www.hrandpayroll.com Open in urlscan Pro
52.6.19.39 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://beacon2.sndqar.com/TrackItem.aspx?gen=1&IDCust=&IDCamp=ebaecd48-5b0c-4417-a718-f03d5bfe2747&IDContact=d376964e-84a0...
Effective URL:
https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&...
Submission: On March 16 via manual (March 16th 2021, 2:17:33 pm UTC) from US

Summary HTTP 53 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 53 HTTP transactions. The main IP is 52.6.19.39, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.hrandpayroll.com.
TLS certificate: Issued by R3 on March 11th 2021. Valid for: 3 months.

This is the only time www.hrandpayroll.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	195.95.161.225 195.95.161.225	49590 (SI-TRENDNET) (SI-TRENDNET)
9	52.6.19.39 52.6.19.39	14618 (AMAZON-AES) (AMAZON-AES)
7	143.204.101.105 143.204.101.105	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:1b:... 2a04:4e42:1b::622	54113 (FASTLY) (FASTLY)
4	151.101.12.176 151.101.12.176	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:3200:1c:e067:200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	143.204.202.45 143.204.202.45	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	34.213.158.125 34.213.158.125	16509 (AMAZON-02) (AMAZON-02)
1	143.204.202.56 143.204.202.56	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700:10:... 2606:4700:10::6816:1983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
53	16

1 195.95.161.225 (Slovenia) 1 redirects

ASN49590 (SI-TRENDNET, SI)

beacon2.sndqar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.6.19.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-19-39.compute-1.amazonaws.com

www.hrandpayroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.101.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-105.fra50.r.cloudfront.net

d36ai2hkxl16us.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.12.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-v.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:3200:1c:e067:200:93a1 (United States)

ASN16509 (AMAZON-02, US)

thought-industries.trackinglibrary.prodperfect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.202.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-45.fra53.r.cloudfront.net

f7imwt1lmg.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.213.158.125 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-158-125.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-56.fra53.r.cloudfront.net

thought-industries.datapipe.prodperfect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vsa8.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-v.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	tawk.to embed.tawk.to static-v.tawk.to va.tawk.to vsa8.tawk.to	120 KB
9	hrandpayroll.com www.hrandpayroll.com	28 KB
7	cloudfront.net d36ai2hkxl16us.cloudfront.net	2 MB
4	gstatic.com fonts.gstatic.com	65 KB
4	google-analytics.com www.google-analytics.com	20 KB
4	googleapis.com fonts.googleapis.com	3 KB
4	stripe.com js.stripe.com m.stripe.com	59 KB
3	jsdelivr.net cdn.jsdelivr.net	54 KB
2	doubleclick.net stats.g.doubleclick.net	156 B
2	amazonaws.com f7imwt1lmg.execute-api.us-east-1.amazonaws.com	881 B
2	prodperfect.com thought-industries.trackinglibrary.prodperfect.com thought-industries.datapipe.prodperfect.com	21 KB
1	stripe.network m.stripe.network	12 KB
1	wistia.com fast.wistia.com	113 KB
1	sndqar.com 1 redirects beacon2.sndqar.com	248 B
53	14

	Domain	Requested by
9	www.hrandpayroll.com	www.hrandpayroll.com d36ai2hkxl16us.cloudfront.net
7	d36ai2hkxl16us.cloudfront.net	www.hrandpayroll.com d36ai2hkxl16us.cloudfront.net
4	vsa8.tawk.to	static-v.tawk.to
4	fonts.gstatic.com	fonts.googleapis.com
4	www.google-analytics.com	www.hrandpayroll.com www.google-analytics.com
4	fonts.googleapis.com	www.hrandpayroll.com static-v.tawk.to
3	cdn.jsdelivr.net	static-v.tawk.to
3	va.tawk.to	static-v.tawk.to
3	js.stripe.com	www.hrandpayroll.com js.stripe.com
2	static-v.tawk.to	embed.tawk.to
2	stats.g.doubleclick.net	www.google-analytics.com
2	f7imwt1lmg.execute-api.us-east-1.amazonaws.com	d36ai2hkxl16us.cloudfront.net
1	thought-industries.datapipe.prodperfect.com	thought-industries.trackinglibrary.prodperfect.com
1	m.stripe.com	m.stripe.network
1	m.stripe.network	js.stripe.com
1	thought-industries.trackinglibrary.prodperfect.com	www.hrandpayroll.com
1	embed.tawk.to	www.hrandpayroll.com
1	fast.wistia.com	www.hrandpayroll.com
1	beacon2.sndqar.com	1 redirects
53	19

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.pinterest.com
www.thoughtindustries.com

Subject Issuer	Validity	Valid
www.hrandpayroll.com R3	`2021-03-11` - `2021-06-09`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-11` - `2021-05-07`	2 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-01-19` - `2021-05-04`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-29` - `2021-07-29`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.trackinglibrary.prodperfect.com Amazon	`2021-02-14` - `2022-03-15`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2020-10-27` - `2021-11-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-20` - `2021-05-04`	3 months	crt.sh
*.datapipe.prodperfect.com Amazon	`2021-02-27` - `2022-03-28`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-09` - `2021-04-17`	a month	crt.sh

This page contains 7 frames:

Primary Page: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS
Frame ID: 74127F863FFABF378861AAB3E63BFB67
Requests: 41 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
Frame ID: B817635998C6A2A938F979A8EEF0F0EA
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: D22DF70A1A9BB40632B6A436F23455E4
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 9045AA33EDC003A8472B3BA98BB71318
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: A516FBA3E32B1E325D3B1E1480335E4D
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 2B8CD474623FC48D2354BA523169D38D
Requests: 4 HTTP requests in this frame

Frame: https://static-v.tawk.to/a-v3/images/bubbles/9-r-br.svg
Frame ID: 7B84D1F9A2164757C7419B800A963E42
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://beacon2.sndqar.com/TrackItem.aspx?gen=1&IDCust=&IDCamp=ebaecd48-5b0c-4417-a718-f03d5bfe2747&IDC... HTTP 302
https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_0316... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

script /\/\/embed\.tawk\.to/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

