length 117 :method POST Accept */* Referer https://backgroundinvestigation.as.me/TI Origin https://backgroundinvestigation.as.me X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Fri, 12 Oct 2018 23:38:51 GMT content-encoding gzip server nginx vary Accept-Encoding,User-Agent p3p CP="CAO PSA OUR" status 200 set-cookie AWSALB=wx+k3f67tapNgZPAl1pbl7NTa0jx8/m+0aUlZBgHyrJCZM5Sixlj1LWnfYYbCsDwde6vIqZvGPpUGfRKXpedlS+wJ07EnqvAfA9OpNTL3+NjC6aiKsK8VstE8GPa; Expires=Fri, 19 Oct 2018 23:38:50 GMT; Path=/ x-acuity-hostname eb567c5b0be5 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 strict-transport-security max-age=63072000; preload content-type text/html; charset=UTF-8 content-length 794 expires Thu, 19 Nov 1981 08:52:00 GMT
GET S	200	6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2 fonts.gstatic.com/s/sourcesanspro/v11/	13 KB 13 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:814::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v11/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2 Requested by Host: d3gxy7nm8y4yjr.cloudfront.net URL: https://d3gxy7nm8y4yjr.cloudfront.net/responsive/schedule.all.js?v=349ccf Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 4a58441133d85539974e4b136c25eaa5512ac1b018d4f6d53124a08c6f19b55e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Origin https://backgroundinvestigation.as.me Response headers date Tue, 02 Oct 2018 10:29:25 GMT x-content-type-options nosniff last-modified Wed, 11 Oct 2017 18:25:50 GMT server sffe age 911365 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 12916 x-xss-protection 1; mode=block expires Wed, 02 Oct 2019 10:29:25 GMT
GET H/1.1	200 OK	usage.gif usage.trackjs.com/	43 B 229 B	349ms 84ms	Image image/gif	162.243.1.175 DigitalOcean
General Check archive.org Show headers Download Go to Show image Full URL https://usage.trackjs.com/usage.gif?token=fbe49d5762cf4560847a05563bd04720&correlationId=d3448b80-cd72-4c4d-af16-81453820f7c0&application=client&x=04ec31b1-efc3-4eac-86d8-137a4cf882dc& Requested by Host: backgroundinvestigation.as.me URL: https://backgroundinvestigation.as.me/TI Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.243.1.175 New York, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US), Reverse DNS usage.trackjs.com Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://backgroundinvestigation.as.me/TI User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 12 Oct 2018 23:38:51 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET S	200	nr-1099.min.js Show response js-agent.newrelic.com/	23 KB 9 KB	46ms 6ms	Script application/javascript	151.101.2.110 Fastly
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-1099.min.js Requested by Host: backgroundinvestigation.as.me URL: https://backgroundinvestigation.as.me/TI Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software AmazonS3 / Resource Hash 685e511070d7d36ad071ea39c387547c95bf064727890a3e9abf1d0283184794 Request headers Referer https://backgroundinvestigation.as.me/TI User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 12 Oct 2018 23:38:51 GMT content-encoding gzip x-amz-request-id 0F91A44CB8BB51BA x-cache HIT status 200 content-length 9139 x-amz-id-2 1kVBDajyPe9yNfvcIt7CQoQq0Tgjcvk5nnkBUcfzhmZSMr1SxtHUg5CkTFq+7J8h180I4bkn1Zg= x-served-by cache-fra19136-FRA last-modified Tue, 02 Oct 2018 02:58:53 GMT server AmazonS3 x-timer S1539387531.121700,VS0,VE0 etag "eed931ffe2a555a310715cf8678d32f5" vary Accept-Encoding content-type application/javascript via 1.1 varnish cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 12639
GET H/1.1	200 OK	fontawesome-webfont.woff2 d3gxy7nm8y4yjr.cloudfront.net/responsive/fonts/	55 KB 56 KB	34ms 7ms	Font application/font-woff2	52.85.182.174 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d3gxy7nm8y4yjr.cloudfront.net/responsive/fonts/fontawesome-webfont.woff2?v=4.3.0 Requested by Host: d3gxy7nm8y4yjr.cloudfront.net URL: https://d3gxy7nm8y4yjr.cloudfront.net/responsive/schedule.all.js?v=349ccf Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.85.182.174 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-52-85-182-174.fra50.r.cloudfront.net Software nginx / Resource Hash aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c Security Headers Name Value Strict-Transport-Security max-age=63072000; preload Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://d3gxy7nm8y4yjr.cloudfront.net/responsive/css/weekly/schedule.css?v=349ccf Origin https://backgroundinvestigation.as.me Response headers Date Wed, 19 Sep 2018 00:06:26 GMT Content-Encoding gzip Vary Accept-Encoding Age 2071945 X-Cache Hit from cloudfront Connection keep-alive Content-Length 56777 Access-Control-Allow-Origin * Last-Modified Tue, 19 Jun 2018 21:17:42 GMT Server nginx ETag "65e70-ddcc-56f05366a2980" Strict-Transport-Security max-age=63072000; preload Content-Type application/font-woff2 Via 1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront) X-Acuity-Hostname 819cb0ac6bd2 Cache-Control max-age=31536000 Accept-Ranges bytes X-Amz-Cf-Id s0cJQpAgkrshZN1DoezH7qz2_G8dTtSPQnp2hUrJz53ofblzH6hChQ== Expires Thu, 19 Sep 2019 00:06:26 GMT
GET H/1.1	200 OK	e7043daa18 Show response bam.nr-data.net/1/	57 B 261 B	438ms 108ms	Script text/javascript	162.247.242.18 New Relic
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/e7043daa18?a=94234327&v=1099.d27c17c&to=ZlQBZxYHXBACUhcMXl8eNkENSVELBlIINlleQxdaARUcEwtB&rst=1251&ref=https://backgroundinvestigation.as.me/TI&ap=51&be=651&fe=1200&dc=861&perf=%7B%22timing%22:%7B%22of%22:1539387529880,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:23,%22c%22:23,%22s%22:209,%22ce%22:401,%22rq%22:401,%22rp%22:630,%22rpe%22:768,%22dl%22:646,%22di%22:860,%22ds%22:860,%22de%22:866,%22dc%22:1199,%22l%22:1199,%22le%22:1200%7D,%22navigation%22:%7B%7D%7D&at=ShMWEV4dT09BUEFfSkxM&jsonp=NREUM.setToken Requested by Host: js-agent.newrelic.com URL: https://js-agent.newrelic.com/nr-1099.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US), Reverse DNS bam-6.nr-data.net Software / Resource Hash 33c3bf91a25c2b7a355ab82043af5b30efd739892586c6fef51a740c1429265d Request headers Referer https://backgroundinvestigation.as.me/TI User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Expires Thu, 01 Jan 1970 00:00:00 GMT Content-Length 57 Content-Type text/javascript;charset=ISO-8859-1

