aether.trinetexpense.com Open in urlscan Pro
52.37.232.250 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://aether.trinetexpense.com/
Submission: On November 20 via api (November 20th 2024, 7:47:54 pm UTC) from US — Scanned from DE

Summary HTTP 44 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 14 domains to perform 44 HTTP transactions. The main IP is 52.37.232.250, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is aether.trinetexpense.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 21st 2024. Valid for: a year.

This is the only time aether.trinetexpense.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	52.37.232.250 52.37.232.250	16509 (AMAZON-02) (AMAZON-02)
2	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
3	216.198.54.3 216.198.54.3	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare London)
1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (Amobee Am...) (Amobee Amobee EMEA Limited)
2	52.27.247.229 52.27.247.229	16509 (AMAZON-02) (AMAZON-02)
2 2	54.148.98.41 54.148.98.41	16509 (AMAZON-02) (AMAZON-02)
2	52.219.193.66 52.219.193.66	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:5d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.36.213.229 34.36.213.229	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	216.198.53.3 216.198.53.3	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare London)
1	184.25.216.9 184.25.216.9	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	192.29.68.80 192.29.68.80	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	216.198.53.1 216.198.53.1	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare London)
3	34.107.204.85 34.107.204.85	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.251.29.229 3.251.29.229	16509 (AMAZON-02) (AMAZON-02)
44	16

22 52.37.232.250 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-232-250.us-west-2.compute.amazonaws.com

aether.trinetexpense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.198.54.3 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (Amobee Amobee EMEA Limited, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.27.247.229 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-247-229.us-west-2.compute.amazonaws.com

appcenter.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.148.98.41 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-98-41.us-west-2.compute.amazonaws.com

sso.trinetcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.219.193.66 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-r-w.amazonaws.com

trinetcloud-platform-prod.s3.us-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:5d8 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.213.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.213.36.34.bc.googleusercontent.com

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.198.53.3 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.25.216.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-216-9.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.29.68.80 (Toronto, Canada) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

s383.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.198.53.1 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)

trinetcloud.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.204.85 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 85.204.107.34.bc.googleusercontent.com

data.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.251.29.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-29-229.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	trinetexpense.com aether.trinetexpense.com	472 KB
4	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 641 data.pendo.io — Cisco Umbrella Rank: 671	169 KB
4	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2270 ekr.zdassets.com — Cisco Umbrella Rank: 2553	270 KB
2	eloqua.com 1 redirects s383.t.eloqua.com	1 KB
2	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 6761 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 6318	3 KB
2	amazonaws.com trinetcloud-platform-prod.s3.us-west-1.amazonaws.com	106 KB
2	trinetcloud.com 2 redirects sso.trinetcloud.com	1 KB
2	intuit.com appcenter.intuit.com — Cisco Umbrella Rank: 84147	47 KB
2	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 2111	260 KB
1	zendesk.com trinetcloud.zendesk.com	1 KB
1	en25.com img.en25.com — Cisco Umbrella Rank: 7174	3 KB
1	turn.com r.turn.com — Cisco Umbrella Rank: 4486	398 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	4 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 415	31 KB
44	14

	Domain	Requested by
22	aether.trinetexpense.com	aether.trinetexpense.com
3	data.pendo.io	cdn.pendo.io
3	static.zdassets.com	aether.trinetexpense.com static.zdassets.com
2	s383.t.eloqua.com	1 redirects aether.trinetexpense.com
2	trinetcloud-platform-prod.s3.us-west-1.amazonaws.com	aether.trinetexpense.com
2	sso.trinetcloud.com	2 redirects
2	appcenter.intuit.com	aether.trinetexpense.com ajax.googleapis.com
2	ajax.aspnetcdn.com	aether.trinetexpense.com
1	rum-collector-2.pingdom.net	rum-static.pingdom.net
1	trinetcloud.zendesk.com	static.zdassets.com
1	img.en25.com	aether.trinetexpense.com
1	ekr.zdassets.com	static.zdassets.com
1	cdn.pendo.io	aether.trinetexpense.com
1	rum-static.pingdom.net	aether.trinetexpense.com
1	r.turn.com	aether.trinetexpense.com
1	code.jquery.com	aether.trinetexpense.com
1	ajax.googleapis.com	aether.trinetexpense.com
44	17

This site contains links to these domains. Also see Links.

Domain
www.netsuite.com
appcenter.intuit.com
marketplace.intacct.com
itunes.apple.com
play.google.com
www.trinet.com

Subject Issuer	Validity	Valid
trinetexpense.com Amazon RSA 2048 M02	`2024-05-21` - `2025-06-20`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-06-06` - `2025-06-06`	a year	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
zdassets.com WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
*.turn.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-26` - `2025-04-26`	a year	crt.sh
*.intuit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-07-29`	a year	crt.sh
pingdom.net WE1	`2024-11-10` - `2025-02-09`	3 months	crt.sh
cdn.pendo.io WR3	`2024-11-16` - `2025-02-14`	3 months	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-07-29`	a year	crt.sh
trinetcloud.zendesk.com E5	`2024-11-07` - `2025-02-05`	3 months	crt.sh
pendo.io WR3	`2024-11-10` - `2025-02-08`	3 months	crt.sh
*.pingdom.net Amazon RSA 2048 M03	`2024-10-22` - `2025-11-19`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://aether.trinetexpense.com/
Frame ID: 4F67B69A9B1D7F34CE9E9374EE592641
Requests: 41 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-f3054d6.js
Frame ID: 228CF4112E22DFD77C2F3D6084C99243
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TriNet Expense - Expenses Software | Small Business Expense Report Tracking Software

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

44
Requests

93 %
HTTPS

24 %
IPv6

14
Domains

17
Subdomains

16
IPs

5
Countries

1367 kB
Transfer

2403 kB
Size

4
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://www.netsuite.com/portal/home.shtml
Title: NetSuite

Search URL Search Domain Scan URL

URL: https://appcenter.intuit.com/trinet-expense?locale=en-us
Title: QuickBooks

Search URL Search Domain Scan URL

URL: http://marketplace.intacct.com/MPListing?lid=a2Di00000009BUXEA2
Title: Intacct

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/trinet-expense/id966762641?mt=8
Title: iPhone

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.ec.android&hl=en
Title: Android

Search URL Search Domain Scan URL

URL: https://www.trinet.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://sso.trinetcloud.com/js/trinet-apps.js HTTP 301
https://trinetcloud-platform-prod.s3.us-west-1.amazonaws.com/js_utils/trinet-app-clicker/trinet-apps.1.4.20.min.js

Request Chain 18

https://sso.trinetcloud.com/css/trinet-apps.css HTTP 301
https://trinetcloud-platform-prod.s3.us-west-1.amazonaws.com/js_utils/trinet-app-clicker/trinet-apps.1.4.20.min.css

Request Chain 34

https://s383.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=383&ref2=elqNone&tzo=-60&ms=370&optin=disabled HTTP 302
https://s383.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=383&ref2=elqNone&tzo=-60&ms=370&optin=disabled&elqCookie=1

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
aether.trinetexpense.com/ 14 KB
15 KB 1553ms
686ms Document
text/html 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aether.trinetexpense.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-232-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

97255dfe4d93f0b01fc3ae663454ffbd0ed088c873c62be3121c3ed8a8331122

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://sso.trinetcloud.com https://assets.trinetexpense.com/ .googleapis.com .jquery.com .google-analytics.com .aspnetcdn.com .intuit.com .en25.com .gstatic.com .pingdom.net .google.com .finicity.com .dwolla.com .zdassets.com .trinetcloud-ops.com .cloudflare.com .recurly.com .zendesk.com .hrpassport.com .intacct.com .eloqua.com https://s383.t.eloqua.com .amazonaws.com .trinetexpense-ops.com .trinetexpense.com .appspot.com .trinet.com .googletagmanager.com .appdynamics.com .eum-appdynamics.com .lr-in.com googletagmanager.com .appdynamics.com .lr-in.com .pendo.io .dwolla.com; style-src 'self' 'unsafe-inline' ;img-src 'self' data:; script-src 'self' 'unsafe-inline' https://sso.trinetcloud.com https://assets.trinetexpense.com/ .googleapis.com .jquery.com .google-analytics.com .aspnetcdn.com .intuit.com .en25.com .gstatic.com .pingdom.net .google.com .finicity.com .dwolla.com .zdassets.com .trinetcloud-ops.com .cloudflare.com .recurly.com .zendesk.com .hrpassport.com .intacct.com .eloqua.com https://s383.t.eloqua.com .amazonaws.com .trinetexpense-ops.com .trinetexpense.com .appspot.com .trinet.com .googletagmanager.com .appdynamics.com .eum-appdynamics.com .lr-in.com googletagmanager.com .appdynamics.com .lr-in.com .pendo.io .dwolla.com; worker-src https://* data: blob:; connect-src https://* data:;; object-src none;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	Deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://sso.trinetcloud.com https://assets.trinetexpense.com/ *.googleapis.com *.jquery.com *.google-analytics.com *.aspnetcdn.com *.intuit.com *.en25.com *.gstatic.com *.pingdom.net *.google.com *.finicity.com *.dwolla.com *.zdassets.com *.trinetcloud-ops.com *.cloudflare.com *.recurly.com *.zendesk.com *.hrpassport.com *.intacct.com *.eloqua.com https://s383.t.eloqua.com *.amazonaws.com *.trinetexpense-ops.com *.trinetexpense.com *.appspot.com *.trinet.com *.googletagmanager.com *.appdynamics.com *.eum-appdynamics.com *.lr-in.com googletagmanager.com *.appdynamics.com *.lr-in.com *.pendo.io *.dwolla.com; style-src 'self' 'unsafe-inline' *;img-src 'self' * data:; script-src 'self' 'unsafe-inline' https://sso.trinetcloud.com https://assets.trinetexpense.com/ *.googleapis.com *.jquery.com *.google-analytics.com *.aspnetcdn.com *.intuit.com *.en25.com *.gstatic.com *.pingdom.net *.google.com *.finicity.com *.dwolla.com *.zdassets.com *.trinetcloud-ops.com *.cloudflare.com *.recurly.com *.zendesk.com *.hrpassport.com *.intacct.com *.eloqua.com https://s383.t.eloqua.com *.amazonaws.com *.trinetexpense-ops.com *.trinetexpense.com *.appspot.com *.trinet.com *.googletagmanager.com *.appdynamics.com *.eum-appdynamics.com *.lr-in.com googletagmanager.com *.appdynamics.com *.lr-in.com *.pendo.io *.dwolla.com; worker-src https://* data: blob:; connect-src https://* data:;; object-src none;
content-type: text/html; charset=UTF-8
date: Wed, 20 Nov 2024 19:47:34 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: Deny

GET
H2 200 topec3.js Show response
aether.trinetexpense.com/js/ec3/ 113 B
319 B 717ms
662ms Script
application/javascript 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aether.trinetexpense.com/js/ec3/topec3.js

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-232-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

fd901c02a21c22eed41a7c8dceca45a5c69c223dbfa0f53f11c05fbfdaf38781

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67355904-71"
accept-ranges: bytes
content-length: 113
date: Wed, 20 Nov 2024 19:47:35 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 01:57:24 GMT
server: nginx

GET
H2 200 jquery-ui.css
ajax.aspnetcdn.com/ajax/jquery.ui/1.13.2/themes/redmond/ 36 KB
11 KB 719ms
401ms Stylesheet
text/css 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jquery.ui/1.13.2/themes/redmond/jquery-ui.css

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD5) /

Resource Hash

ebab64235adeddf9c9c4b361ca4ada789a0faf944fb071ce4c76007cf52fd225

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

content-encoding: gzip
etag: "c6525ec7a9cd81:0"
age: 655611
x-content-type-options: nosniff
x-cache: HIT
date: Wed, 20 Nov 2024 19:47:35 GMT
content-type: text/css
last-modified: Wed, 20 Jul 2022 20:54:36 GMT
vary: Accept-Encoding
cache-control: public,max-age=31536000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11009
x-xss-protection: 1; mode=block
server: ECAcc (frc/4CD5)

GET
H2 200 trinetLoginId.js Show response
aether.trinetexpense.com/js/ec3/ 198 B
404 B 700ms
663ms Script
application/javascript 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aether.trinetexpense.com/js/ec3/trinetLoginId.js

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-232-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

516ed75d11d33fa4e7239be897e299940cfab8f4dee92743544247f8faf90845

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67355904-c6"
accept-ranges: bytes
content-length: 198
date: Wed, 20 Nov 2024 19:47:35 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 01:57:24 GMT
server: nginx

GET
H2 200 ec3.min.css
aether.trinetexpense.com/css/ 36 KB
36 KB 487ms
450ms Stylesheet
text/css 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aether.trinetexpense.com/css/ec3.min.css?v=24.06.10.12

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-232-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b6d01b6d68da5b98f5ce1ca059b2acade8815afaa39bd257a884a724db74940b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67355903-90e3"
accept-ranges: bytes
content-length: 37091
date: Wed, 20 Nov 2024 19:47:35 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2024 01:57:23 GMT
server: nginx

GET
H2 200 ec3_pages.min.css
aether.trinetexpense.com/css/ 7 KB
7 KB 698ms
661ms Stylesheet
text/css 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aether.trinetexpense.com/css/ec3_pages.min.css?v=24.06.10.12

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-232-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

af654cac5141a8faa2d485a7d4e59cd2754ebe5ce0d19301d14cd0885e0b95cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67355903-1aa0"
accept-ranges: bytes
content-length: 6816
date: Wed, 20 Nov 2024 19:47:35 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2024 01:57:23 GMT
server: nginx

GET
H2 200 ec3Global.js Show response
aether.trinetexpense.com/js/ec3/ 2 KB
2 KB 926ms
893ms Script
application/javascript 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aether.trinetexpense.com/js/ec3/ec3Global.js

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-232-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f2a05393134ae6ea77ed76f5e9ebbe50bd7f8b60a8580757089f57e385e2e1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67355904-8da"
accept-ranges: bytes
content-length: 2266
date: Wed, 20 Nov 2024 19:47:35 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 01:57:24 GMT
server: nginx

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 349ms
36ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

content-encoding: gzip
age: 560883
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 07:59:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 07:59:32 GMT
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31017
x-xss-protection: 0
server: sffe

GET
H2 200 jquery-migrate-3.3.2.min.js Show response
code.jquery.com/ 11 KB
4 KB 350ms
37ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-3.3.2.min.js
Requested by: Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-2bd8"
age: 1485463
x-cache: HIT, HIT
date: Wed, 20 Nov 2024 19:47:35 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 8021, 882
x-served-by: cache-lga21989-LGA, cache-mxp6983-MXP
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1732132056.615148,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4165
server: nginx

GET
H2 200 jquery-ui.min.js Show response
ajax.aspnetcdn.com/ajax/jquery.ui/1.13.2/ 249 KB
249 KB 380ms
85ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jquery.ui/1.13.2/jquery-ui.min.js

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE5) /

Resource Hash

9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

cache-control: public,max-age=31536000
timing-allow-origin: *
etag: "cae017e27a9cd81:0"
age: 20793866
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 255084
date: Wed, 20 Nov 2024 19:47:35 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Wed, 20 Jul 2022 20:54:20 GMT
server: ECAcc (frc/4CE5)

GET
H2 200 jquery.fix.min.js Show response
aether.trinetexpense.com/js/ 10 KB
10 KB 793ms
692ms Script
application/javascript 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aether.trinetexpense.com/js/jquery.fix.min.js?v=24.06.10.12

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-232-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

1f6513fcdfdf01fd82bf1f571643b7c402cf7d308c380c17bd7c5bfe6b254d86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67355904-28b0"
accept-ranges: bytes
content-length: 10416
date: Wed, 20 Nov 2024 19:47:35 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 01:57:24 GMT
server: nginx

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 243ms
48ms Script
application/javascript 216.198.54.3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=e5bc9dad-abec-4579-b9f8-3ed0974aea6b

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.198.54.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7631939bbc2c74fc9a5fb1ee9565250a15bf95cc0e364da7fc5f15e3db41427

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

access-control-max-age: 0
content-encoding: br
cf-cache-status: HIT
etag: W/"c88d625098ddb649cf216dba2e52435c"
x-amz-version-id: C4qpYKgeT8.DeRlre_wbz3El4DCj0uok
age: 58
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rpJzI42eefwczjzR6mqAKP%2FGGjb4iDuugB%2FxiCqIb4eXUx9gCuQOevZK6WxGaahVuWNqg2MdnvGs6YYcXsyQl4DYdppu2HfKkX%2BMwYeL4yRySCvFMj2ipOJPebiKBWhlIJ5D%2B88%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD
date: Wed, 20 Nov 2024 19:47:35 GMT
content-type: application/javascript
last-modified: Mon, 04 Nov 2024 09:45:04 GMT
vary: Accept-Encoding
x-amz-id-2: pjka0hHjt3S9gXEUQbQm7zS8VbxRvDfHmTJJkEr+IWoTw5Co91sxPuwGc5tdHJ3lvL5IOI2sfzU=
access-control-allow-headers: *
strict-transport-security: max-age=0
x-amz-replication-status: COMPLETED
cache-control: public, max-age=3600, s-maxage=60
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1201E0CPYKWN9678
cf-ray: 8e5af3e3bd87e507-TXL
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 logo.png
aether.trinetexpense.com/img/ec3/common/ 14 KB
14 KB 1018ms
921ms Image
image/png 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aether.trinetexpense.com/img/ec3/common/logo.png

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-232-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0f33b91139c2a5e5aed5dc1443b526bbddd6ddcf7f44d7e4f5a29b588b74f9f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67355903-3794"
accept-ranges: bytes
content-length: 14228
date: Wed, 20 Nov 2024 19:47:35 GMT
content-type: image/png
last-modified: Thu, 14 Nov 2024 01:57:23 GMT
server: nginx

GET
H2 200 devices.png
aether.trinetexpense.com/img/ec3/pages/home/ 219 KB
220 KB 1237ms
1141ms Image
image/png 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aether.trinetexpense.com/img/ec3/pages/home/devices.png

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-232-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

380190f45af884b5d6c3ec1eddcb0bc4ecb50bb0c65514b53cdc4e0c50353576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67355903-36d85"
accept-ranges: bytes
content-length: 224645
date: Wed, 20 Nov 2024 19:47:35 GMT
content-type: image/png
last-modified: Thu, 14 Nov 2024 01:57:23 GMT
server: nginx

GET
H2 200 beacon
r.turn.com/r/ 43 B
398 B 3381ms
2755ms Image
image/gif 2001:678:cb4:bbbb::11
Amobee Amobee EME...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?b2=2YLNz5eikvIPaOyrcLIiGzSb6fRlADyI30-6OZWjiDVkZ9ji-H2OIZnipEjADITHjO67xNCf8aNsDwln0ffIOg&cid=
Requested by: Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (Amobee Amobee EMEA Limited, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
content-length: 43
pragma: no-cache
date: Wed, 20 Nov 2024 19:47:36 GMT
content-type: image/gif

GET
H2 200 common.min.js Show response
aether.trinetexpense.com/js/ 11 KB
12 KB 3650ms
3600ms Script
application/javascript 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aether.trinetexpense.com/js/common.min.js?v=24.06.10.12

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-232-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

02714694c730e51101d8d4a88ba67185b96cc8eae13491aafe62bba3449bbcab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67355904-2d93"
accept-ranges: bytes
content-length: 11667
date: Wed, 20 Nov 2024 19:47:36 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 01:57:24 GMT
server: nginx

GET
H2 200 intuit.ipp.anywhere-1.2.4.js Show response
appcenter.intuit.com/Content/IA/ 32 KB
33 KB 3648ms
3111ms Script
application/javascript 52.27.247.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://appcenter.intuit.com/Content/IA/intuit.ipp.anywhere-1.2.4.js

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.247.229 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-247-229.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

fb534ca5f0229e510ccc3aec0beb68daadc8ae2e2385468b312c5b7d05056188

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

x-request-id: 1-673e3cd8-560951b1341802cb1c553cf4
x-amz-version-id: mB6HieeR.2Iqag3eUsoRtMoGWMN5Hi89
etag: "d4b8038483c4222492ea6f2bb3877dbb"
age: 59484
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: nU8kx_zneHD3DRBYkT-xJD9lz1iFABaVcyJT0AEYhQgcq--2z83sSg==
date: Wed, 20 Nov 2024 19:47:37 GMT
content-type: application/javascript
last-modified: Thu, 11 Jan 2024 20:14:38 GMT
strict-transport-security: max-age=31536000
x-spanid: 1639cf14-4c06-3db7-64a8-b1f48238bbc0
cache-control: max-age=864000
intuit_tid: 1-673e3cd8-560951b1341802cb1c553cf4
x-envoy-upstream-service-time: 37
x-amzn-trace-id: Root=1-673e3cd8-560951b1341802cb1c553cf4
via: 1.1 a9e73292d0b92053c3e38dcec15fd0e2.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 33000
x-amz-cf-pop: SEA19-C3
server: istio-envoy
x-amz-server-side-encryption: AES256

GET
H2 200 intuitAnywhere.min.js Show response
aether.trinetexpense.com/js/ec3/ 276 B
483 B 3650ms
3600ms Script
application/javascript 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aether.trinetexpense.com/js/ec3/intuitAnywhere.min.js?v=24.06.10.12

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-232-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8e1751680f83eb302c4b5806df576842e0f8318850c94bd33fe37506eb37f14f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67355904-114"
accept-ranges: bytes
content-length: 276
date: Wed, 20 Nov 2024 19:47:36 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 01:57:24 GMT
server: nginx

GET
H/1.1

200
OK

trinet-apps.1.4.20.min.js Show response
trinetcloud-platform-prod.s3.us-west-1.amazonaws.com/js_utils/trinet-app-clicker/
Redirect Chain

https://sso.trinetcloud.com/js/trinet-apps.js
https://trinetcloud-platform-prod.s3.us-west-1.amazonaws.com/js_utils/trinet-app-clicker/trinet-apps.1.4.20.min.js

101 KB
101 KB

700ms
265ms

Script
application/javascript

52.219.193.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trinetcloud-platform-prod.s3.us-west-1.amazonaws.com/js_utils/trinet-app-clicker/trinet-apps.1.4.20.min.js
Requested by: Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/
Protocol: HTTP/1.1
Server: 52.219.193.66 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 028286d5aacd5d6fba1a2427db47fd5d7bd4bce039a753e49a5b690b74775b3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

x-amz-id-2: kJAxxDRNkHpCo434fVQk8kVdUA71QI8qG15zfIK7obaZvOp/MoxUntiAtSGz6uXbEZOZnLXg2PY=
ETag: "9043990f4380c00b7bdf856d1452a4ec"
x-amz-request-id: 45J7F1NCGEYEFPQN
Accept-Ranges: bytes
Content-Length: 103370
Date: Wed, 20 Nov 2024 19:47:49 GMT
Last-Modified: Mon, 05 Jun 2023 16:23:12 GMT
Content-Type: application/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
location: https://trinetcloud-platform-prod.s3.us-west-1.amazonaws.com/js_utils/trinet-app-clicker/trinet-apps.1.4.20.min.js
content-length: 162
date: Wed, 20 Nov 2024 19:47:47 GMT
content-type: text/html
server: nginx

GET
H/1.1

200
OK

trinet-apps.1.4.20.min.css
trinetcloud-platform-prod.s3.us-west-1.amazonaws.com/js_utils/trinet-app-clicker/
Redirect Chain

https://sso.trinetcloud.com/css/trinet-apps.css
https://trinetcloud-platform-prod.s3.us-west-1.amazonaws.com/js_utils/trinet-app-clicker/trinet-apps.1.4.20.min.css

4 KB
4 KB

1032ms
220ms

Stylesheet
text/css

52.219.193.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trinetcloud-platform-prod.s3.us-west-1.amazonaws.com/js_utils/trinet-app-clicker/trinet-apps.1.4.20.min.css
Requested by: Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/
Protocol: HTTP/1.1
Server: 52.219.193.66 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 362656a19c4454ad1880c634baf58b8c29ca96af2f2480ec64b7511116d17771

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

x-amz-id-2: DARj11ov+vD3wpvJEQDhxAzIdjQ3x2/mGLH6zsQLNFZyOcQvBOyRHIagarEndDF1D667NZT+/LI=
ETag: "eca07a4fb5dda228a4cfda9d09056b1c"
x-amz-request-id: 45J310AM0S3XQRDY
Accept-Ranges: bytes
Content-Length: 4062
Date: Wed, 20 Nov 2024 19:47:49 GMT
Last-Modified: Mon, 05 Jun 2023 16:23:12 GMT
Content-Type: text/css
Server: AmazonS3
x-amz-server-side-encryption: AES256

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
location: https://trinetcloud-platform-prod.s3.us-west-1.amazonaws.com/js_utils/trinet-app-clicker/trinet-apps.1.4.20.min.css
content-length: 162
date: Wed, 20 Nov 2024 19:47:47 GMT
content-type: text/html
server: nginx

GET
H2 200 trinetApp.min.js Show response
aether.trinetexpense.com/js/ec3/ 278 B
485 B 3650ms
3603ms Script
application/javascript 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aether.trinetexpense.com/js/ec3/trinetApp.min.js?v=24.06.10.12

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-232-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

277379e7b8cf7e569aabbba8c30b51c9929314a71036164359c65ec19ad00e3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67355904-116"
accept-ranges: bytes
content-length: 278
date: Wed, 20 Nov 2024 19:47:36 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 01:57:24 GMT
server: nginx

GET
H2 200 eloquaEc3.min.js Show response
aether.trinetexpense.com/js/ec3/ 436 B
643 B 3648ms
3601ms Script
application/javascript 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aether.trinetexpense.com/js/ec3/eloquaEc3.min.js?v=24.06.10.12

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-232-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

d85d09f62e6ce61d483234ebbca2f74bdf1ec88d2dea2549b1dc00d6af12ff7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67355904-1b4"
accept-ranges: bytes
content-length: 436
date: Wed, 20 Nov 2024 19:47:36 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 01:57:24 GMT
server: nginx

GET
H2 200 pa-54e6a986abe53dea349f44c4.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 616ms
166ms Script
application/javascript 2606:4700:10::ac43:5d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-54e6a986abe53dea349f44c4.js
Requested by: Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:5d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cf0173a376d27e98197cfea2f83053723f825733171855903aa767c6b737db9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

cache-control: max-age=86400
content-encoding: gzip
cf-cache-status: MISS
etag: W/"63490024-1852"
cf-ray: 8e5af3eafeeabbe6-FRA
expires: Wed, 20 Nov 2024 19:52:36 GMT
access-control-allow-origin: *
date: Wed, 20 Nov 2024 19:47:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/b4ad226e-58a3-4c7a-4abd-f06acc1f4652/ 512 KB
168 KB 494ms
55ms Script
application/javascript 34.36.213.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pendo.io/agent/static/b4ad226e-58a3-4c7a-4abd-f06acc1f4652/pendo.js

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

229.213.36.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

69d4c66c74417cbc825102885fdbd29cbaebc2db7eca3737d3f4158481696ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *
content-encoding: gzip
x-goog-hash: crc32c=AABANQ==, md5=eSnBowPmMzm+3IDTeVYWVQ==
etag: "7929c1a303e63339bedc80d379561655"
age: 676
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 171435
date: Wed, 20 Nov 2024 19:36:20 GMT
last-modified: Wed, 20 Nov 2024 18:16:52 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-guploader-uploadid: AFiumC6W_jCRe8w9_lbFjCxiKThHEekfQb8PwFN8c3wVLOoLqr__mDO6tSb0S0i_wZSdXK_ZpWM
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public,max-age=450
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1732126612598182
content-length: 171435
server: UploadServer

GET
H2 200 e5bc9dad-abec-4579-b9f8-3ed0974aea6b Show response
ekr.zdassets.com/compose/ 805 B
1 KB 3390ms
3141ms Fetch
application/json 216.198.53.3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/e5bc9dad-abec-4579-b9f8-3ed0974aea6b

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=e5bc9dad-abec-4579-b9f8-3ed0974aea6b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a396f352cb29dc4c948b9e0989f0d04458d9ceba23d7633da3093c2e6a8fe16

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

access-control-max-age: 7200
x-request-id: 8e508fa3e8f006ee-SEA, 8e508fa3e8f006ee-SEA, 8e508fa3e8f006ee-SEA
access-control-expose-headers
content-encoding: br
cf-cache-status: HIT
etag: W/"2a396f352cb29dc4c948b9e0989f0d04"
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BZb20HvDOOYBEe7XwgEAk03W7fjgE68xIh1L02q7JcGwcNLkGT0uKBwzGnNL104GPmSA5qGX2KRTrF4MmXQUdQHIrzRqJkVaZhZkqs2saS4QN9hLGrYg%2BAQnzuoDIJYT%2F9Q%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
date: Wed, 20 Nov 2024 19:47:37 GMT
content-type: application/json; charset=utf-8
vary: Accept, Origin, Accept-Encoding
x-runtime: 0.003835
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
cdn-cache-control: max-age=60
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8e5af3ec0a1358e4-TXL
access-control-allow-origin: *
x-zendesk-zorg: yes, yes
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 bg.png
aether.trinetexpense.com/img/ec3/common/ 339 B
537 B 3607ms
3595ms Image
image/png 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aether.trinetexpense.com/img/ec3/common/bg.png

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/css/ec3.min.css?v=24.06.10.12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-232-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5a07196fae3b0d4fcfccb668e4f025a69c8af47f7591d539d79f887b8b7ce14d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/css/ec3.min.css?v=24.06.10.12

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67355903-153"
accept-ranges: bytes
content-length: 339
date: Wed, 20 Nov 2024 19:47:36 GMT
content-type: image/png
last-modified: Thu, 14 Nov 2024 01:57:23 GMT
server: nginx

GET
H2 200 nav-sub.png
aether.trinetexpense.com/img/ec3/common/ 2 KB
2 KB 3606ms
3595ms Image
image/png 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aether.trinetexpense.com/img/ec3/common/nav-sub.png

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/css/ec3.min.css?v=24.06.10.12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-232-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

01d9e72b5fb8e10904c05b50f59ddddba4b1d5547d301058db379a242643baaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/css/ec3.min.css?v=24.06.10.12

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67355903-6ab"
accept-ranges: bytes
content-length: 1707
date: Wed, 20 Nov 2024 19:47:36 GMT
content-type: image/png
last-modified: Thu, 14 Nov 2024 01:57:23 GMT
server: nginx

GET
H2 200 ie-border.png
aether.trinetexpense.com/img/ec3/common/ 436 B
634 B 3605ms
3594ms Image
image/png 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aether.trinetexpense.com/img/ec3/common/ie-border.png

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/css/ec3.min.css?v=24.06.10.12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-232-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

757d61354a6da418161982de5c3cfa22524ce4f958516328e99630031f42a201

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/css/ec3.min.css?v=24.06.10.12

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67355903-1b4"
accept-ranges: bytes
content-length: 436
date: Wed, 20 Nov 2024 19:47:36 GMT
content-type: image/png
last-modified: Thu, 14 Nov 2024 01:57:23 GMT
server: nginx

GET
H2 200 icon-home.png
aether.trinetexpense.com/img/ec3/pages/home/ 20 KB
20 KB 3605ms
3595ms Image
image/png 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aether.trinetexpense.com/img/ec3/pages/home/icon-home.png

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/css/ec3_pages.min.css?v=24.06.10.12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-232-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5c06527e897b811b71f9fa7c8edf262ea3caf2a65ad15c37b7d3be283693870f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/css/ec3_pages.min.css?v=24.06.10.12

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67355903-4eca"
accept-ranges: bytes
content-length: 20170
date: Wed, 20 Nov 2024 19:47:36 GMT
content-type: image/png
last-modified: Thu, 14 Nov 2024 01:57:23 GMT
server: nginx

GET
H2 200 ec-mobile.png
aether.trinetexpense.com/img/ec3/pages/home/ 90 KB
91 KB 3605ms
3596ms Image
image/png 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aether.trinetexpense.com/img/ec3/pages/home/ec-mobile.png

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/css/ec3_pages.min.css?v=24.06.10.12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-232-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3350505dc85321eb130ca99abbd46d01e296c782925c6ddcf76795bf509fce5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/css/ec3_pages.min.css?v=24.06.10.12

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67355903-169fd"
accept-ranges: bytes
content-length: 92669
date: Wed, 20 Nov 2024 19:47:36 GMT
content-type: image/png
last-modified: Thu, 14 Nov 2024 01:57:23 GMT
server: nginx

GET
H2 200 workwith.png
aether.trinetexpense.com/img/ec3/pages/home/ 2 KB
2 KB 3605ms
3596ms Image
image/png 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aether.trinetexpense.com/img/ec3/pages/home/workwith.png

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/css/ec3_pages.min.css?v=24.06.10.12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-232-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

7ea3fb6a6b551dc406f2d1f139ab8cbd4debdc6558c5ed61f024cc8738bfa635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/css/ec3_pages.min.css?v=24.06.10.12

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67355903-6c8"
accept-ranges: bytes
content-length: 1736
date: Wed, 20 Nov 2024 19:47:36 GMT
content-type: image/png
last-modified: Thu, 14 Nov 2024 01:57:23 GMT
server: nginx

GET
H2 200 partners.png
aether.trinetexpense.com/img/ec3/pages/home/ 25 KB
26 KB 3604ms
3595ms Image
image/png 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aether.trinetexpense.com/img/ec3/pages/home/partners.png

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/css/ec3_pages.min.css?v=24.06.10.12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-232-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e77bdc7a895a39d8950fe81c40bd99f2b72f7a71b06af772e9d27a39fec72e80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/css/ec3_pages.min.css?v=24.06.10.12

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67355903-65df"
accept-ranges: bytes
content-length: 26079
date: Wed, 20 Nov 2024 19:47:36 GMT
content-type: image/png
last-modified: Thu, 14 Nov 2024 01:57:23 GMT
server: nginx

GET
H2 200 web-widget-main-f3054d6.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 228C 829 KB
258 KB 64ms
63ms Script
application/javascript 216.198.54.3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-f3054d6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=e5bc9dad-abec-4579-b9f8-3ed0974aea6b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.198.54.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3d9f69b82ac472c339c8ada0258a26cb52260a1726a33dc63f2ea87dc0a9390

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 0
content-encoding: br
cf-cache-status: HIT
etag: W/"272fa93dfef8986946cca0168e6e0cff"
x-amz-version-id: jvpYwOB_Z03haqkDj6rs8MuIf.2DtBd1
age: 118281
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4iDmxV%2B8xhiSqMLJAGicpv1nKsK7e6o1dE%2BYXmk5TTYAp2Fx87F4iSPifD8wSsGa%2F0hECkiYe2Mz%2BbH%2BPA6%2BwKEu9W6Ja6SWH1BzQDyVlizOJgVEKNWEA1Ic4qUtcRHNaRsY%2BN0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD
expires: Tue, 18 Nov 2025 13:50:45 GMT
date: Wed, 20 Nov 2024 19:47:49 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 18 Nov 2024 13:50:46 GMT
vary: Accept-Encoding
x-amz-id-2: vyai2U0QpyhLmPDsXPJuqa7O6s5+7SgGibri0KQcqpcP1FjRkUTp6i0aNsjce+QxtrbtEAbrH2o=
access-control-allow-headers: *
strict-transport-security: max-age=0
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2TXWJFW1MBZD3CD8
cf-ray: 8e5af437ef7ce507-TXL
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 273ms
94ms Script
application/x-javascript 184.25.216.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/js/ec3/eloquaEc3.min.js?v=24.06.10.12

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.25.216.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-25-216-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

X-Robots-Tag: noindex, nofollow
Content-Encoding: gzip
ETag: "cae7da887413db1:0"
X-Content-Type-Options: nosniff
Expires: Wed, 20 Nov 2024 19:47:49 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Date: Wed, 20 Nov 2024 19:47:49 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 30 Sep 2024 20:08:37 GMT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: no-store
Pragma: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2183
X-XSS-Protection: 1; mode=block

GET
H2 200 intuit.ipp.anywhere.css
appcenter.intuit.com/Content/IA/ 13 KB
14 KB 458ms
457ms Stylesheet
text/css 52.27.247.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://appcenter.intuit.com/Content/IA/intuit.ipp.anywhere.css

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.247.229 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-247-229.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

6e77fe08d19fec07f71d5202303938b1a141de12d04f4945ff1860ca35dadfa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

x-request-id: 1-673e3ce5-1b146f0153aeda19662317e4
etag: "a6e20a732527fb7208f09be820d5b46b"
x-amz-version-id: iXVbOW1OFFlpDlbv.E.ERDoUH6IYDHuD
age: 80059
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: mZuVSUKVv2SPFNXrvn1pqRDJ2IVi6YJ6uCF5yHDNTD33GYrFOZ9uDA==
date: Wed, 20 Nov 2024 19:47:49 GMT
content-type: text/css
last-modified: Thu, 11 Jan 2024 20:14:38 GMT
strict-transport-security: max-age=31536000
x-spanid: 9f8717ed-b890-b634-a40b-64371b52be3e
cache-control: max-age=864000
intuit_tid: 1-673e3ce5-1b146f0153aeda19662317e4
x-envoy-upstream-service-time: 30
x-amzn-trace-id: Root=1-673e3ce5-1b146f0153aeda19662317e4
via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 13337
x-amz-cf-pop: HIO52-P1
server: istio-envoy
x-amz-server-side-encryption: AES256

GET
H/1.1

200
OK

svrGP.aspx
s383.t.eloqua.com/visitor/v200/
Redirect Chain

https://s383.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=383&ref2=elqNone&tzo=-60&ms=370&optin=disabled
https://s383.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=383&ref2=elqNone&tzo=-60&ms=370&optin=disabled&elqCookie=1

49 B
448 B

178ms
177ms

Image
image/gif

192.29.68.80
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s383.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=383&ref2=elqNone&tzo=-60&ms=370&optin=disabled&elqCookie=1

Requested by

Host: aether.trinetexpense.com
URL: https://aether.trinetexpense.com/

Protocol

HTTP/1.1

Server

192.29.68.80 Toronto, Canada, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Robots-Tag: noindex, nofollow
Cache-Control: no-store
Pragma: no-cache
X-Content-Type-Options: nosniff
Expires: -1
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Length: 49
X-Xss-Protection: 1; mode=block
Date: Wed, 20 Nov 2024 19:47:49 GMT
Content-Type: image/gif

Redirect headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Robots-Tag: noindex, nofollow
Cache-Control: no-store
Location: https://s383.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=383&ref2=elqNone&tzo=-60&ms=370&optin=disabled&elqCookie=1
Pragma: no-cache
X-Content-Type-Options: nosniff
Expires: -1
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Length: 262
X-Xss-Protection: 1; mode=block
Date: Wed, 20 Nov 2024 19:47:49 GMT
Content-Type: text/html; charset=utf-8

GET
H2 200 en-us-json-f3054d6.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 228C 25 KB
6 KB 58ms
53ms Script
application/javascript 216.198.54.3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-f3054d6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-f3054d6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.198.54.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b87b92cd9b2943bcc97a64011eb833ef4205009327eaffe17db1cd001ae9ecc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 0
content-encoding: br
cf-cache-status: HIT
etag: W/"ef48436bf7997a9fed0856cd3df28c0f"
x-amz-version-id: nGp2RwuIshusxICDexzwspoNZYDkLec1
age: 118278
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cTkM%2B4dVHr42P13x7vreYs3ibdhCvVassB2Rugdxsn1Aeb9HKTgAr3tI5D%2Bk%2Beirjk70hTCq9e4wFRyaU1uSV72zVF5z2MByPs635t7P25%2FD6jesgedlOHr8rOQPHD35tdWnF%2Fg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD
expires: Tue, 18 Nov 2025 13:50:47 GMT
date: Wed, 20 Nov 2024 19:47:49 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 18 Nov 2024 13:50:48 GMT
vary: Accept-Encoding
x-amz-id-2: 2DAEPQ7FRA6AV0qssl8H4L0ySV4I67Vr26B7qmqHLgXWJUe9Jxu0QCVIAtUGdN9EYcvvPE2Q4Omoy1rPoL7lSQ==
access-control-allow-headers: *
strict-transport-security: max-age=0
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: NWFMW5NRB0F2VBGW
cf-ray: 8e5af43b8819e507-TXL
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 config Show response
trinetcloud.zendesk.com/embeddable/ Frame 228C 444 B
1 KB 306ms
219ms Fetch
application/json 216.198.53.1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://trinetcloud.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-f3054d6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.198.53.1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d82b97fd65dcba258dd7c8159af7650c709c2c3249dbe249c0136cb830550ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 7200
x-request-id: 8e5af43c1faae50a-WAW
access-control-expose-headers
x-zendesk-origin-server: embeddable-app-server-744d9cc897-28z6b
cf-cache-status: EXPIRED
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F8tIgvydsAHcH7ejLc1UMwchJeiHSBHqrhlwK1wl6WjcpXR%2FTzeSTqZ3zc3OM1B9OJCWddJakscj84f5OdKfhvd2Rw6yIjWB%2FqMWuVOeOiWPGh087Q7zVbEhDdXy%2FXkOGMCSXg7A9Jbg"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
date: Wed, 20 Nov 2024 19:47:49 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
x-runtime: 0.002508
last-modified: Wed, 20 Nov 2024 19:47:49 GMT
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e5af43c1faae50a-TXL
access-control-allow-origin: *
x-zendesk-zorg: yes
x-cached: MISS
server: cloudflare

GET
H2 200 b4ad226e-58a3-4c7a-4abd-f06acc1f4652
data.pendo.io/data/ptm.gif/ 42 B
103 B 353ms
239ms Image
image/gif 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.pendo.io/data/ptm.gif/b4ad226e-58a3-4c7a-4abd-f06acc1f4652?v=2.255.2_prod&ct=1732132070046&jzb=eJzFUk1z0zAQ_S86Z2xZthonN5ICAwxNAm1nKMN4VGdpVWxJkdalppP_3lXcmOFSbuDTfujte2-9Xx8Z9g7YnLWAik3Ytbc_A_gKdUvVbJqLLBd8ynk-nbB7HTRaX-ktAar167PTVXVe6Tdu-TG0d7svPQ1QdW07g4c3pmuaCet8Q89vEV2Yp6kCvAWfoNcGEB4cmABJbduUsM5bF9j88UgUw5e4COaU6Qc9lEOrdOSi8Lv2ASujoouYN-qP1NvmOao19kMUUOGxGC3453qjzE2nbmILTHXxme1Hl0eBg9G_jSKcUx4MvhrRVNoOTwVPsywVXBQEugcftDWxnAgpE1HRara_B5yr63cjLQ4J6xar8uHyRyh5u-MXSxu34Mnxofl2tVms3UK8l6dN9mFdRpEQIsmhfXW2_lTc2aLdLK8uV782h_auA1OTNk5n0SPQn5GS7yfjyTRWbV86mYKA_-xkopijhJO8yJOTGX1lKaWc_ae9ZePexGy2__YEAPsVdg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

strict-transport-security: max-age=63072000
access-control-max-age: 600
cache-control: no-store
x-envoy-upstream-service-time: 75
access-control-allow-credentials: false
x-content-type-options: nosniff
access-control-allow-methods: GET,POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: clear
content-length: 42
date: Wed, 20 Nov 2024 19:47:50 GMT
content-type: image/gif
server: istio-envoy
access-control-allow-headers: *

GET
H2 200 b4ad226e-58a3-4c7a-4abd-f06acc1f4652 Show response
data.pendo.io/data/guide.js/ 3 KB
953 B 341ms
234ms Script
application/javascript 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://data.pendo.io/data/guide.js/b4ad226e-58a3-4c7a-4abd-f06acc1f4652?id=13&jzb=eJx9T8tOAzEM_Jecq00b0cveEA-JAw-Jh8QpsnZNG5Q4wfFWXaH99yZsKXDhNjMe2zOfaueyk8g3vWqVfbi6u7y3T9Zdp4vbHN4_Xke1UNB1cSCpFhq8X6iBfXFvRVJutQaULXIj7AgF9wkpY9PFoMtq9P3Lz4N5O6BADwKqPX2v0P2ToFxLQKP98hSOAVyNUOCb4yyWIODMPfyhHP0RdU7GGWUB-RZrMT7qHmgzwKaOkOzzo5pO3UvAQhIwkpz_lkqR6jdLvVppszRn5c4OObtIVW7Met0Ymzj2apoOxE92WA&v=2.255.2_prod&ct=1732132070051

Requested by

Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/b4ad226e-58a3-4c7a-4abd-f06acc1f4652/pendo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

d1400d3d9c84f8dabd8731f590d0d4f33643cdb21a5dca09a30c0d8b78d882e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

access-control-max-age: 600
content-encoding: gzip
access-control-allow-methods: GET,POST
x-content-type-options: nosniff
alt-svc: clear
date: Wed, 20 Nov 2024 19:47:50 GMT
content-type: application/javascript
access-control-allow-headers: *
strict-transport-security: max-age=63072000
cache-control: no-store
x-envoy-upstream-service-time: 32
access-control-allow-credentials: false
via: 1.1 google
access-control-allow-origin: *
content-length: 865
server: istio-envoy

GET
H2 200 b4ad226e-58a3-4c7a-4abd-f06acc1f4652
data.pendo.io/data/guide.gif/ 42 B
311 B 268ms
162ms Image
image/gif 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.pendo.io/data/guide.gif/b4ad226e-58a3-4c7a-4abd-f06acc1f4652?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1732132070054&v=2.255.2_prod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

strict-transport-security: max-age=63072000
access-control-max-age: 600
cache-control: no-store
x-envoy-upstream-service-time: 2
access-control-allow-credentials: false
x-content-type-options: nosniff
access-control-allow-methods: GET,POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: clear
content-length: 42
date: Wed, 20 Nov 2024 19:47:50 GMT
content-type: image/gif
server: istio-envoy
access-control-allow-headers: *

GET
H2 200 favicon.ico
aether.trinetexpense.com/ 11 KB
11 KB 209ms
209ms Other
image/x-icon 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aether.trinetexpense.com/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-232-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2f2153c1c482001f4d47ead34d04376479ae5c3bd6288e731c5a67e68849a0f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67355903-2c1e"
accept-ranges: bytes
content-length: 11294
date: Wed, 20 Nov 2024 19:47:50 GMT
content-type: image/x-icon
last-modified: Thu, 14 Nov 2024 01:57:23 GMT
server: nginx

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 248ms
56ms XHR
text/plain 3.251.29.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=54e6a986abe53dea349f44c4&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=26&cE=832&dLE=25&dLS=7&fS=0&hS=239&rE=-1&rS=-1&reS=859&resS=1513&resE=1659&uEE=-1&uES=-1&dL=1596&dI=15405&dCLES=15405&dCLEE=15421&dC=16344&lES=16344&lEE=16346&s=nt&title=TriNet%20Expense%20-%20Expenses%20Software%20%7C%20Small%20Business%20Expense%20Report%20Tracking%20Software&path=https%3A%2F%2Faether.trinetexpense.com%2F&ref=&sId=zr4970im&sST=1732132070&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-54e6a986abe53dea349f44c4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.251.29.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-251-29-229.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

Expires: 0
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
Date: Wed, 20 Nov 2024 19:47:50 GMT
Pragma: no-cache
Connection: keep-alive

GET
H2 200 favicon.ico
aether.trinetexpense.com/ 11 KB
0 0ms
0ms Other
image/x-icon 52.37.232.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aether.trinetexpense.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.37.232.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-232-250.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2f2153c1c482001f4d47ead34d04376479ae5c3bd6288e731c5a67e68849a0f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://aether.trinetexpense.com/

Response headers

accept-ranges: bytes
content-length: 11294
date: Wed, 20 Nov 2024 19:47:50 GMT
etag: "67355903-2c1e"
content-type: image/x-icon
last-modified: Thu, 14 Nov 2024 01:57:23 GMT
server: nginx

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.turn.com/	1970-01-21 05:28:04	Name: uid Value: 2704288108242157812
sso.trinetcloud.com/	1970-01-21 01:18:56	Name: AWSALBCORS Value: enTePP8Sid7Q793jYlQ838wy7n9KUFMIcVvgolW5gX/q94a02mOZCkmBiQ5NX27z7oLOqS8NyP+elu4JFtRyZErfCn7eAqZ5IPOvoYOKRD2De9flag5TnA90+fbu
.eloqua.com/	1970-01-21 10:37:40	Name: ELOQUA Value: GUID=6A4DC6A4DFEC4DB98BB0332944056491
.eloqua.com/	1970-01-21 10:37:40	Name: ELQSTATUS Value: OK