53
Requests

100 %
HTTPS

59 %
IPv6

14
Domains

19
Subdomains

16
IPs

4
Countries

2065 kB
Transfer

9200 kB
Size

2
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fworkplace-violence-active-shooter-training
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Workplace+Violence+-+Active+Shooter+Training&url=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fworkplace-violence-active-shooter-training
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/cws/share?url=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fworkplace-violence-active-shooter-training&xdOrigin=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fworkplace-violence-active-shooter-training%3Futm_source%3DSquizmail_031621%26utm_medium%3Demail%26utm_content%3DAS&xdChannel=5e482676-7d8c-4210-a8aa-6db99854cdbd&xd_origin_host=https%3A%2F%2Fwww.hrandpayroll.com
Title:

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?description=Workplace+Violence+-+Active+Shooter+Training&url=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fworkplace-violence-active-shooter-training&media=https%3A%2F%2Fd36ai2hkxl16us.cloudfront.net%2Fthoughtindustries%2Fimage%2Fupload%2Fa_exif%2Cc_lfill%2Cw_600%2Ch_600%2Fv1%2Fcourse-uploads%2F7d71cfc6-62ee-4cfc-8f15-ede17fde5685%2Fbavahv2pf0mg-Active-Shooters_12March.jpeg
Title:

Search URL Search Domain Scan URL

URL: https://www.thoughtindustries.com/
Title: Thought Industries

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://beacon2.sndqar.com/TrackItem.aspx?gen=1&IDCust=&IDCamp=ebaecd48-5b0c-4417-a718-f03d5bfe2747&IDContact=d376964e-84a0-4433-a85b-8da3f0349553&IDRecipient=144EC073-CD9A-42B3-9DE6-D6C6EE27327D&IDLink=769ad981-16e9-47b3-85d4-83fcfdf25f00 HTTP 302
https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set workplace-violence-active-shooter-training Show response
www.hrandpayroll.com/courses/
Redirect Chain

https://beacon2.sndqar.com/TrackItem.aspx?gen=1&IDCust=&IDCamp=ebaecd48-5b0c-4417-a718-f03d5bfe2747&IDContact=d376964e-84a0-4433-a85b-8da3f0349553&IDRecipient=144EC073-CD9A-42B3-9DE6-D6C6EE27327D&I...
https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS

56 KB
18 KB

598ms
208ms

Document
text/html

52.6.19.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.6.19.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-19-39.compute-1.amazonaws.com

Software

Resource Hash

f21d1195ba755585a530eafa50066458b007188f4ff9a9500a0e15818c7328c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.hrandpayroll.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Vary: Accept-Encoding
x-ua-compatible: IE=Edge,chrome=1
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=604800
X-Frame-Options: SAMEORIGIN
nonce: n65vhge4kqzc68yvh1rxvav1
Set-Cookie: csrf-token=HozaYAZp-wYGMlP50lSdmCWAxP4sesZe8sQw; path=/; secure; httponly csrf-token.sig=sYAJrPzyTjFjYcVM8Y0wS8ya4kk; path=/; secure; httponly visitId=0.5872724560333831; path=/; expires=Tue, 16 Mar 2021 14:47:12 GMT koa:sess=eyJzZWNyZXQiOiJZaVRPU29UUUcyUEdaTkw0QmgtUVFmQTYifQ==; path=/; secure; httponly koa:sess.sig=j4SSS5sZXf-Zhyb2KHL9laUj7IU; path=/; secure; httponly
csrfToken: HozaYAZp-wYGMlP50lSdmCWAxP4sesZe8sQw
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Date: Tue, 16 Mar 2021 14:17:12 GMT
Transfer-Encoding: chunked

Redirect headers

cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
location: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Tue, 16 Mar 2021 14:17:11 GMT
content-length: 264

GET
H/1.1 200
OK bundle-84f599deb6e05a8dba70b401c067a4c7.css
d36ai2hkxl16us.cloudfront.net/v3/dist/ 645 KB
109 KB 122ms
35ms Stylesheet
text/css 143.204.101.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/bundle-84f599deb6e05a8dba70b401c067a4c7.css
Requested by: Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-105.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b435b42ec1967d4d3c38e36df6e4c52de12c54b86eb07141a085e330913fb4ca

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 20:05:28 GMT
Content-Encoding: gzip
Age: 411105
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 10 Mar 2021 02:11:09 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:84f599deb6e05a8dba70b401c067a4c7
ETag: W/"84f599deb6e05a8dba70b401c067a4c7"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: O7vXebv3dcHsLFfITmzFW6kvcQImsK_3QhajKuIQ7WiEfvaqGSNLIQ==

GET
H/1.1 200
OK 7f70b6a0-3ce8-4775-bc3e-c5befada0e1b--1920c7a855--v2.css
www.hrandpayroll.com/appearance/company/ 1 KB
1 KB 354ms
278ms Stylesheet
text/css 52.6.19.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hrandpayroll.com/appearance/company/7f70b6a0-3ce8-4775-bc3e-c5befada0e1b--1920c7a855--v2.css

Requested by

Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.6.19.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-19-39.compute-1.amazonaws.com

Software

Resource Hash

a3ddad0d85359172655db65676f5881f77cea8a0b7fe236d6cf2ab3c5d8bc4de

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
nonce: sjksz50bu5f23x925p94tq0t
csrfToken: HozaYAZp-wYGMlP50lSdmCWAxP4sesZe8sQw
Date: Tue, 16 Mar 2021 14:17:13 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK vendor.gulp.bundle.38ae180e.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 1021 KB
286 KB 115ms
29ms Script
application/javascript 143.204.101.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.38ae180e.js
Requested by: Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-105.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b810a5c80d14b229bf6ae5fd4bfc8ad045c106f7fd733d3a5a39ab9a8d65e64

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Feb 2021 01:07:58 GMT
Content-Encoding: gzip
Age: 3157755
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 16 Nov 2020 19:44:18 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:38ae180ec40c828eb3b9b1a8eac27641
ETag: W/"38ae180ec40c828eb3b9b1a8eac27641"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 3LWbdIlTYAtmywzH1ByuDn-K3R6gkTWvpdWZSVvItpkiXMeFc0XxIg==

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 620 KB
113 KB 155ms
6ms Script
application/javascript 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

69d391fbea4eb4835c884a48fda5371748c8d45078bb82e7b341fef756441e85

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 14:17:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 889
x-cache: HIT, HIT
content-length: 115646
x-served-by: cache-dca17733-DCA, cache-hhn4035-HHN
access-control-allow-origin: *
x-browser-version: 89
last-modified: Tue, 16 Mar 2021 13:52:40 GMT
x-timer: S1615904233.262581,VS0,VE0
etag: "6050b828-1c3be"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 331

GET
H2 200 / Show response
js.stripe.com/v3/ 216 KB
57 KB 154ms
30ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3476da9ad7885bc6c8550216c9873839abb5b2ecc3ff25e597dee621ceca8c89

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 14:17:12 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 262
via: 1.1 varnish
x-cache: HIT
content-length: 57502
x-amz-id-2: 55wcaeSd+cavS6/+xCdmbNrd6zztFXJHL1p6ueBO99BKCxDNdviJH/4Hgy3x6Nmu5/tGvu5XM04=
x-served-by: cache-fra19122-FRA
timing-allow-origin: *
last-modified: Mon, 15 Mar 2021 22:27:59 GMT
server: AmazonS3
etag: "1b6644838b1a7f810d05848b6f2421af"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: BQ4JZ8M97GEN0GY2
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 240

GET
H/1.1 200
OK main-34103b59e489f2722ef5.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 5 MB
997 KB 85ms
31ms Script
application/javascript 143.204.101.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/main-34103b59e489f2722ef5.bundle.js
Requested by: Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-105.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e5389f0db78447f9a50d4217281adcb15744c8b90dc5f42d991c830027f18dd

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 19:18:15 GMT
Content-Encoding: gzip
Age: 68338
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 15 Mar 2021 19:03:38 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:850092f43cb28fbb8cf34b85f289c047
ETag: W/"850092f43cb28fbb8cf34b85f289c047"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: MHLNqH5JbXSSL9Ctkx-rBkvXIXGK8rLzwruVUGZxbcazzFHs5SqXEg==

GET
H2 200 css
fonts.googleapis.com/ 12 KB
948 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bitter:300,400,700|Sintony:300,400,700|Nunito:300,400,600,700

Requested by

Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/appearance/company/7f70b6a0-3ce8-4775-bc3e-c5befada0e1b--1920c7a855--v2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f3bb29d52da34c217f74ea0b6165284d0c66cfa62ca8b7fe77231aee281d89e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 14:17:13 GMT
server: ESF
date: Tue, 16 Mar 2021 14:17:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Mar 2021 14:17:13 GMT

GET
H2 200 default Show response
embed.tawk.to/5fb53e6c920fc91564c83a75/ 11 KB
4 KB 782ms
663ms Script
application/x-javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5fb53e6c920fc91564c83a75/default

Requested by

Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d5831ddc477d4c70f73a3c95c4822ea1a68ef9f67043697278289b182b8192d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.hrandpayroll.com
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 14:17:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
etag: W/"stable-v3-709-en"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, s-maxage=3600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 630e9a91ed4f2c0d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08dcfeef2e00002c0d80101000000001

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 878
date: Tue, 16 Mar 2021 14:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 16 Mar 2021 16:02:35 GMT

GET
H/1.1 200
OK zazd71fdlwwp9ucucoac.jpg
d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/v1499701412/ 43 KB
44 KB 25ms
25ms Image
image/jpeg 143.204.101.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/v1499701412/zazd71fdlwwp9ucucoac.jpg

Requested by

Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/appearance/company/7f70b6a0-3ce8-4775-bc3e-c5befada0e1b--1920c7a855--v2.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-105.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

446eb45445ebc42055caeb49fc288b1e93498311bf7ef4673a9e2db57171409d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 02:55:48 GMT
Via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 3496885
X-Cache: Hit from cloudfront
Server-Timing: fastly;dur=145;cpu=0;start=2021-02-04T02:55:48.358Z;desc=miss,rtt;dur=5,cloudinary;dur=51;start=2021-02-04T02:55:48.403Z
Content-Length: 44049
Last-Modified: Mon, 10 Jul 2017 15:43:33 GMT
Server: Cloudinary
Cache-Control: public, no-transform, immutable, max-age=2592000
ETag: "2777382f5229810b5d5f660b94b47485"
Strict-Transport-Security: max-age=604800
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: ceiHCKJLltYbc0UeM9etTzFDnMy0xQa2wo2yD3w86Ia5Li4lzFsMPw==

GET
H2 200 keen-tracking.min.js Show response
thought-industries.trackinglibrary.prodperfect.com/ 70 KB
21 KB 74ms
13ms Script
application/javascript 2600:9000:214f:3200:1c:e067:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://thought-industries.trackinglibrary.prodperfect.com/keen-tracking.min.js
Requested by: Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3200:1c:e067:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5970265baad138586a80f10ae2a655c08596685c297ebb841f45b4234d0c8bca

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wQTnDvuB2vZJBU577gxabMnUN0.BGo5Z
content-encoding: gzip
last-modified: Fri, 17 Apr 2020 19:43:36 GMT
server: AmazonS3
age: 69823
etag: W/"44a5974f23726792e0e2b7553540eb8c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
date: Mon, 15 Mar 2021 22:04:42 GMT
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: nRsFPTeNknW3AQXT3a9BFN1qyvnjrT1RfhDaFrxC-Qgmo0h0-pwv6g==

GET
H/1.1 200
OK cart Show response
www.hrandpayroll.com/orders/ 37 B
493 B 131ms
130ms XHR
application/json 52.6.19.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hrandpayroll.com/orders/cart

Requested by

Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.38ae180e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.6.19.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-19-39.compute-1.amazonaws.com

Software

Resource Hash

ef7f208ee05b21c55a88213ab9fe90d3fa3a8fc6349b46bb576d31dc3150909c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS
nonce: n65vhge4kqzc68yvh1rxvav1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
authToken

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
Date: Tue, 16 Mar 2021 14:17:14 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Vary: Accept-Encoding
Content-Length: 37
X-XSS-Protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK 7f70b6a0-3ce8-4775-bc3e-c5befada0e1b Show response
www.hrandpayroll.com/learn/appearanceBlocks/ 741 B
1 KB 117ms
116ms XHR
application/json 52.6.19.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hrandpayroll.com/learn/appearanceBlocks/7f70b6a0-3ce8-4775-bc3e-c5befada0e1b

Requested by

Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.38ae180e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.6.19.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-19-39.compute-1.amazonaws.com

Software

Resource Hash

8fce468a96af3813141e60e330274e58d8a8b7fae01f24aef07e162fc3873de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS
nonce: n65vhge4kqzc68yvh1rxvav1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
authToken

Response headers

Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
nonce: ifkk6k8f53mroriadua2gxss
csrfToken: HozaYAZp-wYGMlP50lSdmCWAxP4sesZe8sQw
Date: Tue, 16 Mar 2021 14:17:14 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding
Content-Length: 741
X-XSS-Protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK a61ba6d5-8e84-458c-99d4-390ccdc78b46 Show response
www.hrandpayroll.com/learn/micrositeFooterBlocks/ 320 B
722 B 249ms
134ms XHR
application/json 52.6.19.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hrandpayroll.com/learn/micrositeFooterBlocks/a61ba6d5-8e84-458c-99d4-390ccdc78b46

Requested by

Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.38ae180e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.6.19.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-19-39.compute-1.amazonaws.com

Software

Resource Hash

ee685f9d7cb5b597ec3e74bbff5f3dd31ab69cf9315ddcb9cdfe991b2da649f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS
nonce: n65vhge4kqzc68yvh1rxvav1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
authToken

Response headers

Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
nonce: ugtzcil518e629wfupqknlzh
csrfToken: HozaYAZp-wYGMlP50lSdmCWAxP4sesZe8sQw
Date: Tue, 16 Mar 2021 14:17:14 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding
Content-Length: 320
X-XSS-Protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK 288d778f-8c4f-42fe-8342-9ed9842f2da8 Show response
www.hrandpayroll.com/learn/micrositeHeaderBlocks/ 503 B
905 B 256ms
132ms XHR
application/json 52.6.19.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hrandpayroll.com/learn/micrositeHeaderBlocks/288d778f-8c4f-42fe-8342-9ed9842f2da8?

Requested by

Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.38ae180e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.6.19.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-19-39.compute-1.amazonaws.com

Software

Resource Hash

46fe00bc5a48088497ea24d1b221d9146644a423ace2a3f176acfd9279c256c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS
nonce: n65vhge4kqzc68yvh1rxvav1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
authToken

Response headers

Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
nonce: lcbpfomer83fj5ms0hp7g3ct
csrfToken: HozaYAZp-wYGMlP50lSdmCWAxP4sesZe8sQw
Date: Tue, 16 Mar 2021 14:17:14 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding
Content-Length: 503
X-XSS-Protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 m-outer-0cba8a995d163797499ab006bbb6b889.html Show response
js.stripe.com/v3/ Frame B817 215 B
589 B 30ms
28ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0e755df7fd0c4d557bcefdd1186cc8ddb518d001d6ee462335a6debee465090b

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hrandpayroll.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hrandpayroll.com/

Response headers

x-amz-id-2: xTMM55a3F222lKrQfeqz2jC5PJ5rctf4KceKmvpC8Ec/JjWUs9Ir+hXHZySedWRV5heKEMYNqXI=
x-amz-request-id: C3EQV95Y1X51Y3MZ
last-modified: Tue, 09 Mar 2021 20:21:15 GMT
etag: "0cba8a995d163797499ab006bbb6b889"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 16 Mar 2021 14:17:14 GMT
via: 1.1 varnish
age: 39
x-served-by: cache-fra19122-FRA
x-cache: HIT
x-cache-hits: 83
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 185

GET
H2 200 rax8HiqOu8IVPmn7f4xp.woff2
fonts.gstatic.com/s/bitter/v17/ 30 KB
30 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v17/rax8HiqOu8IVPmn7f4xp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:300,400,700|Sintony:300,400,700|Nunito:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee8dc3fdcf311e88a5779e74cee39670aeaf2b95f90856b8eb2fc74e1bc1b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.hrandpayroll.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 19:41:30 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:59:57 GMT
server: sffe
age: 412544
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30296
x-xss-protection: 0
expires: Fri, 11 Mar 2022 19:41:30 GMT

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
890 B 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 13:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1843
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
expires: Tue, 16 Mar 2021 14:46:31 GMT

GET
H/1.1 200
OK nbxkunvv9iex-HRPayrollLogoFINAL_pngfilecopy.png
d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/a_exif,c_lfill,h_150,dpr_2.0/v1/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/ 14 KB
14 KB 614ms
614ms Image
image/png 143.204.101.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/a_exif,c_lfill,h_150,dpr_2.0/v1/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/nbxkunvv9iex-HRPayrollLogoFINAL_pngfilecopy.png

Requested by

Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-105.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

b54afb8c17fa8cda50fe0ef2bc109178c905df1ed71d2836f5443ed4e86f466b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 14:17:15 GMT
Via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Miss from cloudfront
Server-Timing: fastly;dur=580;cpu=1;start=2021-03-16T14:17:14.432Z;desc=miss,rtt;dur=1,cloudinary;dur=195;start=2021-03-16T14:17:14.767Z
Content-Length: 13847
Last-Modified: Thu, 15 Oct 2020 16:10:45 GMT
Server: Cloudinary
Cache-Control: public, no-transform, immutable, max-age=2592000
ETag: "ca6beead094c4b62903dad92f4b3e2c9"
Strict-Transport-Security: max-age=604800
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: IJlgGQSivwqLduUBJM_lsCi6cvIeaiibmwStmRJg9FGzpfjBRu-KMQ==

POST
H/1.1 200
OK graphql Show response
www.hrandpayroll.com/ 10 KB
4 KB 206ms
206ms Fetch
text/plain 52.6.19.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hrandpayroll.com/graphql

Requested by

Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/main-34103b59e489f2722ef5.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.6.19.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-19-39.compute-1.amazonaws.com

Software

Resource Hash

70e7c094c53edcd5565731ff31a5dcbd05e1e63b0b37bbfb1046dd2f2883de73

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS
nonce: lcbpfomer83fj5ms0hp7g3ct
authToken
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
nonce: 6cjd06qfvxhmuzgd98muym9t
csrfToken: 9AhI9VAF-Wur1HAelH4somB4d19DdVnOSSws
Date: Tue, 16 Mar 2021 14:17:14 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 m-outer-a7fed991536d116dae496abb616e06f8.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B817 1 KB
880 B 24ms
23ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-a7fed991536d116dae496abb616e06f8.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 14:17:14 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 88
via: 1.1 varnish
x-cache: HIT
content-length: 699
x-amz-id-2: KdsczMbxi1LUH6ibEZ3gWqsP+9FjfF9kstBrS4ZAuQ9mvXj6u0q/ZAKzAzRIhsWLXaoHabEu8z0=
x-served-by: cache-fra19122-FRA
timing-allow-origin: *
last-modified: Tue, 09 Mar 2021 20:21:16 GMT
server: AmazonS3
etag: "356a16407e7a019ffdf35f454b7438a9"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: WBSQ3B4QCJVW17A4
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 161

GET
H2 200 inner.html Show response
m.stripe.network/ Frame D22D 33 KB
12 KB 36ms
30ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a7fed991536d116dae496abb616e06f8.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.stripe.com/

Response headers

server: nginx
content-type: text/html; charset=utf-8
last-modified: Fri, 04 Dec 2020 19:17:49 GMT
etag: W/"5fca8b5d-84a0"
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: public, max-age=300
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 16 Mar 2021 14:17:14 GMT
age: 59
x-served-by: cache-sea4425-SEA, cache-fra19122-FRA
x-cache: HIT, HIT
x-cache-hits: 1, 96
x-timer: S1615904235.505070,VS0,VE0
vary: Accept-Encoding
content-length: 12226

OPTIONS
H/1.1 200
OK views
f7imwt1lmg.execute-api.us-east-1.amazonaws.com/latest/ Frame 0
0 362ms
304ms Preflight
application/json 143.204.202.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f7imwt1lmg.execute-api.us-east-1.amazonaws.com/latest/views
Protocol: HTTP/1.1
Server: 143.204.202.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-45.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authtoken,nonce
Origin: https://www.hrandpayroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: application/json
Content-Length: 0
Connection: keep-alive
Date: Tue, 16 Mar 2021 14:17:15 GMT
x-amzn-RequestId: 28f3633b-86ae-4043-b7ef-7943e1ea0252
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Api-Version,X-CSRF-Token,Authentication,nonce,authToken
x-amz-apigw-id: cSKcwER4oAMFSjg=
Access-Control-Allow-Methods: OPTIONS,POST
X-Cache: Miss from cloudfront
Via: 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: ACYBaN4wdK50FBwmO9GlasEZg7d-teQ-3zkbPprXD-059Q0tyvxNBA==

POST
H/1.1 201
Created views Show response
f7imwt1lmg.execute-api.us-east-1.amazonaws.com/latest/ 224 B
881 B 403ms
402ms XHR
text/plain 143.204.202.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f7imwt1lmg.execute-api.us-east-1.amazonaws.com/latest/views
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.38ae180e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-45.fra53.r.cloudfront.net
Software: /
Resource Hash: 5560a645ed6644535d72edff7b81d09eb38d5e6f04adc80a358121f010797d78

Request headers

Accept: */*
Referer: https://www.hrandpayroll.com/
nonce: lcbpfomer83fj5ms0hp7g3ct
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
authToken

Response headers

Date: Tue, 16 Mar 2021 14:17:15 GMT
Via: 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
x-amzn-RequestId: 4b1d8202-ee9d-4a3f-9676-9c25567b1a0b
X-Cache: Miss from cloudfront
Content-Type: text/plain
Access-Control-Allow-Origin: *
X-Amzn-Trace-Id: Root=1-6050bdeb-2a49bebb7fd3134e6b5d42d5;Sampled=0
Access-Control-Allow-Headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Api-Version,X-CSRF-Token,Authentication,nonce,authToken
Connection: keep-alive
x-amz-apigw-id: cSKczGuroAMFfGg=
Content-Length: 224
X-Amz-Cf-Id: WXjwmCEQBlhdB6l__hcJLyuX-mt8cz4vgmLrEj72Hk0w0UY7H3H3HQ==

GET
H/1.1 200
OK keep_alive Show response
www.hrandpayroll.com/learn/ 22 B
423 B 130ms
125ms XHR
application/json 52.6.19.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hrandpayroll.com/learn/keep_alive

Requested by

Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.38ae180e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.6.19.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-19-39.compute-1.amazonaws.com

Software

Resource Hash

769d05e66129d07f000aaa2857f96cb208ceb8e9a65175430ee3e747bde97abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS
nonce: lcbpfomer83fj5ms0hp7g3ct
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
authToken

Response headers

Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
nonce: djbdlnvqza7d5np4gvoez11k
csrfToken: 9AhI9VAF-Wur1HAelH4somB4d19DdVnOSSws
Date: Tue, 16 Mar 2021 14:17:14 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding
Content-Length: 22
X-XSS-Protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
89 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-186820055-1&cid=923040423.1615904234&jid=981066635&gjid=133913763&_gid=1683423190.1615904234&_u=KGhAgEIRAAAAAE~&z=1895967896

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 16 Mar 2021 14:17:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.hrandpayroll.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-48457520-3&cid=923040423.1615904234&jid=1161304007&gjid=775933561&_gid=2012019614.1615904234&_u=KGhAgEIRAAAAAE~&z=723804288

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 16 Mar 2021 14:17:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.hrandpayroll.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 9ms
7ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=486499000&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fworkplace-violence-active-shooter-training%3Futm_source%3DSquizmail_031621%26utm_medium%3Demail%26utm_content%3DAS&dp=%2Fcourses%2Fworkplace-violence-active-shooter-training%3Futm_source%3DSquizmail_031621%26utm_medium%3Demail%26utm_content%3DAS&ul=en-us&de=UTF-8&dt=%2Fcourses%2Fworkplace-violence-active-shooter-training%3Futm_source%3DSquizmail_031621%26utm_medium%3Demail%26utm_content%3DAS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGhAgEIR~&jid=981066635&gjid=133913763&cid=923040423.1615904234&tid=UA-186820055-1&_gid=1683423190.1615904234&z=1442755202

Requested by

Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66949
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
86 B 9ms
7ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=486499000&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fworkplace-violence-active-shooter-training%3Futm_source%3DSquizmail_031621%26utm_medium%3Demail%26utm_content%3DAS&dp=%2Fcourses%2Fworkplace-violence-active-shooter-training%3Futm_source%3DSquizmail_031621%26utm_medium%3Demail%26utm_content%3DAS&ul=en-us&de=UTF-8&dt=%2Fcourses%2Fworkplace-violence-active-shooter-training%3Futm_source%3DSquizmail_031621%26utm_medium%3Demail%26utm_content%3DAS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGhAgEIRAAAAAE~&jid=1161304007&gjid=775933561&cid=923040423.1615904234&tid=UA-48457520-3&_gid=2012019614.1615904234&z=1381813962

Requested by

Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 20:21:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64541
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bavahv2pf0mg-Active-Shooters_12March.jpeg
d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/a_exif,c_fill,w_800,h_433/v1/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/ 54 KB
55 KB 41ms
39ms Image
image/jpeg 143.204.101.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/a_exif,c_fill,w_800,h_433/v1/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/bavahv2pf0mg-Active-Shooters_12March.jpeg

Requested by

Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-105.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

6bd7bf62f497ac6ad087e0783e7abbc5c1838c000d0f19da3dbfbc90e09fdb94

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 14:17:15 GMT
Via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Miss from cloudfront
Server-Timing: fastly;dur=2;cpu=1;start=2021-03-16T14:17:15.008Z;desc=hit,rtt;dur=3
Content-Length: 55273
Last-Modified: Fri, 12 Mar 2021 09:46:46 GMT
Server: Cloudinary
Cache-Control: public, no-transform, immutable, max-age=2592000
ETag: "2e94a6f5184135f02342b16e960dc2b7"
Strict-Transport-Security: max-age=604800
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: veaUEZCjYrTvGCY5lZnAS_CHbDv8D4scGwD5zz2DYuxHeaY_MDyWfg==

GET
H3-Q050 200 XoHj2YDqR7-98cVUGYgIr9AJkw.woff2
fonts.gstatic.com/s/sintony/v8/ 8 KB
8 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sintony/v8/XoHj2YDqR7-98cVUGYgIr9AJkw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:300,400,700|Sintony:300,400,700|Nunito:300,400,600,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e73db0900053cb7929c23d8ed2d667dfbec582b4c67c61e2d0e4d184e7188b36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.hrandpayroll.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 14:23:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:23:06 GMT
server: sffe
age: 345239
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8324
x-xss-protection: 0
expires: Sat, 12 Mar 2022 14:23:16 GMT

GET
H3-Q050 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v16/ 19 KB
19 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:300,400,700|Sintony:300,400,700|Nunito:300,400,600,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.hrandpayroll.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:25:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Nov 2020 02:44:35 GMT
server: sffe
age: 481912
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18972
x-xss-protection: 0
expires: Fri, 11 Mar 2022 00:25:23 GMT

GET
H3-Q050 200 XoHm2YDqR7-98cVUETMtug.woff2
fonts.gstatic.com/s/sintony/v8/ 8 KB
8 KB 11ms
9ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sintony/v8/XoHm2YDqR7-98cVUETMtug.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:300,400,700|Sintony:300,400,700|Nunito:300,400,600,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbd80981dfc0174f878b36a16f2df70fb71f52d418aedcc654d3020ff8e3faa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.hrandpayroll.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 02:04:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:23:05 GMT
server: sffe
age: 475943
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8548
x-xss-protection: 0
expires: Fri, 11 Mar 2022 02:04:52 GMT

GET
H/1.1 200
OK ti-icons-rev2.2.6.ttf
d36ai2hkxl16us.cloudfront.net/fonts/ 65 KB
65 KB 466ms
408ms Font
binary/octet-stream 143.204.101.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/fonts/ti-icons-rev2.2.6.ttf
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/bundle-84f599deb6e05a8dba70b401c067a4c7.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-105.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9377ac882a4e9b858aacee6d8451768b9d851a4aab5ac966ead2b1470f3b8e24

Request headers

Origin: https://www.hrandpayroll.com
Referer: https://d36ai2hkxl16us.cloudfront.net/v3/dist/bundle-84f599deb6e05a8dba70b401c067a4c7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 14:17:16 GMT
Via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
Vary: Origin
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 66060
Last-Modified: Tue, 01 Dec 2020 00:22:43 GMT
Server: AmazonS3
ETag: "ce4a2dfa4b9fbe97aa8b16639b1c58e7"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, PUT
x-amz-version-id: F4shChbtuwJP5Z37P_oK8MUpB6o8ptFI
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Type: binary/octet-stream
X-Amz-Cf-Id: GUPP7mlufiKm1pb_MEI7IU_4DRPjNF2oltMKJoHfpTXMDnPyf7tJ7A==

POST
H/1.1 200
OK graphql Show response
www.hrandpayroll.com/ 130 B
526 B 155ms
155ms Fetch
text/plain 52.6.19.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hrandpayroll.com/graphql

Requested by

Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/main-34103b59e489f2722ef5.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.6.19.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-19-39.compute-1.amazonaws.com

Software

Resource Hash

dfbdbad329526b4311d4c88a4b0fd7879f7d973a84aa32e6dec760de977fbff6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.hrandpayroll.com/courses/workplace-violence-active-shooter-training?utm_source=Squizmail_031621&utm_medium=email&utm_content=AS
nonce: djbdlnvqza7d5np4gvoez11k
authToken
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
nonce: 4kwzb1v0dhno531v52nl1j12
csrfToken: 9AhI9VAF-Wur1HAelH4somB4d19DdVnOSSws
Date: Tue, 16 Mar 2021 14:17:15 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Vary: Accept-Encoding
Content-Length: 130
X-XSS-Protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1

POST
H2 200 6 Show response
m.stripe.com/ Frame D22D 156 B
518 B 587ms
210ms XHR
text/plain 34.213.158.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.213.158.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-213-158-125.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ba516f819543878a9a264a535fc7957f40317b811e6cd068829ef3300ed039fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 16 Mar 2021 14:17:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H2 200 app.js Show response
static-v.tawk.to/709/ 503 KB
111 KB 678ms
670ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-v.tawk.to/709/app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5fb53e6c920fc91564c83a75/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a64587179f88ce099e304e1aba99e844db374d0b49c6db9fcdb79f18fa72c889

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.hrandpayroll.com
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 14:17:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08dcfef89800002c0d3f0ad000000001
last-modified: Fri, 15 Jan 2021 22:41:20 GMT
server: cloudflare
etag: W/"d4160b3dd3f8809cdee87d79588bd521"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 630e9aa0fb612c0d-FRA

POST
H2 204 pageviews
thought-industries.datapipe.prodperfect.com/v1/3.0/projects/Dc5P592JoKCZ1lrISONIyWjH/events/ 0
354 B 416ms
354ms Other
text/plain 143.204.202.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thought-industries.datapipe.prodperfect.com/v1/3.0/projects/Dc5P592JoKCZ1lrISONIyWjH/events/pageviews?api_key=0H20LPYK642MYFMAJI7PJ46SN45TLHRX0O4HMR7FXO3VMR3569CLSS51A71IVZ2KNFQZVK3F8J9DJJUWPYJUIHTXA9N570GMO58LV428JEBB7CHVVJ0CVYNQ8NT26KNDIUR4YSZ5B38QPD8BX9POWNFCSZ54RTJRQ3P9JMMVGLVNLR2BUFTXB24Z6VZMLUXO

Requested by

Host: thought-industries.trackinglibrary.prodperfect.com
URL: https://thought-industries.trackinglibrary.prodperfect.com/keen-tracking.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.202.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-202-56.fra53.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 16 Mar 2021 14:17:16 GMT
via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 0163a211-308c-4cc7-ad16-b1a5a8cb6648
x-cache: Miss from cloudfront
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6050bdeb-19ca2029376944e72e0a5102;Sampled=0
x-amz-apigw-id: cSKc4FsnIAMFyNA=
x-amz-cf-id: EEbRcFqb4qkfe6OnyXGFVJJIQH7LZhDO2nbKEB8pTBCfEAx9SM-Ttw==

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 2 KB
1 KB 800ms
797ms XHR
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5fb53e6c920fc91564c83a75&widgetId=default

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69dc064ed45db0d812f5b67ebe72b7034a3973cfe32675a62a3690b349b2f159

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 14:17:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08dcfefb6600002c0d74b2f000000001
x-served-by: visitor-application-preemptive-22fc
server: cloudflare
etag: W/"1-7-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400, s-maxage=14400
cf-ray: 630e9aa56b032c0d-FRA
access-control-allow-headers: content-type,x-tawk-token

POST
H2 200 1615904236426 Show response
va.tawk.to/register/ 1 KB
2 KB 241ms
225ms XHR
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/register/1615904236426

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27e622b9d141f33037e3cbad0dc89ae7042200623f326befcafdd7a15c3040a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Mar 2021 14:17:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08dcfefb9d0000536a74133000000001
x-served-by: visitor-application-preemptive-g761
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.hrandpayroll.com
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 630e9aa5ca64536a-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H2 200 css
fonts.googleapis.com/ Frame 9045 7 KB
671 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4b20c06a20b7c958a8ebc8d7dd6766a94be7adfb473f4f68e2217b08620fda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 14:03:05 GMT
server: ESF
date: Tue, 16 Mar 2021 14:17:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Mar 2021 14:17:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A516 7 KB
648 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4b20c06a20b7c958a8ebc8d7dd6766a94be7adfb473f4f68e2217b08620fda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 14:06:38 GMT
server: ESF
date: Tue, 16 Mar 2021 14:17:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Mar 2021 14:17:17 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 2B8C 7 KB
805 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4b20c06a20b7c958a8ebc8d7dd6766a94be7adfb473f4f68e2217b08620fda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 14:09:44 GMT
server: ESF
date: Tue, 16 Mar 2021 14:17:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Mar 2021 14:17:17 GMT

GET
H2 200 emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame 2B8C 192 B
276 B 30ms
9ms Stylesheet
text/css 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2992688
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 152
etag: W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
x-served-by: cache-fra19153-FRA, cache-hhn4038-HHN
date: Tue, 16 Mar 2021 14:17:17 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame 2B8C 295 KB
53 KB 28ms
9ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2992689
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 53889
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
x-served-by: cache-fra19161-FRA, cache-hhn4038-HHN
date: Tue, 16 Mar 2021 14:17:17 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
vsa8.tawk.to/s/ 101 B
204 B 668ms
654ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsa8.tawk.to/s/?k=6050bdecb63ea377fcd2c1f7&u=NIw1tkqzOWrUbdO6GisSFUUif4sMrvZeROir9mByeBwmZFJSplGLBzGmdzBYGDFo&uv=2&a=5fb53e6c920fc91564c83a75&cver=0&pop=false&jv=709&asver=226&ust=false&EIO=3&transport=polling&__t=NWxPURD

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97bb3b21de00b3ae33bb0e3fb24c6b0b080336e07f44fe5c9c09a8c9bdc7a96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 14:17:17 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://www.hrandpayroll.com
access-control-allow-credentials: true
cf-ray: 630e9aab0b1a536a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 101
cf-request-id: 08dcfefee50000536a6a3ff000000001

GET
H2 200 9-r-br.svg
static-v.tawk.to/a-v3/images/bubbles/ Frame 7B84 5 KB
2 KB 14ms
11ms Image
image/svg+xml 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-v.tawk.to/a-v3/images/bubbles/9-r-br.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f95cc2911bff5a94bf4eed95499541b28eb9af83d2da096aa700461fb434bfb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 14:17:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 887961
x-cache-status: STALE
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08dcfefedb0000536abe122000000001
last-modified: Fri, 15 Jan 2021 12:12:52 GMT
server: cloudflare
etag: W/"698f16ea8000954f23df2cf2572b6349"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 630e9aaafb01536a-FRA

GET
H2 200 26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 2B8C 413 B
737 B 10ms
8ms Image
image/png 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 2992686
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 413
etag: W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
x-served-by: cache-fra19122-FRA, cache-hhn4038-HHN
date: Tue, 16 Mar 2021 14:17:17 GMT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
vsa8.tawk.to/s/ 77 B
186 B 181ms
181ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

677d9f71ea525a1b06da29aec7e587246b904965d6104d18fc66f4efb842806f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 14:17:18 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://www.hrandpayroll.com
access-control-allow-credentials: true
cf-ray: 630e9aaf2a27536a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77
cf-request-id: 08dcff01760000536a682db000000001

POST
H2 200 v3 Show response
va.tawk.to/log-performance/ 5 B
245 B 222ms
221ms XHR
text/html 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Mar 2021 14:17:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08dcff022d0000536ada8d0000000001
x-served-by: visitor-application-preemptive-8dhw
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.hrandpayroll.com
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 630e9ab04c68536a-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H2 200 / Show response
vsa8.tawk.to/s/ 4 B
89 B 763ms
763ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 14:17:18 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://www.hrandpayroll.com
access-control-allow-credentials: true
cf-ray: 630e9ab04c6b536a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4
cf-request-id: 08dcff022e0000536abb9f9000000001

POST
H2 200 / Show response
vsa8.tawk.to/s/ 2 B
120 B 669ms
669ms XHR
text/html 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

date: Tue, 16 Mar 2021 14:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/html
access-control-allow-origin: https://www.hrandpayroll.com
access-control-allow-credentials: true
cf-ray: 630e9ab369d0536a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08dcff04240000536ad9bbf000000001

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.hrandpayroll.com/	1970-01-20 01:37:20	Name: keen Value: {%22uuid%22:%229e4723ff-910f-4f08-bf39-7b83e0e70ae2%22%2C%22initialReferrer%22:null}
			www.hrandpayroll.com/	1970-01-19 16:51:46	Name: prodperfect_session Value: {%22session_uuid%22:%22532beaa8-178a-4e39-bfea-f6b38bbc45dd%22}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon2.sndqar.com
cdn.jsdelivr.net
d36ai2hkxl16us.cloudfront.net
embed.tawk.to
f7imwt1lmg.execute-api.us-east-1.amazonaws.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
static-v.tawk.to
stats.g.doubleclick.net
thought-industries.datapipe.prodperfect.com
thought-industries.trackinglibrary.prodperfect.com
va.tawk.to
vsa8.tawk.to
www.google-analytics.com
www.hrandpayroll.com
143.204.101.105
143.204.202.45
143.204.202.56
151.101.12.176
195.95.161.225
2600:9000:214f:3200:1c:e067:200:93a1
2606:4700:10::6816:1883
2606:4700:10::6816:1983
2a00:1450:4001:800::2003
2a00:1450:4001:800::200e
2a00:1450:4001:811::2003
2a00:1450:4001:82a::200a
2a00:1450:400c:c09::9c
2a04:4e42:1b::621
2a04:4e42:1b::622
34.213.158.125
52.6.19.39
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
0e755df7fd0c4d557bcefdd1186cc8ddb518d001d6ee462335a6debee465090b
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27e622b9d141f33037e3cbad0dc89ae7042200623f326befcafdd7a15c3040a5
3476da9ad7885bc6c8550216c9873839abb5b2ecc3ff25e597dee621ceca8c89
446eb45445ebc42055caeb49fc288b1e93498311bf7ef4673a9e2db57171409d
46fe00bc5a48088497ea24d1b221d9146644a423ace2a3f176acfd9279c256c2
4b810a5c80d14b229bf6ae5fd4bfc8ad045c106f7fd733d3a5a39ab9a8d65e64
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
5560a645ed6644535d72edff7b81d09eb38d5e6f04adc80a358121f010797d78
5970265baad138586a80f10ae2a655c08596685c297ebb841f45b4234d0c8bca
5d5831ddc477d4c70f73a3c95c4822ea1a68ef9f67043697278289b182b8192d
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
677d9f71ea525a1b06da29aec7e587246b904965d6104d18fc66f4efb842806f
69d391fbea4eb4835c884a48fda5371748c8d45078bb82e7b341fef756441e85
69dc064ed45db0d812f5b67ebe72b7034a3973cfe32675a62a3690b349b2f159
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd7bf62f497ac6ad087e0783e7abbc5c1838c000d0f19da3dbfbc90e09fdb94
70e7c094c53edcd5565731ff31a5dcbd05e1e63b0b37bbfb1046dd2f2883de73
769d05e66129d07f000aaa2857f96cb208ceb8e9a65175430ee3e747bde97abd
7ee8dc3fdcf311e88a5779e74cee39670aeaf2b95f90856b8eb2fc74e1bc1b25
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e5389f0db78447f9a50d4217281adcb15744c8b90dc5f42d991c830027f18dd
8fce468a96af3813141e60e330274e58d8a8b7fae01f24aef07e162fc3873de4
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9377ac882a4e9b858aacee6d8451768b9d851a4aab5ac966ead2b1470f3b8e24
97bb3b21de00b3ae33bb0e3fb24c6b0b080336e07f44fe5c9c09a8c9bdc7a96f
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a3ddad0d85359172655db65676f5881f77cea8a0b7fe236d6cf2ab3c5d8bc4de
a64587179f88ce099e304e1aba99e844db374d0b49c6db9fcdb79f18fa72c889
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3
b435b42ec1967d4d3c38e36df6e4c52de12c54b86eb07141a085e330913fb4ca
b54afb8c17fa8cda50fe0ef2bc109178c905df1ed71d2836f5443ed4e86f466b
ba516f819543878a9a264a535fc7957f40317b811e6cd068829ef3300ed039fc
bbd80981dfc0174f878b36a16f2df70fb71f52d418aedcc654d3020ff8e3faa1
dfbdbad329526b4311d4c88a4b0fd7879f7d973a84aa32e6dec760de977fbff6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b20c06a20b7c958a8ebc8d7dd6766a94be7adfb473f4f68e2217b08620fda4
e73db0900053cb7929c23d8ed2d667dfbec582b4c67c61e2d0e4d184e7188b36
ee685f9d7cb5b597ec3e74bbff5f3dd31ab69cf9315ddcb9cdfe991b2da649f6
ef7f208ee05b21c55a88213ab9fe90d3fa3a8fc6349b46bb576d31dc3150909c
f21d1195ba755585a530eafa50066458b007188f4ff9a9500a0e15818c7328c3
f3bb29d52da34c217f74ea0b6165284d0c66cfa62ca8b7fe77231aee281d89e8
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f95cc2911bff5a94bf4eed95499541b28eb9af83d2da096aa700461fb434bfb5

www.hrandpayroll.com Open in urlscan Pro 52.6.19.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

59 %IPv6

14 Domains

19 Subdomains

16 IPs

4 Countries

2065 kBTransfer

9200 kBSize

2 Cookies

5 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hrandpayroll.com Open in urlscan Pro
52.6.19.39 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

59 %
IPv6

14
Domains

19
Subdomains

16
IPs

4
Countries

2065 kB
Transfer

9200 kB
Size

2
Cookies

53 HTTP transactions
0 data transactions