hr.ease.com Open in urlscan Pro
104.17.73.206 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ec.easecentral.com/NjI3LVBMVi0yMDkAAAGDx_9pwghyf8oRza7i_7AuT2CrXXF0s5a2w_48hhuz4ZYUF7E7MIferPwyHws9jvZpss-aPoahELnu...
Effective URL:
https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAG...
Submission Tags: falconsandbox
Submission: On April 14 via api (April 14th 2022, 6:55:54 pm UTC) from US — Scanned from DE

Summary HTTP 63 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 13 domains to perform 63 HTTP transactions. The main IP is 104.17.73.206, located in and belongs to CLOUDFLARENET, US. The main domain is hr.ease.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 3rd 2021. Valid for: a year.

This is the only time hr.ease.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	199.15.213.48 199.15.213.48	15224 (OMNITURE) (OMNITURE)
19	104.17.73.206 104.17.73.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
1	104.16.93.80 104.16.93.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 23	151.101.193.181 151.101.193.181	54113 (FASTLY) (FASTLY)
4	143.204.98.112 143.204.98.112	16509 (AMAZON-02) (AMAZON-02)
2	104.92.72.193 104.92.72.193	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
6	34.206.242.46 34.206.242.46	14618 (AMAZON-AES) (AMAZON-AES)
63	15

1 199.15.213.48 (United States)

ASN15224 (OMNITURE, US)

ec.easecentral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.17.73.206 (None, )

ASN13335 (CLOUDFLARENET, US)

hr.ease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.93.80 (None, )

ASN13335 (CLOUDFLARENET, US)

627-plv-209.mktoweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 151.101.193.181 (United States) 3 redirects

ASN54113 (FASTLY, US)

play.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.98.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-112.fra50.r.cloudfront.net

cdn.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.72.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-72-193.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

627-plv-209.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.206.242.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-242-46.compute-1.amazonaws.com

raw.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	vidyard.com 3 redirects play.vidyard.com — Cisco Umbrella Rank: 11244 cdn.vidyard.com — Cisco Umbrella Rank: 17198 assets.vidyard.com — Cisco Umbrella Rank: 23710 raw.vidyard.com — Cisco Umbrella Rank: 24954	4 MB
19	ease.com hr.ease.com	148 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3622	6 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 238	18 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5383	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 4	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 95	439 B
1	mktoresp.com 627-plv-209.mktoresp.com	311 B
1	mktoweb.com 627-plv-209.mktoweb.com	68 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 647	30 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	easecentral.com ec.easecentral.com	861 B
63	13

	Domain	Requested by
19	hr.ease.com	ec.easecentral.com hr.ease.com
12	play.vidyard.com	3 redirects hr.ease.com play.vidyard.com assets.vidyard.com
11	assets.vidyard.com	play.vidyard.com assets.vidyard.com
6	raw.vidyard.com	assets.vidyard.com
4	cdn.vidyard.com	hr.ease.com assets.vidyard.com
2	www.google-analytics.com	hr.ease.com www.google-analytics.com
2	munchkin.marketo.net	hr.ease.com munchkin.marketo.net
2	cdnjs.cloudflare.com	hr.ease.com
1	www.google.de	hr.ease.com
1	www.google.com	hr.ease.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	627-plv-209.mktoresp.com	munchkin.marketo.net
1	627-plv-209.mktoweb.com	hr.ease.com
1	code.jquery.com	hr.ease.com
1	fonts.googleapis.com	hr.ease.com
1	ec.easecentral.com
63	16

This site contains links to these domains. Also see Links.

Domain
hr.easecentral.com
marketingresourcelibrary.ease.com
www.ease.com
twitter.com
www.facebook.com
www.linkedin.com

Subject Issuer	Validity	Valid
hr.ease.com Cloudflare Inc ECC CA-3	`2021-06-03` - `2022-06-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
627-plv-209.mktoweb.com Cloudflare Inc ECC CA-3	`2022-02-19` - `2023-02-19`	a year	crt.sh
*.vidyard.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
Frame ID: E40074FE3565FD40DBCC52051D7ACC72
Requests: 41 HTTP requests in this frame

Frame: https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline
Frame ID: D525122A4A2A28A25AF716565982AB9A
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ease | Reimagining Benefits Enrollment

Page URL History Show full URLs

http://ec.easecentral.com/NjI3LVBMVi0yMDkAAAGDx_9pwghyf8oRza7i_7AuT2CrXXF0s5a2w_48hhuz4ZYUF7E7MIferPwy... Page URL
https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

94 %
HTTPS

47 %
IPv6

13
Domains

16
Subdomains

15
IPs

5
Countries

4024 kB
Transfer

5984 kB
Size

8
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://hr.easecentral.com/rs/627-PLV-209/images/EaseCentral_Employer_Overview_Brochure.pdf
Title: Learn More

Search URL Search Domain Scan URL

URL: https://marketingresourcelibrary.ease.com/getconnectednow/
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.ease.com/
Title: Learn More

Search URL Search Domain Scan URL

URL: https://twitter.com/ease

Search URL Search Domain Scan URL

URL: https://www.facebook.com/easecentral

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/ease/

Search URL Search Domain Scan URL

URL: https://www.ease.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.ease.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ec.easecentral.com/NjI3LVBMVi0yMDkAAAGDx_9pwghyf8oRza7i_7AuT2CrXXF0s5a2w_48hhuz4ZYUF7E7MIferPwyHws9jvZpss-aPoahELnuYx0= Page URL
https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/24806304/OwiHmLpcVR2woBLnqKiUSg.png

Request Chain 43

https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/24806304/OwiHmLpcVR2woBLnqKiUSg.png

Request Chain 54

https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/24806304/OwiHmLpcVR2woBLnqKiUSg.png

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK NjI3LVBMVi0yMDkAAAGDx_9pwghyf8oRza7i_7AuT2CrXXF0s5a2w_48hhuz4ZYUF7E7MIferPwyHws9jvZpss-aPoahELnuYx0=
ec.easecentral.com/ 541 B
861 B 917ms
196ms Document
text/html 199.15.213.48
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

http://ec.easecentral.com/NjI3LVBMVi0yMDkAAAGDx_9pwghyf8oRza7i_7AuT2CrXXF0s5a2w_48hhuz4ZYUF7E7MIferPwyHws9jvZpss-aPoahELnuYx0=

Protocol

HTTP/1.1

Server

199.15.213.48 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, max-age=0
Connection: close
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 14 Apr 2022 18:55:48 GMT
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

GET
H2 200 Primary Request NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html Show response
hr.ease.com/ 18 KB
5 KB 734ms
445ms Document
text/html 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib

Requested by

Host: ec.easecentral.com
URL: http://ec.easecentral.com/NjI3LVBMVi0yMDkAAAGDx_9pwghyf8oRza7i_7AuT2CrXXF0s5a2w_48hhuz4ZYUF7E7MIferPwyHws9jvZpss-aPoahELnuYx0=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fe21fd94ea81857e584cb2874a87ab9e57bb11a211508ec8253f33983faccee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://ec.easecentral.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 6fbea86d2e6368fe-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 14 Apr 2022 18:55:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT"
server: cloudflare
vary: *,Accept-Encoding
x-asset-type: LP
x-cache-status: BYPASS
x-content-type-options: nosniff
x-mkto-nginx-cache: false

GET
H2 200 flexboxgrid.css
hr.ease.com/rs/627-PLV-209/images/ 24 KB
4 KB 146ms
145ms Stylesheet
text/css 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hr.ease.com/rs/627-PLV-209/images/flexboxgrid.css

Requested by

Host: hr.ease.com
URL: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb1d30f976833e45986d3337dd9999eb61525161027102727b61543f707e5100

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 12 Mar 2022 04:00:18 GMT
server: cloudflare
etag: "fc0209-614a-5d9fd7c40b8e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 6fbea872c8cc68fe-FRA
content-length: 3831
expires: Thu, 14 Apr 2022 18:56:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 37ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9f282849d1cf8f3649ab2b38ee674050c4516b9cafe0c8eb5be6f7f5ce6a529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 17:21:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 14 Apr 2022 18:55:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Apr 2022 18:55:50 GMT

GET
H2 200 select2.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/css/ 17 KB
2 KB 79ms
38ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/css/select2.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6ac55e050e3e6db253b3e8c575de97675e07fade527056269d9fffdc88a988b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 845239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1824
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-44c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fmj4P9VCzIC8p04S7Eij3grZD%2FuhUmEhqcpewvp0BpQ22zGRkXvS8P%2BVrtEMMRgREMfLYwlKS%2BglS815U02xheTLf3OgqNGE5BWt9A2ddeNQWMbufVyBDgltUOVO%2BXcsWl%2FTbDPCyeHvSd%2Bcf0Ncm%2BiB"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6fbea8730c505a3d-MXP
expires: Tue, 04 Apr 2023 18:55:50 GMT

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 48ms
24ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: hr.ease.com
URL: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://hr.ease.com/
Origin: https://hr.ease.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:50 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15283"
vary: Accept-Encoding
x-hw: 1649962550.dop001.fr8.t,1649962550.cds242.fr8.hn,1649962550.cds133.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 forms2.min.js Show response
627-plv-209.mktoweb.com/js/forms2/js/ 205 KB
68 KB 613ms
486ms Script
application/x-javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://627-plv-209.mktoweb.com/js/forms2/js/forms2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 07 Mar 2022 19:28:07 GMT
server: cloudflare
etag: "c801a4-3326e-5d9a5dd2b7fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 6fbea8738b899a2d-FRA
vary: Accept-Encoding
expires: Thu, 14 Apr 2022 22:55:50 GMT

GET
H2 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/js/ 65 KB
16 KB 73ms
33ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/js/select2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa659dfc6ebd4b8aad80fa304842c879502fefe16e2fcef55976a89605e7af04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 54349
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15671
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-10468"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ume5uxe6xWp4An4bY7IqYKU54riFPXKjcwEX%2FoBYOAJFdZWx%2FQSXpyHEhApyxKbUzFYxU2WrQpMqC7t%2FnRtAhJBNByyG8qDcfLJ5DvvUj9lbSElVf%2FSXfkBD0lQ4nCFt9Eex2JQPk6se2jQLmw3RAIGl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6fbea8730c5a5a3d-MXP
expires: Tue, 04 Apr 2023 18:55:50 GMT

GET
H2 200 ease.svg
hr.ease.com/rs/627-PLV-209/images/ 1 KB
691 B 128ms
127ms Image
image/svg+xml 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr.ease.com/rs/627-PLV-209/images/ease.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e913d83ef9a6daf01c522a8da69ba204b2ab2cd78c25a7440cb30bfd64a955d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 12 Mar 2022 04:00:18 GMT
server: cloudflare
etag: W/"fc020b-543-5d9fd7c46a487"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=60
cf-ray: 6fbea874dcd768fe-FRA
expires: Thu, 14 Apr 2022 18:56:50 GMT

GET
H2 200 light-orange-circle.svg
hr.ease.com/rs/627-PLV-209/images/ 635 B
487 B 161ms
160ms Image
image/svg+xml 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr.ease.com/rs/627-PLV-209/images/light-orange-circle.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82958b61a4d19d736cdd5e2cb0bc2733acede475d4b9d15529bc6a6bbca388ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 12 Mar 2022 04:00:18 GMT
server: cloudflare
etag: W/"fc020a-27b-5d9fd7c467d77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=60
cf-ray: 6fbea875ae5d68fe-FRA
expires: Thu, 14 Apr 2022 18:56:50 GMT

GET
H2 200 lined-circle-blue.svg
hr.ease.com/rs/627-PLV-209/images/ 509 B
359 B 123ms
123ms Image
image/svg+xml 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr.ease.com/rs/627-PLV-209/images/lined-circle-blue.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23a72f7fa66971ce72c5e9931f8fa1b890f9e7bfc69a00b5b41d2084a16929cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 12 Mar 2022 04:00:18 GMT
server: cloudflare
etag: W/"fc020f-1fd-5d9fd7c4af604"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=60
cf-ray: 6fbea876a81968fe-FRA
expires: Thu, 14 Apr 2022 18:56:50 GMT

GET
H2 200 v4.js Show response
play.vidyard.com/embed/ 72 KB
23 KB 39ms
9ms Script
application/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/embed/v4.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9ba5ee6b3d763b99b3d6d638932e849b25b6e1696f9ed4c2e3adc93e9d1ea1a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:50 GMT
content-encoding: gzip
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
age: 15470
x-cache: HIT
x-cache-hits: 2
content-length: 23353
x-served-by: cache-hhn4039-HHN
x-china: 0
last-modified: Wed, 13 Apr 2022 21:16:23 GMT
etag: "bc942c4ee5380f87d606a4afe095e095"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

OwiHmLpcVR2woBLnqKiUSg.png
cdn.vidyard.com/thumbnails/24806304/
Redirect Chain

https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM.jpg
https://cdn.vidyard.com/thumbnails/24806304/OwiHmLpcVR2woBLnqKiUSg.png

1 MB
1 MB

177ms
107ms

Image
image/png

143.204.98.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/24806304/OwiHmLpcVR2woBLnqKiUSg.png
Requested by: Host: hr.ease.com
URL: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
Protocol: H2
Server: 143.204.98.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c623dc14810180df3dcd12217e6093baaa2e5c5437f6743fa1b914a849c1a224

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:53:19 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-cdn: cloudfront
age: 3753
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: STANDARD_IA
content-length: 1139677
last-modified: Fri, 11 Feb 2022 21:42:01 GMT
server: AmazonS3
etag: "e77a87d58b426e89d3dcc22587f26c53"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: fM4c3Ui5xBwX7eLDIn2H1lt9UdXqNIU3
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: wr9d5fro5zoipLvgTTeDOPe8t80BizBRCCKLQBJUcr1mZ2rsgJoH3A==

Redirect headers

date: Thu, 14 Apr 2022 18:55:51 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
strict-transport-security: max-age=31557600
content-length: 92
x-served-by: cache-hhn4039-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
location: https://cdn.vidyard.com/thumbnails/24806304/OwiHmLpcVR2woBLnqKiUSg.png
x-timer: S1649962551.995996,VS0,VE219
x-frame-options: ALLOWALL
vary: Accept, X-ThumbnailAB, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 ease-logo-blue.png
hr.ease.com/rs/627-PLV-209/images/ 8 KB
8 KB 127ms
127ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr.ease.com/rs/627-PLV-209/images/ease-logo-blue.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7caef4a52ac48a78f1f8ec79ccfab38ce2809104472fd2531a65254d67b4357

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 12 Mar 2022 19:29:43 GMT
server: cloudflare
etag: "fc0714-1f2f-5da0a781a0361"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 6fbea877dadc68fe-FRA
content-length: 7983
expires: Thu, 14 Apr 2022 18:56:51 GMT

GET
H2 200 seperator-blue-arrow.svg
hr.ease.com/rs/627-PLV-209/images/ 815 B
577 B 156ms
154ms Image
image/svg+xml 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr.ease.com/rs/627-PLV-209/images/seperator-blue-arrow.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6422f325fbd70a035ac0cf79149cc5d359e85b5bdd01c6f6c9015f511f37943

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 12 Mar 2022 04:29:28 GMT
server: cloudflare
etag: W/"fc0265-32f-5d9fde49a5f77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=60
cf-ray: 6fbea877eaf168fe-FRA
expires: Thu, 14 Apr 2022 18:56:51 GMT

GET
H2 200 header-seperator.svg
hr.ease.com/rs/627-PLV-209/images/ 661 B
485 B 134ms
132ms Image
image/svg+xml 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr.ease.com/rs/627-PLV-209/images/header-seperator.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d997468f70748a517ecae334244a22e93ee12d7baa4fb086a618bb9fa28d4547

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 12 Mar 2022 04:00:18 GMT
server: cloudflare
etag: W/"fc0212-295-5d9fd7c4ca79e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=60
cf-ray: 6fbea877eaf468fe-FRA
expires: Thu, 14 Apr 2022 18:56:51 GMT

GET
H2 200 Collaboration.svg
hr.ease.com/rs/627-PLV-209/images/ 2 KB
695 B 146ms
144ms Image
image/svg+xml 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr.ease.com/rs/627-PLV-209/images/Collaboration.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0d0be2934a2516165dd7f454bc392b8fa0c9f94c6bc5100a28052bcc47fcdae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Mar 2022 14:48:49 GMT
server: cloudflare
etag: W/"fc0e8b-60f-5da2ec73a67e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=60
cf-ray: 6fbea877eaf668fe-FRA
expires: Thu, 14 Apr 2022 18:56:51 GMT

GET
H2 200 Info%20on%20demand.png
hr.ease.com/rs/627-PLV-209/images/ 4 KB
5 KB 146ms
144ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr.ease.com/rs/627-PLV-209/images/Info%20on%20demand.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e48f57d7fb148a2e63b4863f9db4b9ebbb9c1827461c1714b853fa95f11ae210

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 24 Mar 2022 01:47:31 GMT
server: cloudflare
etag: "fc0aea-118f-5daed07810ec3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 6fbea877eaf768fe-FRA
content-length: 4495
expires: Thu, 14 Apr 2022 18:56:51 GMT

GET
H2 200 Demo.svg
hr.ease.com/rs/627-PLV-209/images/ 1 KB
715 B 147ms
146ms Image
image/svg+xml 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr.ease.com/rs/627-PLV-209/images/Demo.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27eae2d1d19c887e0039884b1dac96d699537de0352fdb1177d0a48475582c19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sun, 13 Mar 2022 16:20:10 GMT
server: cloudflare
etag: W/"fc0ae9-46b-5da1bf01d379f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=60
cf-ray: 6fbea877eaf968fe-FRA
expires: Thu, 14 Apr 2022 18:56:51 GMT

GET
H2 200 footer-illustration.svg
hr.ease.com/rs/627-PLV-209/images/ 17 KB
3 KB 131ms
129ms Image
image/svg+xml 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr.ease.com/rs/627-PLV-209/images/footer-illustration.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebfcd726d5f4f576464a0539b4068c6175473c09058efb253945c5524f8c45f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 12 Mar 2022 04:00:18 GMT
server: cloudflare
etag: W/"fc020e-44b8-5d9fd7c48f262"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=60
cf-ray: 6fbea877eafb68fe-FRA
expires: Thu, 14 Apr 2022 18:56:51 GMT

GET
H2 200 icon-social-twitter.png
hr.ease.com/rs/627-PLV-209/images/ 2 KB
2 KB 121ms
120ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr.ease.com/rs/627-PLV-209/images/icon-social-twitter.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ead36cc914fe164595101d6505681a37444ba70f5fadfff8b1b0f481bd4e9c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 12 Mar 2022 04:00:18 GMT
server: cloudflare
etag: "fc0213-823-5d9fd7c4d20b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 6fbea877eafe68fe-FRA
content-length: 2083
expires: Thu, 14 Apr 2022 18:56:51 GMT

GET
H2 200 icon-social-facebook.png
hr.ease.com/rs/627-PLV-209/images/ 1 KB
1 KB 138ms
137ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr.ease.com/rs/627-PLV-209/images/icon-social-facebook.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18f1ee3c9640b21310c6b3be666092d68ef4eb71992999149e0ae8a6dd6e2ca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 12 Mar 2022 04:00:18 GMT
server: cloudflare
etag: "fc020c-52d-5d9fd7c48988a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 6fbea877eaff68fe-FRA
content-length: 1325
expires: Thu, 14 Apr 2022 18:56:51 GMT

GET
H2 200 icon-social-linkedin.png
hr.ease.com/rs/627-PLV-209/images/ 2 KB
2 KB 131ms
130ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr.ease.com/rs/627-PLV-209/images/icon-social-linkedin.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

395319eae5611a58ac5012f12bf0a3a32c81849cda298fdfc451094ba0a7ff4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 12 Mar 2022 04:00:18 GMT
server: cloudflare
etag: "fc0214-645-5d9fd7c4d4baf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 6fbea877eb0168fe-FRA
content-length: 1605
expires: Thu, 14 Apr 2022 18:56:51 GMT

GET
H2 200 bottom-dots.svg
hr.ease.com/rs/627-PLV-209/images/ 26 KB
1 KB 144ms
143ms Image
image/svg+xml 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hr.ease.com/rs/627-PLV-209/images/bottom-dots.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dddc67ad8635318a8b363968f6a80b923e7ca0960acf511ad44f12ae5a0085a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 12 Mar 2022 04:00:18 GMT
server: cloudflare
etag: W/"fc020d-667d-5d9fd7c48ac12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=60
cf-ray: 6fbea877eb0468fe-FRA
expires: Thu, 14 Apr 2022 18:56:51 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net// 1 KB
1 KB 39ms
9ms Script
application/x-javascript 104.92.72.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net//munchkin.js
Requested by: Host: hr.ease.com
URL: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.72.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-72-193.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 18:55:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H2 200 stripmkttok.js Show response
hr.ease.com/js/ 2 KB
844 B 140ms
140ms Script
application/x-javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hr.ease.com/js/stripmkttok.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 07 Mar 2022 19:28:07 GMT
server: cloudflare
etag: "a404a9-602-5d9a5dd2b7fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6fbea873eb6068fe-FRA
content-length: 678
expires: Thu, 14 Apr 2022 22:55:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2320
date: Thu, 14 Apr 2022 18:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 14 Apr 2022 20:17:11 GMT

GET
H2 200 HarmoniaSansStd-Bold.ttf
hr.ease.com/rs/627-PLV-209/images/ 136 KB
56 KB 137ms
137ms Font
text/plain 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hr.ease.com/rs/627-PLV-209/images/HarmoniaSansStd-Bold.ttf

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19511beaa7f93b8632f2edf3c4306774b8b35bfee7033704aa627ee9f40a4d33

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
Origin: https://hr.ease.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 12 Mar 2022 04:00:18 GMT
server: cloudflare
etag: W/"fc0210-221f8-5d9fd7c4c8476"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=60
cf-ray: 6fbea877fb1168fe-FRA
expires: Thu, 14 Apr 2022 18:56:51 GMT

GET
H2 200 HarmoniaSansStd-SemiBd.ttf
hr.ease.com/rs/627-PLV-209/images/ 139 KB
57 KB 150ms
149ms Font
text/plain 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hr.ease.com/rs/627-PLV-209/images/HarmoniaSansStd-SemiBd.ttf

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

295ad3d7f8448a4f9b6d45a4023c8ac98c34d925492a6118b2bc24c47b28642b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
Origin: https://hr.ease.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 12 Mar 2022 04:00:19 GMT
server: cloudflare
etag: W/"fc0215-22a18-5d9fd7c4e5938"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=60
cf-ray: 6fbea877fb1368fe-FRA
expires: Thu, 14 Apr 2022 18:56:51 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/161/ 11 KB
5 KB 8ms
8ms Script
application/x-javascript 104.92.72.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/161/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net//munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.72.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-72-193.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 18:55:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 00:38:21 GMT
Server: AkamaiNetStorage
ETag: "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4681
Expires: Sat, 23 Jul 2022 18:55:51 GMT

POST
H/1.1 200
OK visitWebPage
627-plv-209.mktoresp.com/webevents/ 2 B
311 B 666ms
95ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://627-plv-209.mktoresp.com/webevents/visitWebPage?_mchNc=1649962551050&_mchCn=NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment&_mchId=627-PLV-209&_mchTk=_mch-ease.com-1649962551050-37082&mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib&_mchWs=j1RR&_mchHo=hr.ease.com&_mchPo=&_mchRu=%2FNURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=http%3A%2F%2Fec.easecentral.com%2F&_mchQp=mkt_tok%3DNjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 18:55:51 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: d4d985c9-c03f-4b3a-b480-c9f4174dfc41

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
206 B 14ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=939147113&t=pageview&_s=1&dl=https%3A%2F%2Fhr.ease.com%2FNURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html%3Fmkt_tok%3DNjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib&dr=http%3A%2F%2Fec.easecentral.com%2F&ul=en-us&de=UTF-8&dt=Ease%20%7C%20Reimagining%20Benefits%20Enrollment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1696810412&gjid=629352174&cid=230936898.1649962551&tid=UA-60738241-2&_gid=249814102.1649962551&_r=1&_slc=1&z=680432261

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hr.ease.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 18:55:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hr.ease.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-60738241-2&cid=230936898.1649962551&jid=1696810412&gjid=629352174&_gid=249814102.1649962551&_u=IEBAAEAAAAAAAC~&z=2064365174

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hr.ease.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 14 Apr 2022 18:55:51 GMT
content-type: text/plain
access-control-allow-origin: https://hr.ease.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 56ms
33ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-60738241-2&cid=230936898.1649962551&jid=1696810412&_u=IEBAAEAAAAAAAC~&z=782416352

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 18:55:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 54ms
31ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-60738241-2&cid=230936898.1649962551&jid=1696810412&_u=IEBAAEAAAAAAAC~&z=782416352

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 18:55:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hwcnef43A3qbh7ezQ8R2ZM
play.vidyard.com/ 0
2 KB 210ms
178ms Other
text/html 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Referer: https://hr.ease.com/
Origin: https://hr.ease.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:51 GMT
content-encoding: gzip
age: 0
x-cache: MISS
strict-transport-security: max-age=31557600
content-length: 1465
x-served-by: cache-cdg20762-CDG
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1649962552.531990,VS0,VE161
x-frame-options: ALLOWALL
etag: W/"dd7-kiJsI9ed+fyaI0njo69vz08QzDU"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/html; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 hwcnef43A3qbh7ezQ8R2ZM Show response
play.vidyard.com/ Frame D525 3 KB
2 KB 200ms
200ms Document
text/html 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

379035f1fdb16d3c21ad76b59f3fce426c6724f1bae01e61a0cbf490e5671c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Referer: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 1465
content-type: text/html; charset=utf-8
date: Thu, 14 Apr 2022 18:55:51 GMT
etag: W/"dd7-kiJsI9ed+fyaI0njo69vz08QzDU"
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31557600
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-china: 0
x-frame-options: ALLOWALL
x-served-by: cache-hhn4039-HHN
x-timer: S1649962551.497415,VS0,VE193

GET
H2 200 style.js Show response
play.vidyard.com/v4/hwcnef43A3qbh7ezQ8R2ZM/ 176 B
236 B 256ms
256ms Script
text/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/hwcnef43A3qbh7ezQ8R2ZM/style.js?callback=window.VidyardV4.jsonp.style_hwcnef43A3qbh7ezQ8R2ZM.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

626004db350fb06139c7cef93009e5b3a15bb229fc0af1113d2f09ee18b8a566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-length: 139
via: 1.1 varnish
x-served-by: cache-hhn4039-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1649962551.497506,VS0,VE245
x-frame-options: ALLOWALL
etag: W/"b0-q0zw7bHompnFwyxzIDm6mxpNjl0"
strict-transport-security: max-age=31557600
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 marketoContact.js Show response
play.vidyard.com/v4/hwcnef43A3qbh7ezQ8R2ZM/contact/id%3A627-PLV-209%26token%3A_mch-ease.com-1649962551050-37082/ 168 B
341 B 223ms
222ms Script
text/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/hwcnef43A3qbh7ezQ8R2ZM/contact/id%3A627-PLV-209%26token%3A_mch-ease.com-1649962551050-37082/marketoContact.js?callback=window.VidyardV4.jsonp.marketoContact_hwcnef43A3qbh7ezQ8R2ZM.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ed40771728e94aec7a2bdc5930f8f64dcd9efb3ea57ddae08e467c246cb0ddf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:51 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
strict-transport-security: max-age=31557600
content-length: 168
x-served-by: cache-hhn4039-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1649962551.498102,VS0,VE213
x-frame-options: ALLOWALL
etag: W/"a8-8LYoHu6a+gv6efHzj5np/aDKB1U"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 integrations.js Show response
play.vidyard.com/v4/hwcnef43A3qbh7ezQ8R2ZM/ 199 B
351 B 298ms
297ms Script
text/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/hwcnef43A3qbh7ezQ8R2ZM/integrations.js?callback=window.VidyardV4.jsonp.integrations_hwcnef43A3qbh7ezQ8R2ZM.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

81383870a49f81547b32f7282c926b98e8cc939bea64800d4f0404d91ba4b9d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-length: 155
via: 1.1 varnish
x-served-by: cache-hhn4039-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1649962551.498560,VS0,VE289
x-frame-options: ALLOWALL
etag: W/"c7-47j6PVsX4EYlOGxil8yvBbuEKU0"
strict-transport-security: max-age=31557600
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 details.js Show response
play.vidyard.com/v4/hwcnef43A3qbh7ezQ8R2ZM/ 152 B
331 B 303ms
303ms Script
text/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/hwcnef43A3qbh7ezQ8R2ZM/details.js?callback=window.VidyardV4.jsonp.details_hwcnef43A3qbh7ezQ8R2ZM.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2782c839edfceab12481c09b0ce604d9fba20e7ec14098fcac2c5e27e8016301

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-length: 115
via: 1.1 varnish
x-served-by: cache-hhn4039-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1649962551.498882,VS0,VE295
x-frame-options: ALLOWALL
etag: W/"98-5pbokdrIylJY6Yzvjb0zBd9DfKo"
strict-transport-security: max-age=31557600
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 runtime~main-a15d9aacc668a6f759a8f922f7819beb.js Show response
assets.vidyard.com/play/js/ Frame D525 7 KB
2 KB 36ms
17ms Script
application/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/runtime~main-a15d9aacc668a6f759a8f922f7819beb.js
Requested by: Host: play.vidyard.com
URL: https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 840802ef2452639c1b51411dabf26c22806d30ec8cdb64042b9b9c3a15b0f86b

Request headers

Referer: https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:51 GMT
content-encoding: br
vary: Accept-Encoding
age: 763292
x-cache: HIT
content-length: 2265
via: 1.1 varnish
x-served-by: cache-cdg20762-CDG
last-modified: Tue, 05 Apr 2022 22:53:37 GMT
x-timer: S1649962552.734914,VS0,VE0
etag: "cad2a0c96c460776ae49272113601007"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1862

GET
H2 200 main-6ec54ba12e4ca3426001792db73033fe.js Show response
assets.vidyard.com/play/js/ Frame D525 101 KB
13 KB 34ms
15ms Script
application/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/main-6ec54ba12e4ca3426001792db73033fe.js
Requested by: Host: play.vidyard.com
URL: https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 35d206b49ce2481f4ce045d2eed34e70a568733651291a13fbac5f96a187da1b

Request headers

Referer: https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:51 GMT
content-encoding: br
vary: Accept-Encoding
age: 774157
x-cache: HIT
content-length: 13437
via: 1.1 varnish
x-served-by: cache-cdg20762-CDG
last-modified: Tue, 05 Apr 2022 19:52:19 GMT
x-timer: S1649962552.734817,VS0,VE0
etag: "729c2155dec837960afe8dcb722e5ae1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 4948

GET
H2 200 hwcnef43A3qbh7ezQ8R2ZM.json Show response
play.vidyard.com/player/ Frame D525 7 KB
3 KB 282ms
282ms Fetch
application/json 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/player/hwcnef43A3qbh7ezQ8R2ZM.json?disable_popouts=1&v=4.3.1&type=inline

Requested by

Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-6ec54ba12e4ca3426001792db73033fe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9e5d6aedc8a4dbee50a28b1c55c9a38cbf80667cf638fdc58090bc6e625e9d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Referer: https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline
referrer: https://hr.ease.com/NURT-2022-03-DPB-Series-Engaged_Reimagining-Benefits-Enrollment.html?mkt_tok=NjI3LVBMVi0yMDkAAAGDx_9pwvtXRhhGcLcRd2XHh7C9NbXTooraeornsT9uwGqQFDcfEPf8OCU-g2-6jSSjDIssUhmwPm6lwjrWztP2y9MGc0u6X45rBRfh0GKNQu0KT6gGuMdkkYib
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:52 GMT
content-encoding: gzip
age: 0
x-cache: MISS
strict-transport-security: max-age=31557600
content-length: 3039
x-served-by: cache-hhn4039-HHN
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1649962552.760395,VS0,VE273
x-frame-options: ALLOWALL
etag: W/"1a45-EoFgmjTwQHUDMjlNRb8aFfd+cEc"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: application/json; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

OwiHmLpcVR2woBLnqKiUSg.png
cdn.vidyard.com/thumbnails/24806304/
Redirect Chain

https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM.jpg
https://cdn.vidyard.com/thumbnails/24806304/OwiHmLpcVR2woBLnqKiUSg.png

1 MB
1 MB

11ms
10ms

Image
image/png

143.204.98.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/24806304/OwiHmLpcVR2woBLnqKiUSg.png
Protocol: H2
Server: 143.204.98.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c623dc14810180df3dcd12217e6093baaa2e5c5437f6743fa1b914a849c1a224

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hr.ease.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:53:19 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-cdn: cloudfront
age: 3753
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: STANDARD_IA
content-length: 1139677
last-modified: Fri, 11 Feb 2022 21:42:01 GMT
server: AmazonS3
etag: "e77a87d58b426e89d3dcc22587f26c53"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: fM4c3Ui5xBwX7eLDIn2H1lt9UdXqNIU3
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: FMIo8n6oK3BLXfHZ59SBuEuM_fA8_FcZSUUd0Tlgwk0dpWpYoBlzew==

Redirect headers

date: Thu, 14 Apr 2022 18:55:51 GMT
via: 1.1 varnish
age: 1
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 92
x-served-by: cache-hhn4039-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
location: https://cdn.vidyard.com/thumbnails/24806304/OwiHmLpcVR2woBLnqKiUSg.png
x-timer: S1649962552.762214,VS0,VE0
x-frame-options: ALLOWALL
vary: Accept, X-ThumbnailAB, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendors~player~player-pomo~unreleased-6f1535fdd215c357f2fbfd82fb0ad6ac.js Show response
assets.vidyard.com/play/js/ Frame D525 158 KB
41 KB 15ms
14ms Script
application/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~player~player-pomo~unreleased-6f1535fdd215c357f2fbfd82fb0ad6ac.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-a15d9aacc668a6f759a8f922f7819beb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 70cdbfd1af5e73361917e325d8cc630b1975465387aa7567eca367f0025d931c

Request headers

Referer: https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:52 GMT
content-encoding: br
vary: Accept-Encoding
age: 774157
x-cache: HIT
content-length: 41567
via: 1.1 varnish
x-served-by: cache-cdg20762-CDG
last-modified: Tue, 05 Apr 2022 19:52:19 GMT
x-timer: S1649962552.050042,VS0,VE0
etag: "37995d0c223af8d0ad6292d77643424d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 4851

GET
H2 200 vendors~access-code~player-pomo~whitelisted-embed-3fad0f9db873c09b2111853e79fa4233.js Show response
assets.vidyard.com/play/js/ Frame D525 102 KB
29 KB 23ms
22ms Script
application/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~access-code~player-pomo~whitelisted-embed-3fad0f9db873c09b2111853e79fa4233.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-a15d9aacc668a6f759a8f922f7819beb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1a69bb7c2e623d7f187710d9cd62c1a925856b024d756e1bd37b562222d5eb55

Request headers

Referer: https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:52 GMT
content-encoding: br
vary: Accept-Encoding
age: 774157
x-cache: HIT
content-length: 29220
via: 1.1 varnish
x-served-by: cache-cdg20762-CDG
last-modified: Tue, 05 Apr 2022 19:52:19 GMT
x-timer: S1649962552.050162,VS0,VE0
etag: "93ce47a87a0bb2dfa11f0022ad804953"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 4426

GET
H2 200 vendors~player-pomo-ea18181ff6b80f3a66df6d1eec19b9b4.js Show response
assets.vidyard.com/play/js/ Frame D525 613 KB
104 KB 34ms
34ms Script
application/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~player-pomo-ea18181ff6b80f3a66df6d1eec19b9b4.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-a15d9aacc668a6f759a8f922f7819beb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2e3f1167176ce106373c5fcd57394a7d8d07b1e1cbad018e34472465332a40bb

Request headers

Referer: https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:52 GMT
content-encoding: br
vary: Accept-Encoding
age: 774157
x-cache: HIT
content-length: 106550
via: 1.1 varnish
x-served-by: cache-cdg20762-CDG
last-modified: Tue, 05 Apr 2022 19:52:19 GMT
x-timer: S1649962552.050600,VS0,VE0
etag: "e71f7ffad0839272a3cacd38cb5758cd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 4475

GET
H2 200 player-pomo-672bf7b9224d523d3eabd08c61310f58.css
assets.vidyard.com/play/stylesheets/ Frame D525 39 KB
8 KB 45ms
45ms Stylesheet
text/css 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/stylesheets/player-pomo-672bf7b9224d523d3eabd08c61310f58.css
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-a15d9aacc668a6f759a8f922f7819beb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 76d7ee69eba10643d7744a2f1b9cd413a2088106f9d8264e151e908a18ce2e75

Request headers

Referer: https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:52 GMT
content-encoding: br
vary: Accept-Encoding
age: 763291
x-cache: HIT
content-length: 7617
via: 1.1 varnish
x-served-by: cache-cdg20762-CDG
last-modified: Tue, 05 Apr 2022 22:53:37 GMT
x-timer: S1649962552.051338,VS0,VE0
etag: "c37de0a636cf2e6a8fe975e1b2d43947"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1627

GET
H2 200 player-pomo-672bf7b9224d523d3eabd08c61310f58.js Show response
assets.vidyard.com/play/js/ Frame D525 263 KB
52 KB 45ms
45ms Script
application/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/player-pomo-672bf7b9224d523d3eabd08c61310f58.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-a15d9aacc668a6f759a8f922f7819beb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 500cd8436b2c7279a5259fd2d6ceeb7d780aed70740df081c4c8fbd30d49f8fa

Request headers

Referer: https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:52 GMT
content-encoding: br
vary: Accept-Encoding
age: 763291
x-cache: HIT
content-length: 53114
via: 1.1 varnish
x-served-by: cache-cdg20762-CDG
last-modified: Tue, 05 Apr 2022 22:53:37 GMT
x-timer: S1649962552.051748,VS0,VE0
etag: "bdcefeba6e53886feaecc2e17915fe49"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1689

GET
H2 200 hwcnef43A3qbh7ezQ8R2ZM Show response
play.vidyard.com/video/ Frame D525 199 B
282 B 231ms
230ms XHR
application/json 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/video/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline

Requested by

Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-6ec54ba12e4ca3426001792db73033fe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fbf8314e37a22814df7829055da54a24d438306465b01217669655b4b5171da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:52 GMT
content-encoding: gzip
age: 0
x-cache: MISS
strict-transport-security: max-age=31557600
content-length: 177
x-served-by: cache-hhn4039-HHN
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1649962552.146677,VS0,VE224
x-frame-options: ALLOWALL
etag: W/"c7-p1WnYPl0veK3H7SDw8MG+8OxE5U"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: application/json; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 7-5ccd8c5eb72e94ae5a750415e73911a2.js Show response
assets.vidyard.com/play/js/ Frame D525 438 KB
98 KB 15ms
14ms Script
application/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/7-5ccd8c5eb72e94ae5a750415e73911a2.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-a15d9aacc668a6f759a8f922f7819beb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 037a533fab340ba78988d854faac530cc1e009431f439740359d2700565c4bd3

Request headers

Referer: https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:52 GMT
content-encoding: br
vary: Accept-Encoding
age: 774157
x-cache: HIT
content-length: 99855
via: 1.1 varnish
x-served-by: cache-cdg20762-CDG
last-modified: Tue, 05 Apr 2022 19:52:19 GMT
x-timer: S1649962552.156827,VS0,VE0
etag: "a48b48e64cd88c1d8ce1703bbab5b9bb"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 4304

GET
H2 200 6-0f0f9321c3bfca8419dddae8560dcc44.css
assets.vidyard.com/play/stylesheets/ Frame D525 181 B
244 B 16ms
15ms Stylesheet
text/css 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/stylesheets/6-0f0f9321c3bfca8419dddae8560dcc44.css
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-a15d9aacc668a6f759a8f922f7819beb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8

Request headers

Referer: https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:52 GMT
content-encoding: br
vary: Accept-Encoding
age: 763291
x-cache: HIT
content-length: 103
via: 1.1 varnish
x-served-by: cache-cdg20762-CDG
last-modified: Tue, 05 Apr 2022 22:53:37 GMT
x-timer: S1649962552.157091,VS0,VE0
etag: "5b8ad2d3286aa47c692cbb0bae4d9cc4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1576

GET
H2 200 6-0f0f9321c3bfca8419dddae8560dcc44.js Show response
assets.vidyard.com/play/js/ Frame D525 12 KB
4 KB 16ms
15ms Script
application/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/6-0f0f9321c3bfca8419dddae8560dcc44.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-a15d9aacc668a6f759a8f922f7819beb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e207bd79539bfc575a93ef7aad4ff3df58aed943ceedec95a86f0c3d90ca7177

Request headers

Referer: https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:52 GMT
content-encoding: br
vary: Accept-Encoding
age: 763291
x-cache: HIT
content-length: 3518
via: 1.1 varnish
x-served-by: cache-cdg20762-CDG
last-modified: Tue, 05 Apr 2022 22:53:37 GMT
x-timer: S1649962552.157241,VS0,VE0
etag: "9175b5ccf5b186e7c90d4af067a8a3d6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1598

GET
H2 200 36-43af6cece3ef4fbf6ac6983eadb81f1f.js Show response
assets.vidyard.com/play/js/ Frame D525 4 KB
1 KB 16ms
15ms Script
application/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/36-43af6cece3ef4fbf6ac6983eadb81f1f.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-a15d9aacc668a6f759a8f922f7819beb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cbe624ed8611da8ba26229cad1b1733435716862d95b86e6eec426abf047b67a

Request headers

Referer: https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:55:52 GMT
content-encoding: br
vary: Accept-Encoding
age: 774157
x-cache: HIT
content-length: 1234
via: 1.1 varnish
x-served-by: cache-cdg20762-CDG
last-modified: Tue, 05 Apr 2022 19:52:19 GMT
x-timer: S1649962552.157416,VS0,VE0
etag: "eed8bbe3b4be4b2850c8a09f2c5154fa"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 989

GET
H2

200

OwiHmLpcVR2woBLnqKiUSg.png
cdn.vidyard.com/thumbnails/24806304/ Frame D525
Redirect Chain

https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM.jpg
https://cdn.vidyard.com/thumbnails/24806304/OwiHmLpcVR2woBLnqKiUSg.png

1 MB
1 MB

13ms
13ms

Image
image/png

143.204.98.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/24806304/OwiHmLpcVR2woBLnqKiUSg.png
Protocol: H2
Server: 143.204.98.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c623dc14810180df3dcd12217e6093baaa2e5c5437f6743fa1b914a849c1a224

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:53:19 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-cdn: cloudfront
age: 3754
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: STANDARD_IA
content-length: 1139677
last-modified: Fri, 11 Feb 2022 21:42:01 GMT
server: AmazonS3
etag: "e77a87d58b426e89d3dcc22587f26c53"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: fM4c3Ui5xBwX7eLDIn2H1lt9UdXqNIU3
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: Y0gewWhUCkTDfgEONzdP40RaVDP_TSVJSuSTw2jqlb-WKkOFp4N_xg==

Redirect headers

date: Thu, 14 Apr 2022 18:55:52 GMT
via: 1.1 varnish
age: 1
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 92
x-served-by: cache-hhn4039-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
location: https://cdn.vidyard.com/thumbnails/24806304/OwiHmLpcVR2woBLnqKiUSg.png
x-timer: S1649962552.173804,VS0,VE0
x-frame-options: ALLOWALL
vary: Accept, X-ThumbnailAB, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 2

OPTIONS
H2 200 visitors
raw.vidyard.com/v2/ Frame 0
0 403ms
106ms Preflight
text/html 34.206.242.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/visitors
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.242.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-242-46.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://play.vidyard.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Origin
access-control-allow-methods: POST, PUT
access-control-allow-origin: https://play.vidyard.com
access-control-max-age: 86400
content-length: 0
content-type: text/html;charset=utf-8
date: Thu, 14 Apr 2022 18:55:52 GMT

POST
H2 200 visitors Show response
raw.vidyard.com/v2/ Frame D525 50 B
195 B 102ms
101ms XHR
application/json 34.206.242.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/visitors
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-6ec54ba12e4ca3426001792db73033fe.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.242.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-242-46.compute-1.amazonaws.com
Software: /
Resource Hash: c7a7a83df673da90d1b2fbfa2129c3cacbc52f347089cb90c730156f62abe52d

Request headers

Referer: https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://play.vidyard.com
date: Thu, 14 Apr 2022 18:55:52 GMT
x-vidyard-hostname: 8e89e5921a31
content-length: 50
content-type: application/json; charset=utf-8

GET
H2 200 stream_master_VulSjUj-Xddleym5AVHMJQ.m3u8 Show response
cdn.vidyard.com/hls-videos/Kj5BeCAusAit19fDxH5s7A/ Frame D525 667 B
1 KB 125ms
105ms XHR
application/vnd.apple.mpegurl 143.204.98.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidyard.com/hls-videos/Kj5BeCAusAit19fDxH5s7A/stream_master_VulSjUj-Xddleym5AVHMJQ.m3u8?nEfYe-T3ab20yZ07mEXKxpI90ilk0RkfkDOBrGOcTwGd8Bn_Y-cT4Z09B_IjCeLVv6yiOfgnz-24BYdHfRbY_0e7lyNDMijIi3U19pxWzkS59RzEm2k5kqzovJIL55kT9XytkTcTPVGiuRorUtIJjsQJOgxAezMnyyzkr0xvXHR7EpiJcLvRc_f26EZoo4G3peAv
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/7-5ccd8c5eb72e94ae5a750415e73911a2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eece83b74315530be7a04e4f368a9f464b4a7957a67e57cbb268709d617f17b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:53:21 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
vary: Origin
x-cdn: cloudfront
age: 3752
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 667
last-modified: Fri, 11 Feb 2022 21:02:19 GMT
server: AmazonS3
etag: "4a45c778421b60b92f20c273d4aac1ff"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: 9Wy6SjOOTCE_VfI3n0vP5ZqPT4QhmMUA
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/vnd.apple.mpegurl
x-amz-cf-id: JjHQqg0xNgp8m4qw3JqCvXOUuUZ8RffBq1zZOxTYHprk1X70yvwcCg==

OPTIONS
H2 200 player_loads
raw.vidyard.com/v2/ Frame 0
0 99ms
99ms Preflight
text/html 34.206.242.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/player_loads
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.242.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-242-46.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://play.vidyard.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Origin
access-control-allow-methods: POST, PUT
access-control-allow-origin: https://play.vidyard.com
access-control-max-age: 86400
content-length: 0
content-type: text/html;charset=utf-8
date: Thu, 14 Apr 2022 18:55:52 GMT

POST
H2 200 player_loads Show response
raw.vidyard.com/v2/ Frame D525 68 B
213 B 105ms
104ms XHR
application/json 34.206.242.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/player_loads
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-6ec54ba12e4ca3426001792db73033fe.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.242.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-242-46.compute-1.amazonaws.com
Software: /
Resource Hash: 0b9e93b4e6706bc6e355249169bcbb0d49d445f3ebc9e0c439b28e9f34004eb4

Request headers

Referer: https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://play.vidyard.com
date: Thu, 14 Apr 2022 18:55:52 GMT
x-vidyard-hostname: c5d2d761c03c
content-length: 68
content-type: application/json; charset=utf-8

OPTIONS
H2 200 external_leads
raw.vidyard.com/v2/ Frame 0
0 101ms
101ms Preflight
text/html 34.206.242.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/external_leads
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.242.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-242-46.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://play.vidyard.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Origin
access-control-allow-methods: POST, PUT
access-control-allow-origin: https://play.vidyard.com
access-control-max-age: 86400
content-length: 0
content-type: text/html;charset=utf-8
date: Thu, 14 Apr 2022 18:55:52 GMT

POST
H2 200 external_leads Show response
raw.vidyard.com/v2/ Frame D525 282 B
428 B 101ms
101ms XHR
application/json 34.206.242.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/external_leads
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-6ec54ba12e4ca3426001792db73033fe.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.242.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-242-46.compute-1.amazonaws.com
Software: /
Resource Hash: aabb1e0aa2b5a7cda57df7a9eed6e7ea98ebc43414fa3947581ee594d1db1fa6

Request headers

Referer: https://play.vidyard.com/hwcnef43A3qbh7ezQ8R2ZM?disable_popouts=1&v=4.3.1&type=inline
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://play.vidyard.com
date: Thu, 14 Apr 2022 18:55:53 GMT
x-vidyard-hostname: faf9a47a0896
content-length: 282
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ec.easecentral.com/	1969-12-31 23:59:59	Name: BIGipServerab_mailtracking_80 Value: !i/ZHO2STIhSGPyraQbCLRqc3TBcuigC4GIkrMdtRRceiZQpQz85XsNedIBU34csxQKC6kVUF7oI+XKU=
hr.ease.com/	1969-12-31 23:59:59	Name: BIGipServerab20web-nginx-app_https Value: !OMFd9gQFGTWXcTvaQbCLRqc3TBcuii7taQZUBJespnn0FvkmcfAoAVxPeueP7Mrrjd3BVR3LpWGSZpQ=
.hr.ease.com/	1970-01-20 02:19:24	Name: __cf_bm Value: uWLviBC_Ao0nsWIg.K2cDEzhdK26SlyHxt7bb5XxWsw-1649962549-0-AdxKs+qSD1yG0/w1uXIqFWRr2JaySo7/TSqPeKDXGVSYLOOWpGR6z3whd/kkNQGkT1/4NuaiHAoQ+NiyL/Gg/i8=
.627-plv-209.mktoweb.com/	1970-01-20 02:19:24	Name: __cf_bm Value: hARNpm4NLDFV2_40Nk_mc5ANGsrZ86Keh4iX_7u.jKI-1649962550-0-Adz7wsDqJYHEbZM88LRickfzns2GQTccFQ2nWizMQUFFpTKg9B8r9K9aWm3CYmgewJd1HJjlmSC8w3lwQf4w2QA=
.ease.com/	1970-01-20 19:50:34	Name: _mkto_trk Value: id:627-PLV-209&token:_mch-ease.com-1649962551050-37082
.ease.com/	1970-01-20 19:50:34	Name: _ga Value: GA1.2.230936898.1649962551
.ease.com/	1970-01-20 02:20:48	Name: _gid Value: GA1.2.249814102.1649962551
.ease.com/	1970-01-20 02:19:22	Name: _gat Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://play.vidyard.com/embed/v4.js Message: Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

627-plv-209.mktoresp.com
627-plv-209.mktoweb.com
assets.vidyard.com
cdn.vidyard.com
cdnjs.cloudflare.com
code.jquery.com
ec.easecentral.com
fonts.googleapis.com
hr.ease.com
munchkin.marketo.net
play.vidyard.com
raw.vidyard.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
104.16.93.80
104.17.73.206
104.92.72.193
143.204.98.112
151.101.193.181
192.28.144.124
199.15.213.48
2001:4de0:ac18::1:a:3b
2606:4700::6811:180e
2a00:1450:4001:801::200a
2a00:1450:4001:810::2003
2a00:1450:4001:831::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9b
34.206.242.46
037a533fab340ba78988d854faac530cc1e009431f439740359d2700565c4bd3
0b9e93b4e6706bc6e355249169bcbb0d49d445f3ebc9e0c439b28e9f34004eb4
0ead36cc914fe164595101d6505681a37444ba70f5fadfff8b1b0f481bd4e9c0
18f1ee3c9640b21310c6b3be666092d68ef4eb71992999149e0ae8a6dd6e2ca7
19511beaa7f93b8632f2edf3c4306774b8b35bfee7033704aa627ee9f40a4d33
1a69bb7c2e623d7f187710d9cd62c1a925856b024d756e1bd37b562222d5eb55
23a72f7fa66971ce72c5e9931f8fa1b890f9e7bfc69a00b5b41d2084a16929cd
2782c839edfceab12481c09b0ce604d9fba20e7ec14098fcac2c5e27e8016301
27eae2d1d19c887e0039884b1dac96d699537de0352fdb1177d0a48475582c19
295ad3d7f8448a4f9b6d45a4023c8ac98c34d925492a6118b2bc24c47b28642b
2e3f1167176ce106373c5fcd57394a7d8d07b1e1cbad018e34472465332a40bb
35d206b49ce2481f4ce045d2eed34e70a568733651291a13fbac5f96a187da1b
379035f1fdb16d3c21ad76b59f3fce426c6724f1bae01e61a0cbf490e5671c24
395319eae5611a58ac5012f12bf0a3a32c81849cda298fdfc451094ba0a7ff4b
3fe21fd94ea81857e584cb2874a87ab9e57bb11a211508ec8253f33983faccee
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4dddc67ad8635318a8b363968f6a80b923e7ca0960acf511ad44f12ae5a0085a
4e913d83ef9a6daf01c522a8da69ba204b2ab2cd78c25a7440cb30bfd64a955d
500cd8436b2c7279a5259fd2d6ceeb7d780aed70740df081c4c8fbd30d49f8fa
54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
626004db350fb06139c7cef93009e5b3a15bb229fc0af1113d2f09ee18b8a566
70cdbfd1af5e73361917e325d8cc630b1975465387aa7567eca367f0025d931c
76d7ee69eba10643d7744a2f1b9cd413a2088106f9d8264e151e908a18ce2e75
81383870a49f81547b32f7282c926b98e8cc939bea64800d4f0404d91ba4b9d4
82958b61a4d19d736cdd5e2cb0bc2733acede475d4b9d15529bc6a6bbca388ba
840802ef2452639c1b51411dabf26c22806d30ec8cdb64042b9b9c3a15b0f86b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9ba5ee6b3d763b99b3d6d638932e849b25b6e1696f9ed4c2e3adc93e9d1ea1a1
9e5d6aedc8a4dbee50a28b1c55c9a38cbf80667cf638fdc58090bc6e625e9d5c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aabb1e0aa2b5a7cda57df7a9eed6e7ea98ebc43414fa3947581ee594d1db1fa6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8
c0d0be2934a2516165dd7f454bc392b8fa0c9f94c6bc5100a28052bcc47fcdae
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c623dc14810180df3dcd12217e6093baaa2e5c5437f6743fa1b914a849c1a224
c6ac55e050e3e6db253b3e8c575de97675e07fade527056269d9fffdc88a988b
c7a7a83df673da90d1b2fbfa2129c3cacbc52f347089cb90c730156f62abe52d
cb1d30f976833e45986d3337dd9999eb61525161027102727b61543f707e5100
cbe624ed8611da8ba26229cad1b1733435716862d95b86e6eec426abf047b67a
d6422f325fbd70a035ac0cf79149cc5d359e85b5bdd01c6f6c9015f511f37943
d997468f70748a517ecae334244a22e93ee12d7baa4fb086a618bb9fa28d4547
e207bd79539bfc575a93ef7aad4ff3df58aed943ceedec95a86f0c3d90ca7177
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48f57d7fb148a2e63b4863f9db4b9ebbb9c1827461c1714b853fa95f11ae210
ebfcd726d5f4f576464a0539b4068c6175473c09058efb253945c5524f8c45f9
ed40771728e94aec7a2bdc5930f8f64dcd9efb3ea57ddae08e467c246cb0ddf9
eece83b74315530be7a04e4f368a9f464b4a7957a67e57cbb268709d617f17b3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
f7caef4a52ac48a78f1f8ec79ccfab38ce2809104472fd2531a65254d67b4357
f9f282849d1cf8f3649ab2b38ee674050c4516b9cafe0c8eb5be6f7f5ce6a529
fa659dfc6ebd4b8aad80fa304842c879502fefe16e2fcef55976a89605e7af04
fbf8314e37a22814df7829055da54a24d438306465b01217669655b4b5171da1

hr.ease.com Open in urlscan Pro 104.17.73.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

94 %HTTPS

47 %IPv6

13 Domains

16 Subdomains

15 IPs

5 Countries

4024 kBTransfer

5984 kBSize

8 Cookies

8 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hr.ease.com Open in urlscan Pro
104.17.73.206 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

94 %
HTTPS

47 %
IPv6

13
Domains

16
Subdomains

15
IPs

5
Countries

4024 kB
Transfer

5984 kB
Size

8
Cookies

63 HTTP transactions
0 data transactions