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://sso.trinetcloud.com https://assets.trinetexpense.com/ .googleapis.com .jquery.com .google-analytics.com .aspnetcdn.com .intuit.com .en25.com .gstatic.com .pingdom.net .google.com .finicity.com .dwolla.com .zdassets.com .trinetcloud-ops.com .cloudflare.com .recurly.com .zendesk.com .hrpassport.com .intacct.com .eloqua.com https://s383.t.eloqua.com .amazonaws.com .trinetexpense-ops.com .trinetexpense.com .appspot.com .trinet.com .googletagmanager.com .appdynamics.com .eum-appdynamics.com .lr-in.com googletagmanager.com .appdynamics.com .lr-in.com .pendo.io .dwolla.com; style-src 'self' 'unsafe-inline' ;img-src 'self' data:; script-src 'self' 'unsafe-inline' https://sso.trinetcloud.com https://assets.trinetexpense.com/ .googleapis.com .jquery.com .google-analytics.com .aspnetcdn.com .intuit.com .en25.com .gstatic.com .pingdom.net .google.com .finicity.com .dwolla.com .zdassets.com .trinetcloud-ops.com .cloudflare.com .recurly.com .zendesk.com .hrpassport.com .intacct.com .eloqua.com https://s383.t.eloqua.com .amazonaws.com .trinetexpense-ops.com .trinetexpense.com .appspot.com .trinet.com .googletagmanager.com .appdynamics.com .eum-appdynamics.com .lr-in.com googletagmanager.com .appdynamics.com .lr-in.com .pendo.io .dwolla.com; worker-src https://* data: blob:; connect-src https://* data:;; object-src none;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	Deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aether.trinetexpense.com
ajax.aspnetcdn.com
ajax.googleapis.com
appcenter.intuit.com
cdn.pendo.io
code.jquery.com
data.pendo.io
ekr.zdassets.com
img.en25.com
r.turn.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
s383.t.eloqua.com
sso.trinetcloud.com
static.zdassets.com
trinetcloud-platform-prod.s3.us-west-1.amazonaws.com
trinetcloud.zendesk.com
152.199.19.160
184.25.216.9
192.29.68.80
2001:678:cb4:bbbb::11
216.198.53.1
216.198.53.3
216.198.54.3
2606:4700:10::ac43:5d8
2a00:1450:4001:803::200a
2a04:4e42:600::649
3.251.29.229
34.107.204.85
34.36.213.229
52.219.193.66
52.27.247.229
52.37.232.250
54.148.98.41
01d9e72b5fb8e10904c05b50f59ddddba4b1d5547d301058db379a242643baaf
02714694c730e51101d8d4a88ba67185b96cc8eae13491aafe62bba3449bbcab
028286d5aacd5d6fba1a2427db47fd5d7bd4bce039a753e49a5b690b74775b3e
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0f33b91139c2a5e5aed5dc1443b526bbddd6ddcf7f44d7e4f5a29b588b74f9f7
1f6513fcdfdf01fd82bf1f571643b7c402cf7d308c380c17bd7c5bfe6b254d86
277379e7b8cf7e569aabbba8c30b51c9929314a71036164359c65ec19ad00e3b
2a396f352cb29dc4c948b9e0989f0d04458d9ceba23d7633da3093c2e6a8fe16
2cf0173a376d27e98197cfea2f83053723f825733171855903aa767c6b737db9
2f2153c1c482001f4d47ead34d04376479ae5c3bd6288e731c5a67e68849a0f6
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
3350505dc85321eb130ca99abbd46d01e296c782925c6ddcf76795bf509fce5a
362656a19c4454ad1880c634baf58b8c29ca96af2f2480ec64b7511116d17771
380190f45af884b5d6c3ec1eddcb0bc4ecb50bb0c65514b53cdc4e0c50353576
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
516ed75d11d33fa4e7239be897e299940cfab8f4dee92743544247f8faf90845
5a07196fae3b0d4fcfccb668e4f025a69c8af47f7591d539d79f887b8b7ce14d
5c06527e897b811b71f9fa7c8edf262ea3caf2a65ad15c37b7d3be283693870f
69d4c66c74417cbc825102885fdbd29cbaebc2db7eca3737d3f4158481696ce8
6e77fe08d19fec07f71d5202303938b1a141de12d04f4945ff1860ca35dadfa3
757d61354a6da418161982de5c3cfa22524ce4f958516328e99630031f42a201
7d82b97fd65dcba258dd7c8159af7650c709c2c3249dbe249c0136cb830550ee
7ea3fb6a6b551dc406f2d1f139ab8cbd4debdc6558c5ed61f024cc8738bfa635
8e1751680f83eb302c4b5806df576842e0f8318850c94bd33fe37506eb37f14f
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
97255dfe4d93f0b01fc3ae663454ffbd0ed088c873c62be3121c3ed8a8331122
af654cac5141a8faa2d485a7d4e59cd2754ebe5ce0d19301d14cd0885e0b95cf
b6d01b6d68da5b98f5ce1ca059b2acade8815afaa39bd257a884a724db74940b
b87b92cd9b2943bcc97a64011eb833ef4205009327eaffe17db1cd001ae9ecc8
c7631939bbc2c74fc9a5fb1ee9565250a15bf95cc0e364da7fc5f15e3db41427
d1400d3d9c84f8dabd8731f590d0d4f33643cdb21a5dca09a30c0d8b78d882e3
d85d09f62e6ce61d483234ebbca2f74bdf1ec88d2dea2549b1dc00d6af12ff7a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d9f69b82ac472c339c8ada0258a26cb52260a1726a33dc63f2ea87dc0a9390
e77bdc7a895a39d8950fe81c40bd99f2b72f7a71b06af772e9d27a39fec72e80
ebab64235adeddf9c9c4b361ca4ada789a0faf944fb071ce4c76007cf52fd225
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f2a05393134ae6ea77ed76f5e9ebbe50bd7f8b60a8580757089f57e385e2e1fd
fb534ca5f0229e510ccc3aec0beb68daadc8ae2e2385468b312c5b7d05056188
fd901c02a21c22eed41a7c8dceca45a5c69c223dbfa0f53f11c05fbfdaf38781
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

aether.trinetexpense.com Open in urlscan Pro 52.37.232.250 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

93 %HTTPS

24 %IPv6

14 Domains

17 Subdomains

16 IPs

5 Countries

1367 kBTransfer

2403 kBSize

4 Cookies

6 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

aether.trinetexpense.com Open in urlscan Pro
52.37.232.250 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

93 %
HTTPS

24 %
IPv6

14
Domains

17
Subdomains

16
IPs

5
Countries

1367 kB
Transfer

2403 kB
Size

4
Cookies

44 HTTP transactions
0 data transactions