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| newrelic function| __nr_require function| TextExtractor function| TranslateUI function| $ function| jQuery function| onDomChange object| jQuery1102044819217723661664 object| TransformPage object| _trackJs boolean| ACUITY_LOG_EMBED number| requireTZ number| autodetect_timezone number| isFree string| SID string| ownerTz string| hasAddons string| locationUrl object| typeToCalendars boolean| hideAnyAvailable string| LOCALE object| LOCALE_SETTINGS string| TEMPLATE_NAME object| Acuity boolean| _ixTrackInitialized string| _ixPixelId function| trackIXConversion function| trackIX function| debounce function| async function| isEmailValid function| normalizeEmail function| isWeeklyView function| isClassView function| isOldIE function| adjustLogoPosition object| Select object| StepsHelpers function| stepsVisibleStepper function| stepsHiddenStepper object| locales function| getCurrentLocale function| getLocaleDateFormat object| FriendlyDates function| formatTimeForHuman function| newUTCDate function| dateObjectFromString function| formatDateForHuman function| formatForTimeElement object| trackJs object| jQuery19107180499231493029 undefined| extAsyncInit object| AcuityStorage function| $F object| jstz object| Popup object| Steps object| Timezone object| intlTelInputUtils object| Collapse object| Modernizr function| yepnope function| showCalendar object| calendarID object| $current boolean| hasAttachedCalendarScroll function| placesAutocompleteDataset object| __algolia function| algoliasearch function| autocomplete boolean| ignoreDomChange object| FBExtensions

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			backgroundinvestigation.as.me/	1978-01-11 21:31:40	Name: TrackJS Value: d3448b80-cd72-4c4d-af16-81453820f7c0
			backgroundinvestigation.as.me/	1970-01-20 15:24:27	Name: PHPSESSID Value: h4a3ubppv6nseamsoum3nvvi26
			backgroundinvestigation.as.me/	1970-01-18 19:46:32	Name: AWSALB Value: EWqONhg/EFwJd0Eco9qNWd+9JeYIB773BfxsiA95RUap14R42o08Aj6T2I01XvCGZ4BBIX7ZtYQ9JDjnr73hrqqNz3XMEjKbo7jWnhmKCEgMO75xvK1echsRDgc5

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://d3gxy7nm8y4yjr.cloudfront.net/responsive/schedule.all.js?v=349ccf(Line 1) Message: %cAcuity Scheduling, Inc.%c Welcome developer! You can find out more about customizing the client scheduler at %chttps://developers.acuityscheduling.com%c or by contacting developers@acuityscheduling.com

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acuitys-a299.kxcdn.com
backgroundinvestigation.as.me
bam.nr-data.net
connect.facebook.net
d3gxy7nm8y4yjr.cloudfront.net
d3jr8soghewg74.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
usage.trackjs.com
151.101.2.110
162.243.1.175
162.247.242.18
185.172.148.128
2a00:1450:4001:814::2003
2a00:1450:4001:814::200a
2a03:2880:f02d:12:face:b00c:0:3
50.112.141.79
52.85.182.158
52.85.182.174
52.85.182.62
1bdea142b4cc68b0d71ab7fc15eaad707062a52b49b791d7451a53ba8c25151e
33c3bf91a25c2b7a355ab82043af5b30efd739892586c6fef51a740c1429265d
4a58441133d85539974e4b136c25eaa5512ac1b018d4f6d53124a08c6f19b55e
4c6bff533a77d95a80aac86c0d8d436356370c9014c17832d7041d50492e6e27
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d
685e511070d7d36ad071ea39c387547c95bf064727890a3e9abf1d0283184794
6b47b4debba70814507152052f58ba4a218c05a98ff958c321c3692543f001af
7266423b007a1ccb38ab7c75faca38626b01982e34cbfc564130a3e0fe4806f3
73c4c5a9fde3afe29ad2018a7b35f8655ddcf9f695d867a7bba48e8484ec77f8
73ed4957753f475d502c2ee4e56fc072150f9b323be22652c868ef7cb82a926c
86ae71b2cf2c140ed2999b5ccf5332b4fb6ae990dc4b0697041c82fc6ab8385b
86fb9809daa2ad10b83c3eb5177cb9d842d1b82a5b1ea5b447879916f99c12ad
9307a0901a4ba46be022daf6f7a316969ca1ef9edb256d4ad2c02751e4052adc
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda