Submitted URL: https://etm.payworks.ca/
Effective URL: https://etm.payworks.ca/loginscreen.asp
Submission: On January 26 via automatic, source certstream-suspicious

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 64.141.36.156, located in Saskatoon, Canada and belongs to SHAW, CA. The main domain is etm.payworks.ca.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on January 28th 2019. Valid for: 2 years.
This is the only time etm.payworks.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 64.141.36.156 6327 (SHAW)
2 151.101.112.217 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
21 4
Apex Domain
Subdomains
Transfer
17 payworks.ca
etm.payworks.ca
1 MB
3 google-analytics.com
www.google-analytics.com
19 KB
2 vimeo.com
player.vimeo.com
21 3
Domain Requested by
17 etm.payworks.ca 1 redirects etm.payworks.ca
3 www.google-analytics.com etm.payworks.ca
www.google-analytics.com
2 player.vimeo.com etm.payworks.ca
21 3

This site contains no links.

Subject Issuer Validity Valid
payroll.payworks.ca
GeoTrust EV RSA CA 2018
2019-01-28 -
2021-02-06
2 years crt.sh
vimeo.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-08-07 -
2021-04-24
9 months crt.sh
*.google-analytics.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh

This page contains 3 frames:

Primary Page: https://etm.payworks.ca/loginscreen.asp
Frame ID: 9DA7A3906F73C893A933C3FF94E1B70F
Requests: 24 HTTP requests in this frame

Frame: https://player.vimeo.com/video/135594688
Frame ID: 55C0E4B12A8B7E9458BE570B2BAC29DB
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/137525700
Frame ID: A849EAD8BEEE1D3AF45A6A91FA9DCEB4
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://etm.payworks.ca/ HTTP 302
    https://etm.payworks.ca/loginscreen.asp Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

21
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

1420 kB
Transfer

5575 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://etm.payworks.ca/ HTTP 302
    https://etm.payworks.ca/loginscreen.asp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set loginscreen.asp
etm.payworks.ca/
Redirect Chain
  • https://etm.payworks.ca/
  • https://etm.payworks.ca/loginscreen.asp
25 KB
9 KB
Document
General
Full URL
https://etm.payworks.ca/loginscreen.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.141.36.156 Saskatoon, Canada, ASN6327 (SHAW, CA),
Reverse DNS
cfib.payworks.ca
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
afbc15fb692535062642c8a4abdf4ad1e10934826eb7e3899380ccbdcb31535e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Frame-Options SAMEORIGIN

Request headers

Host
etm.payworks.ca
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ASPSESSIONIDSEDCSASA=OMHECLPDINCOKDFIDEIMNKNN
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, must-revalidate, private,private
Pragma
no-cache
Content-Type
text/html;charset=UTF-8
Content-Encoding
gzip
Expires
0,Mon, 25 Jan 2021 19:27:50 GMT
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
Set-Cookie
ASP.NET_SessionId=yc3d5xinh15pq4tfvs0lggep; HttpOnly; Secure; Path=/ LoginLanguageID=0; path=/ ASPSESSIONIDQUACBRSD=DDBGCLPDBIIGANBKGLMBNNPJ; HttpOnly; secure; path=/
X-Powered-By
ASP.NET
strict-transport-security
max-age=631138519
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jan 2021 19:27:51 GMT
Content-Length
8423

Redirect headers

Cache-Control
private
Content-Length
137
Content-Type
text/html
Location
/loginscreen.asp
Server
Microsoft-IIS/7.5
Set-Cookie
ASPSESSIONIDSEDCSASA=OMHECLPDINCOKDFIDEIMNKNN; HttpOnly; secure; path=/
X-Powered-By
ASP.NET
strict-transport-security
max-age=631138519
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jan 2021 19:27:51 GMT
payworks.b98fe5f706df6c7888506d0c46ca50cc.css
etm.payworks.ca/styles/
2 MB
372 KB
Stylesheet
General
Full URL
https://etm.payworks.ca/styles/payworks.b98fe5f706df6c7888506d0c46ca50cc.css
Requested by
Host: etm.payworks.ca
URL: https://etm.payworks.ca/loginscreen.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.141.36.156 Saskatoon, Canada, ASN6327 (SHAW, CA),
Reverse DNS
cfib.payworks.ca
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
522701ba38616af80f5f801ab439ea3eecfa4376719a79a3fedba09eb7bc444c
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://etm.payworks.ca/loginscreen.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 17 Jan 2021 19:42:10 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"09564d88edd61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Date
Tue, 26 Jan 2021 19:27:51 GMT
Accept-Ranges
bytes
Content-Length
380698
modernizr.js
etm.payworks.ca/scripts/
11 KB
5 KB
Script
General
Full URL
https://etm.payworks.ca/scripts/modernizr.js
Requested by
Host: etm.payworks.ca
URL: https://etm.payworks.ca/loginscreen.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.141.36.156 Saskatoon, Canada, ASN6327 (SHAW, CA),
Reverse DNS
cfib.payworks.ca
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
690604c9a81edbb4b069efb31fb8e55ad7e853fd5b7500821da3200a12a79768
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://etm.payworks.ca/loginscreen.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 17 Jan 2021 19:42:09 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"80fecbd78edd61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Date
Tue, 26 Jan 2021 19:27:51 GMT
Accept-Ranges
bytes
Content-Length
4631
dw_event.js
etm.payworks.ca/ToolTips/js/
1 KB
944 B
Script
General
Full URL
https://etm.payworks.ca/ToolTips/js/dw_event.js
Requested by
Host: etm.payworks.ca
URL: https://etm.payworks.ca/loginscreen.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.141.36.156 Saskatoon, Canada, ASN6327 (SHAW, CA),
Reverse DNS
cfib.payworks.ca
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
3d9fb2ba235ff7d1797d1dca412790129185e8c0b2d8a05adb227a457b0f61ef
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://etm.payworks.ca/loginscreen.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 17 Jan 2021 19:42:11 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"802bfdd88edd61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Date
Tue, 26 Jan 2021 19:27:51 GMT
Accept-Ranges
bytes
Content-Length
561
dw_viewport.js
etm.payworks.ca/ToolTips/js/
2 KB
856 B
Script
General
Full URL
https://etm.payworks.ca/ToolTips/js/dw_viewport.js
Requested by
Host: etm.payworks.ca
URL: https://etm.payworks.ca/loginscreen.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.141.36.156 Saskatoon, Canada, ASN6327 (SHAW, CA),
Reverse DNS
cfib.payworks.ca
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
b336c94592acfa6200688463138dbf4ba35636caaca73634e9490d99f3845048
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://etm.payworks.ca/loginscreen.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 17 Jan 2021 19:42:11 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"802bfdd88edd61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Date
Tue, 26 Jan 2021 19:27:51 GMT
Accept-Ranges
bytes
Content-Length
473
dw_tooltip.js
etm.payworks.ca/ToolTips/js/
21 KB
6 KB
Script
General
Full URL
https://etm.payworks.ca/ToolTips/js/dw_tooltip.js
Requested by
Host: etm.payworks.ca
URL: https://etm.payworks.ca/loginscreen.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.141.36.156 Saskatoon, Canada, ASN6327 (SHAW, CA),
Reverse DNS
cfib.payworks.ca
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
89c72f2b91661ac3076f2fbe40bf9c5d45cae7b15d9ea3ae1a44ccab8e1dbd23
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://etm.payworks.ca/loginscreen.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 17 Jan 2021 19:42:11 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"802bfdd88edd61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Date
Tue, 26 Jan 2021 19:27:51 GMT
Accept-Ranges
bytes
Content-Length
5719
dw_tooltip_aux.js
etm.payworks.ca/ToolTips/js/
7 KB
2 KB
Script
General
Full URL
https://etm.payworks.ca/ToolTips/js/dw_tooltip_aux.js
Requested by
Host: etm.payworks.ca
URL: https://etm.payworks.ca/loginscreen.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.141.36.156 Saskatoon, Canada, ASN6327 (SHAW, CA),
Reverse DNS
cfib.payworks.ca
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
430fe2308d42f69548941c8c9efe6c03693a01fcf4b66b04ec0c63b87b475ec6
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://etm.payworks.ca/loginscreen.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 17 Jan 2021 19:42:11 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"802bfdd88edd61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Date
Tue, 26 Jan 2021 19:27:51 GMT
Accept-Ranges
bytes
Content-Length
2113
percent_bar.js
etm.payworks.ca/includes/
4 KB
2 KB
Script
General
Full URL
https://etm.payworks.ca/includes/percent_bar.js
Requested by
Host: etm.payworks.ca
URL: https://etm.payworks.ca/loginscreen.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.141.36.156 Saskatoon, Canada, ASN6327 (SHAW, CA),
Reverse DNS
cfib.payworks.ca
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
3120ac14366340edf8ea74f9d9798ff5e50fc01f3ec575b27f4e704e3509aa2b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://etm.payworks.ca/loginscreen.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 17 Jan 2021 19:42:06 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"03b2d68edd61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Date
Tue, 26 Jan 2021 19:27:51 GMT
Accept-Ranges
bytes
Content-Length
1699
xp_progress.js
etm.payworks.ca/includes/
3 KB
1 KB
Script
General
Full URL
https://etm.payworks.ca/includes/xp_progress.js
Requested by
Host: etm.payworks.ca
URL: https://etm.payworks.ca/loginscreen.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.141.36.156 Saskatoon, Canada, ASN6327 (SHAW, CA),
Reverse DNS
cfib.payworks.ca
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
8e9869e2e2b1cc159bb65d9e3d85115cfe2a0af24e7d91220a14ae7894059c6b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://etm.payworks.ca/loginscreen.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 17 Jan 2021 19:42:06 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"03b2d68edd61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Date
Tue, 26 Jan 2021 19:27:51 GMT
Accept-Ranges
bytes
Content-Length
1087
jquery-1.7.1.min.js
etm.payworks.ca/scripts/
92 KB
33 KB
Script
General
Full URL
https://etm.payworks.ca/scripts/jquery-1.7.1.min.js
Requested by
Host: etm.payworks.ca
URL: https://etm.payworks.ca/loginscreen.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.141.36.156 Saskatoon, Canada, ASN6327 (SHAW, CA),
Reverse DNS
cfib.payworks.ca
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
863cd492b5b90e6518292dd9684fa54a5485d361a229b81a85cfc08de6ce899f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://etm.payworks.ca/loginscreen.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 17 Jan 2021 19:42:09 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"80fecbd78edd61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Date
Tue, 26 Jan 2021 19:27:51 GMT
Accept-Ranges
bytes
Content-Length
33239
Payworks_logo.png
etm.payworks.ca/images/
9 KB
10 KB
Image
General
Full URL
https://etm.payworks.ca/images/Payworks_logo.png
Requested by
Host: etm.payworks.ca
URL: https://etm.payworks.ca/loginscreen.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.141.36.156 Saskatoon, Canada, ASN6327 (SHAW, CA),
Reverse DNS
cfib.payworks.ca
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
b9fa84c9bd36c00f4bba26c1c1bceb25e002023e9aeda6a4d1627ff64634e9e2
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://etm.payworks.ca/loginscreen.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
Last-Modified
Sun, 17 Jan 2021 19:42:06 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"3ce063d68edd61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Date
Tue, 26 Jan 2021 19:27:52 GMT
Accept-Ranges
bytes
Content-Length
9500
vendor.d98ca5a388de190248b3e63356740cde.js
etm.payworks.ca/scripts/
2 MB
602 KB
Script
General
Full URL
https://etm.payworks.ca/scripts/vendor.d98ca5a388de190248b3e63356740cde.js
Requested by
Host: etm.payworks.ca
URL: https://etm.payworks.ca/loginscreen.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.141.36.156 Saskatoon, Canada, ASN6327 (SHAW, CA),
Reverse DNS
cfib.payworks.ca
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e506002ac69e5e6eb4d127a5a323e927d2b29893d623eae403475d6f28193f8a
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://etm.payworks.ca/loginscreen.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 17 Jan 2021 19:42:09 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"80fecbd78edd61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Date
Tue, 26 Jan 2021 19:27:51 GMT
Accept-Ranges
bytes
Content-Length
616534
ess.app.de8431754961c77e228d9fa7f5d67888.js
etm.payworks.ca/scripts/
662 KB
178 KB
Script
General
Full URL
https://etm.payworks.ca/scripts/ess.app.de8431754961c77e228d9fa7f5d67888.js
Requested by
Host: etm.payworks.ca
URL: https://etm.payworks.ca/loginscreen.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.141.36.156 Saskatoon, Canada, ASN6327 (SHAW, CA),
Reverse DNS
cfib.payworks.ca
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
7de6e9cbd0bf472a557616ee0e1a41a3144a1687d9fe04bd84c5054044449e89
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://etm.payworks.ca/loginscreen.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 17 Jan 2021 19:42:09 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"80fecbd78edd61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Date
Tue, 26 Jan 2021 19:27:52 GMT
Accept-Ranges
bytes
Content-Length
182191
Roboto-Regular.woff
etm.payworks.ca/resources/fonts/
88 KB
88 KB
Font
General
Full URL
https://etm.payworks.ca/resources/fonts/Roboto-Regular.woff
Requested by
Host: etm.payworks.ca
URL: https://etm.payworks.ca/styles/payworks.b98fe5f706df6c7888506d0c46ca50cc.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.141.36.156 Saskatoon, Canada, ASN6327 (SHAW, CA),
Reverse DNS
cfib.payworks.ca
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
b285944ceda9c56bc32b99081003c1242a966b03963231944c8162f99861d001
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://etm.payworks.ca
Referer
https://etm.payworks.ca/styles/payworks.b98fe5f706df6c7888506d0c46ca50cc.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
Last-Modified
Sun, 17 Jan 2021 19:42:08 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"961138d78edd61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
font/x-woff
Date
Tue, 26 Jan 2021 19:27:52 GMT
Accept-Ranges
bytes
Content-Length
89828
135594688
player.vimeo.com/video/ Frame 55C0
0
0
Document
General
Full URL
https://player.vimeo.com/video/135594688?
Requested by
Host: etm.payworks.ca
URL: https://etm.payworks.ca/loginscreen.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://etm.payworks.ca/loginscreen.asp
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://etm.payworks.ca/loginscreen.asp

Response headers

Connection
keep-alive
Content-Length
4667
Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Fri, 15 Dec 1985 19:30:00 GMT
Via
1.1 varnish, 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
0
X-VServer
infra-playproxy-a-8
X-Vimeo-DC
ge
Content-Encoding
gzip
Accept-Ranges
bytes
Date
Tue, 26 Jan 2021 19:27:52 GMT
Age
0
X-Served-By
cache-hhn4068-HHN
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1611689272.023119,VS0,VE257
Vary
Accept-Encoding
X-Player-Backend
p
137525700
player.vimeo.com/video/ Frame A849
0
0
Document
General
Full URL
https://player.vimeo.com/video/137525700?
Requested by
Host: etm.payworks.ca
URL: https://etm.payworks.ca/loginscreen.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://etm.payworks.ca/loginscreen.asp
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://etm.payworks.ca/loginscreen.asp

Response headers

Connection
keep-alive
Content-Length
10072
Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Tue, 26 Jan 2021 19:30:37 GMT
Via
1.1 varnish, 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
1
X-VServer
infra-playproxy-a-3
X-Vimeo-DC
ge
Accept-Ranges
bytes
Date
Tue, 26 Jan 2021 19:27:52 GMT
Age
0
X-Served-By
cache-hhn4070-HHN
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1611689272.098742,VS0,VE106
Vary
Accept-Encoding
X-Player-Backend
p
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f492c78b8f4da95dce2068af097cbd2caf19f38e48a70ce92dbae162b7828d1

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2647052700cd1a09b82fea47e227903177431f95a6aeac72f4e7580d845467da

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e24fc74f151fb9086b3ca0df7967c74db6435eebd288107bf84445668dde43a2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2b2362258413d4477651ebdae591faef7f70ded71bb67851952e44acd44a3ac

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
835 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4922ab85cca0690665f1ca5cff76aa7860ec0001fafde5c03997f43b0e8c078

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
Roboto-Bold.woff
etm.payworks.ca/resources/fonts/
88 KB
89 KB
Font
General
Full URL
https://etm.payworks.ca/resources/fonts/Roboto-Bold.woff
Requested by
Host: etm.payworks.ca
URL: https://etm.payworks.ca/styles/payworks.b98fe5f706df6c7888506d0c46ca50cc.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.141.36.156 Saskatoon, Canada, ASN6327 (SHAW, CA),
Reverse DNS
cfib.payworks.ca
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
efc87488978374cb2eaf2566aaab1774c4be67ee939f6db8698b955972bf355a
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://etm.payworks.ca
Referer
https://etm.payworks.ca/styles/payworks.b98fe5f706df6c7888506d0c46ca50cc.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
Last-Modified
Sun, 17 Jan 2021 19:42:08 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"961138d78edd61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
font/x-woff
Date
Tue, 26 Jan 2021 19:27:52 GMT
Accept-Ranges
bytes
Content-Length
90308
TokenGenerator
etm.payworks.ca/pwnextv2api/api/SwaggerToken/
242 B
907 B
XHR
General
Full URL
https://etm.payworks.ca/pwnextv2api/api/SwaggerToken/TokenGenerator
Requested by
Host: etm.payworks.ca
URL: https://etm.payworks.ca/scripts/vendor.d98ca5a388de190248b3e63356740cde.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.141.36.156 Saskatoon, Canada, ASN6327 (SHAW, CA),
Reverse DNS
cfib.payworks.ca
Software
Microsoft-IIS/10.0 /
Resource Hash
dc1df85a1220bcbeec343ada65b19732bc957b049483b306de9f0458012ce84f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://etm.payworks.ca/loginscreen.asp
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Jan 2021 19:27:52 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, no-store
Transfer-Encoding
chunked
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: etm.payworks.ca
URL: https://etm.payworks.ca/scripts/ess.app.de8431754961c77e228d9fa7f5d67888.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://etm.payworks.ca/loginscreen.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3396
date
Tue, 26 Jan 2021 18:31:16 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 26 Jan 2021 20:31:16 GMT
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
1011 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://etm.payworks.ca/loginscreen.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 18:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2075
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Tue, 26 Jan 2021 19:53:17 GMT
collect
www.google-analytics.com/j/
2 B
68 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=807707393&t=pageview&_s=1&dl=https%3A%2F%2Fetm.payworks.ca%2Floginscreen.asp&dp=%2Floginscreen.asp&ul=en-us&de=UTF-8&dt=Payworks%20Application%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAjAAAAAC~&jid=5206609&gjid=558700322&cid=649866913.1611689273&tid=UA-122845375-1&_gid=374613078.1611689273&_r=1&_slc=1&cd1=N%2FA&cd2=N%2FA&cd3=N%2FA&z=512441002
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://etm.payworks.ca/loginscreen.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Jan 2021 19:27:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://etm.payworks.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

247 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| html5 object| Modernizr object| dw_Event function| addLoadEvent object| dw_Viewport object| dw_Tooltip function| dw_mouseleave function| dw_contained function| dw_getPageOffsets function| dw_getValueFromQueryString function| dw_initShowTip function| dw_TooltipRequest function| dw_getImage function| dw_backCompatWidth function| dw_getCurrentStyle string| loadedcolor string| unloadedcolor number| barheight number| barwidth string| bordercolor function| action boolean| w3c boolean| ns4 boolean| ie4 boolean| ie5 boolean| ns6 number| blocksize number| loaded number| perouter number| perdone object| images string| txt function| startBar function| incrCount function| decrCount function| setCount function| findlayer function| progressBarInit function| hidebar function| clipid boolean| ie number| N function| createBar function| togglePause function| MM_reloadPage function| $ function| jQuery function| addCustomerIdToUrl function| validatePayrollNumber function| custCheck function| validate_form function| setAlertMessage object| tokenTimer function| sendLoginPost function| submitComment object| PayworksSessionData function| ClusterIcon function| Cluster function| MarkerClusterer object| Foundation function| moment function| Hammer function| Fuse object| ko function| Cookies function| AutoNumeric function| Pikaday object| toastr function| FroalaEditor function| DOMPurify function| ES6Promise function| objectHash function| axios function| Cropper function| Sifter object| MicroPlugin object| Selectize object| WebuiPopovers function| Vue object| Vuex object| Uppy function| initFoundation function| Exporter function| SwipeHandler function| videoBreakpointChange function| calendarOptionsStore function| employeeSharedCalendarPermissionsStore function| popUpsOK function| ClearForm function| IsNumeric function| IsOnlyNumeric function| LTrim function| RTrim function| Trim function| Left function| Right function| GetRadioValue function| SetRadioValue function| selectUnselectMatchingOptions2 function| SetSelectValue function| SetSelectDisplayValue function| GetSelectValue function| GetSelectDisplayValue function| GetSelectDataValue function| ConvertToCurrency_OLD function| ConvertToCurrency function| FormatNumber function| Len function| Mid function| InStr function| UCase function| LCase function| MM_openBrWindow function| MM_openBrWindow1 function| validDate function| isLeapYear function| parseValidate function| checkdate function| checkAll function| uncheckAll function| hideLogout function| showLogout function| validDateCheck function| CheckFieldLength function| filterFieldValue function| FilterInput function| RecordHistory function| CompareHistory function| CheckKeyPress function| LZ function| isJSValidDate function| isDate function| compareDates function| formatDate function| _isInteger function| _getInt function| getDateFromFormat function| parseDate function| AddItem function| NewWindow function| checkTime function| myFormatTime function| FormatNumberJS function| PopulateUserDefined function| ClearUserDefined function| GetXmlHttpObject_JSLib function| isValidDate function| htmlDecode function| ajaxFunction_GetString_JSAlert function| toggleLayer function| UpdateBusinessNumbers function| validateRateAmt function| updateRemainingCharacterCount function| AdvancedEmployeeSearch function| setActiveMenu function| getActiveItemByMenuId function| updateTableNumSelected function| getDraggableOptions function| dataTableDragStart function| FreezeScreen function| UnFreezeScreen function| PrivacyControl function| GetDefaultPwSettings function| PayworksSettings function| addTableFeatures function| showAllRows function| hideExtraRows function| isTableExpanded function| payworksTabs function| PayworksInstructionalOverlay function| EssMenuBuilder object| modules object| apiTokenManager object| retrievingCsrfToken function| getEncodedCsrfToken function| Observable object| pwEtm function| PayworksGoogleAnalytics object| GoogleAnalytics object| Types object| daysOfMonth object| InputFilter object| MONTH_NAMES object| DAY_NAMES object| win string| BACKEND_DATE_FORMAT function| essEmailModal function| decodeHtmlEntites function| StorageWrapper object| CacheManager object| UserSessionCacheManager function| walkme_get_language object| walkmeVars object| _walkmeConfig object| PayworksIntercepts object| lib object| pw function| _loadDimensions function| _logPageView function| _addEventTrackingToActions function| _addEventTrackingToDynamicContent function| _getAllActionTracking function| _oldPageActionTracking function| _newPageActionTracking function| _logClick function| _getLoggingIDForElement function| _getLoggingIDForChosenElement function| _parseVal function| _logEvent function| _getPagePath function| _getQueryParams function| _getPageSection function| _getPageName function| _logCustomEvent string| GoogleAnalyticsObject function| ga object| MapModal function| get function| trySet function| remove function| validate function| diff string| CUSTOMER_NUMBER_KEY string| USER_NAME_KEY string| PAYROLL_NUMBER_COOKIE string| USER_NAME_COOKIE string| REMEMBER_ME_COOKIE function| migrateCookiesToLocalStorage function| loadRememberMe function| setRememberMe function| getQueryString function| loadCustomerNumberFromQueryString object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.vimeo.com/ Name: vuid
Value: pl1507875762.702155992
.payworks.ca/ Name: _gid
Value: GA1.2.374613078.1611689273
.payworks.ca/ Name: _gat
Value: 1
.payworks.ca/ Name: _ga
Value: GA1.2.649866913.1611689273

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=631138519
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

etm.payworks.ca
player.vimeo.com
www.google-analytics.com
151.101.112.217
2a00:1450:4001:825::200e
64.141.36.156
2647052700cd1a09b82fea47e227903177431f95a6aeac72f4e7580d845467da
3120ac14366340edf8ea74f9d9798ff5e50fc01f3ec575b27f4e704e3509aa2b
3d9fb2ba235ff7d1797d1dca412790129185e8c0b2d8a05adb227a457b0f61ef
430fe2308d42f69548941c8c9efe6c03693a01fcf4b66b04ec0c63b87b475ec6
4f492c78b8f4da95dce2068af097cbd2caf19f38e48a70ce92dbae162b7828d1
522701ba38616af80f5f801ab439ea3eecfa4376719a79a3fedba09eb7bc444c
690604c9a81edbb4b069efb31fb8e55ad7e853fd5b7500821da3200a12a79768
7de6e9cbd0bf472a557616ee0e1a41a3144a1687d9fe04bd84c5054044449e89
863cd492b5b90e6518292dd9684fa54a5485d361a229b81a85cfc08de6ce899f
89c72f2b91661ac3076f2fbe40bf9c5d45cae7b15d9ea3ae1a44ccab8e1dbd23
8e9869e2e2b1cc159bb65d9e3d85115cfe2a0af24e7d91220a14ae7894059c6b
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
afbc15fb692535062642c8a4abdf4ad1e10934826eb7e3899380ccbdcb31535e
b285944ceda9c56bc32b99081003c1242a966b03963231944c8162f99861d001
b336c94592acfa6200688463138dbf4ba35636caaca73634e9490d99f3845048
b9fa84c9bd36c00f4bba26c1c1bceb25e002023e9aeda6a4d1627ff64634e9e2
c2b2362258413d4477651ebdae591faef7f70ded71bb67851952e44acd44a3ac
d4922ab85cca0690665f1ca5cff76aa7860ec0001fafde5c03997f43b0e8c078
dc1df85a1220bcbeec343ada65b19732bc957b049483b306de9f0458012ce84f
e24fc74f151fb9086b3ca0df7967c74db6435eebd288107bf84445668dde43a2
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e506002ac69e5e6eb4d127a5a323e927d2b29893d623eae403475d6f28193f8a
efc87488978374cb2eaf2566aaab1774c4be67ee939f6db8698b955972bf355a