urlscan.io logo urlscan.io
SecurityTrails logo

payroll-prev-qa.sprout.ph Open in urlscan Pro
2606:4700::6812:1935  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://payroll-prev-qa.sprout.ph/
Effective URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Submission: On March 07 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 11 domains to perform 32 HTTP transactions. The main IP is 2606:4700::6812:1935, located in United States and belongs to CLOUDFLARENET, US. The main domain is payroll-prev-qa.sprout.ph.
TLS certificate: Issued by GTS CA 1P5 on March 7th 2024. Valid for: 3 months.
This is the only time payroll-prev-qa.sprout.ph was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2600:1901:0:b... 15169 (GOOGLE)
2 2 52.20.128.238 14618 (AMAZON-AES)
1 23.22.199.173 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 199.232.36.193 54113 (FASTLY)
2 20.150.86.68 8075 (MICROSOFT...)
1 2600:1901:0:b... 15169 (GOOGLE)
1 130.211.34.183 396982 (GOOGLE-CL...)
32 11
19    2606:4700::6812:1935 (United States)

ASN13335 (CLOUDFLARENET, US)
payroll-prev-qa.sprout.ph
1    2607:f8b0:4006:817::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
3    2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
2    52.20.128.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-128-238.compute-1.amazonaws.com
sprout.groovehq.com
groovehq.com
1    23.22.199.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-199-173.compute-1.amazonaws.com
www.groovehq.com
1    2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:816::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    199.232.36.193 (New York, United States)

ASN54113 (FASTLY, US)
i.imgur.com
2    20.150.86.68 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sproutpayrollteststorage.blob.core.windows.net
1    2600:1901:0:bbc3:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
jsonip.com
1    130.211.34.183 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 183.34.211.130.bc.googleusercontent.com
api-js.mixpanel.com
Apex Domain
Subdomains		 Transfer
19 sprout.ph
payroll-prev-qa.sprout.ph
558 KB
3 groovehq.com
sprout.groovehq.com
groovehq.com — Cisco Umbrella Rank: 74141
www.groovehq.com — Cisco Umbrella Rank: 995570
445 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
21 KB
2 windows.net
sproutpayrollteststorage.blob.core.windows.net
151 KB
2 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7986
10 KB
1 mixpanel.com
api-js.mixpanel.com — Cisco Umbrella Rank: 1996
389 B
1 jsonip.com
jsonip.com — Cisco Umbrella Rank: 24780
191 B
1 gstatic.com
www.gstatic.com
196 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
85 KB
1 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 3334
19 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
32 11
Domain Requested by
19 payroll-prev-qa.sprout.ph 1 redirects payroll-prev-qa.sprout.ph
3 www.google-analytics.com payroll-prev-qa.sprout.ph
www.google-analytics.com
www.googletagmanager.com
2 sproutpayrollteststorage.blob.core.windows.net payroll-prev-qa.sprout.ph
2 i.imgur.com payroll-prev-qa.sprout.ph
1 api-js.mixpanel.com cdn.mxpnl.com
1 jsonip.com payroll-prev-qa.sprout.ph
1 www.gstatic.com www.google.com
1 www.googletagmanager.com www.google-analytics.com
1 www.groovehq.com payroll-prev-qa.sprout.ph
1 groovehq.com 1 redirects
1 sprout.groovehq.com 1 redirects
1 cdn.mxpnl.com payroll-prev-qa.sprout.ph
1 www.google.com payroll-prev-qa.sprout.ph
32 13

This site contains no links.

Subject Issuer Validity Valid
payroll-prev-qa.sprout.ph
GTS CA 1P5		 2024-03-07 -
2024-06-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.mxpnl.com
GeoTrust TLS RSA CA G1		 2023-07-12 -
2024-08-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-15 -
2025-02-14		 a year crt.sh
*.blob.core.windows.net
Microsoft Azure TLS Issuing CA 05		 2024-01-24 -
2024-06-27		 5 months crt.sh
ifconfig.me
R3		 2024-03-05 -
2024-06-03		 3 months crt.sh
*.mixpanel.com
GeoTrust TLS RSA CA G1		 2024-02-08 -
2025-03-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://payroll-prev-qa.sprout.ph/Login.aspx
Frame ID: F626A728918EE17538D6AD9880211623
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sprout Payroll Login

Page URL History Show full URLs

  1. https://payroll-prev-qa.sprout.ph/ HTTP 302
    https://payroll-prev-qa.sprout.ph/Login.aspx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

32
Requests

97 %
HTTPS

58 %
IPv6

11
Domains

13
Subdomains

11
IPs

2
Countries

1040 kB
Transfer

2115 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://payroll-prev-qa.sprout.ph/ HTTP 302
    https://payroll-prev-qa.sprout.ph/Login.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://sprout.groovehq.com/widgets/5ea2b157-1b41-464b-8032-aa34311a734c/ticket.js HTTP 302
  • https://groovehq.com/ HTTP 302
  • https://www.groovehq.com/

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login.aspx
payroll-prev-qa.sprout.ph/
Redirect Chain
  • https://payroll-prev-qa.sprout.ph/
  • https://payroll-prev-qa.sprout.ph/Login.aspx
39 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f3a20fe98b85eadf7722040597af5bc2f2394c40cc7bd1466fe4d0654991f094
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8607903d9db78c60-EWR
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 07 Mar 2024 03:40:22 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET

Redirect headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8607900e58418c60-EWR
content-type
text/html; charset=utf-8
date
Thu, 07 Mar 2024 03:40:19 GMT
location
/Login.aspx
server
cloudflare
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
StyleSheet.css
payroll-prev-qa.sprout.ph/App_Themes/Default/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payroll-prev-qa.sprout.ph/App_Themes/Default/StyleSheet.css
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
07898dbea18e7ce4e914d0bc94e23f568f47d03c57bdf0cc53751348b297569c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:40:23 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 05 Mar 2024 18:34:25 GMT
server
cloudflare
etag
W/"6d26c02b6fda1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cf-ray
860790506b088c60-EWR
reskin-login.css
payroll-prev-qa.sprout.ph/css/ 		2 KB
734 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payroll-prev-qa.sprout.ph/css/reskin-login.css
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d2007b3a5292e084f682d6a36a7a0e74613fb142c1788e52d39bf22661936a1b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:40:23 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 05 Mar 2024 18:34:55 GMT
server
cloudflare
etag
W/"fe6abd22b6fda1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cf-ray
860790506b0b8c60-EWR
reskin-styles.css
payroll-prev-qa.sprout.ph/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payroll-prev-qa.sprout.ph/css/reskin-styles.css
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4ff676c053aa2a5b8fdd9cc25df446af989c205c9b4592db87f205386a05d00c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:40:23 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 05 Mar 2024 18:34:56 GMT
server
cloudflare
etag
W/"bf1423d22b6fda1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cf-ray
860790506b0c8c60-EWR
reskin-colors.css
payroll-prev-qa.sprout.ph/css/ 		827 B
409 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payroll-prev-qa.sprout.ph/css/reskin-colors.css
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
69b234cb52f3b448fa888ffb85f25df6f9ece27dfb3b0561d19e6d8701def6da
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:40:23 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 05 Mar 2024 18:34:55 GMT
server
cloudflare
etag
W/"ef35ffd12b6fda1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cf-ray
860790506b0e8c60-EWR
reskin-fonts.css
payroll-prev-qa.sprout.ph/css/ 		326 B
244 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payroll-prev-qa.sprout.ph/css/reskin-fonts.css
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9a960d7aed8e5ab97945db2e9de63365b2c87a1bdfe5edc7f908fc6daa9cf881
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:40:23 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 05 Mar 2024 18:34:55 GMT
server
cloudflare
etag
W/"76505d22b6fda1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cf-ray
860790506b0f8c60-EWR
WebResource.axd
payroll-prev-qa.sprout.ph/ 		811 B
364 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payroll-prev-qa.sprout.ph/WebResource.axd?d=urCACUaUZeT6oPoIZXShbr9qq-xJCEid-LeHcb9q5emojfAJUBW-310wi-xDklSLZb40aR-gtjihsfPIoRNBemKnvayiW1Tt_sdyM4sK8N2B_63vrx3jhOYwMjIc4IbM0&t=638452892756673603
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ae3c3ee0298361f0f13b06292dae856595ef18587bf238c51a7040b9b616ddd3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:40:23 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 05 Mar 2024 18:34:35 GMT
server
cloudflare
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public
cf-ray
860790506b108c60-EWR
expires
Fri, 07 Mar 2025 03:40:23 GMT
WebResource.axd
payroll-prev-qa.sprout.ph/ 		341 B
416 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payroll-prev-qa.sprout.ph/WebResource.axd?d=4CIHMKZJJq_Xqs7z1eavnYV8lrkXxbqUSh9mUoZOI45h-JOYrFzmbZBL1-sTpkc4bQXt7ZzrjNt3vmHdV_k6lhpo1JwAHn28jIjLE17FGmOXxUcz6NDUWVAbgW3mdjI9kk1PLMgKQyajOaVZxBAI2lVOxxg2Z4JRiAuce7YFIQA1&t=638452892752323579
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7173071d77727862263cbc8816cdc18ad844a6292a7e19a70023d3b2352e1c63
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:40:22 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 05 Mar 2024 18:34:35 GMT
server
cloudflare
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public
cf-ray
860790506b128c60-EWR
expires
Fri, 07 Mar 2025 03:40:22 GMT
WebResource.axd
payroll-prev-qa.sprout.ph/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payroll-prev-qa.sprout.ph/WebResource.axd?d=QKX1AO1vX8ebWKfbb4eOTCeUzQ7XvsWCJiVeyhu5q-RTmj7tIbvFEhVEq7RQqrt0lv4m-9x1Ps-Vd9_LElq6eBmK0T5dy2wKc2o3YPPi4Gt4bL3H5q5U5oLoNwUinH5z0&t=638452892756673603
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8fe009a69ece1f14df16feeef8e747c5b5f713f43734b345ffb9f950004a3bfc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:40:23 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 05 Mar 2024 18:34:35 GMT
server
cloudflare
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public
cf-ray
860790507b138c60-EWR
expires
Fri, 07 Mar 2025 03:40:23 GMT
WebResource.axd
payroll-prev-qa.sprout.ph/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payroll-prev-qa.sprout.ph/WebResource.axd?d=abSXP-RgNuAsfhlSYpnpbJCOskecE340XK2t7oJlNWuBxfhjUd71enQHMRpUUW1inBPoKabJMXLOTincqFnyvEWQkiSLA7O-skwF1ACnAwVsCro23ohE1ZyQrPGprz-OB_SpYc9GlxkmT_4yGKLANQ2&t=638452892756673603
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c788f139dee68ccc9b5e66fb18c033359f53316e7798975e30c5e0ddf15565d2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:40:23 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 05 Mar 2024 18:34:35 GMT
server
cloudflare
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public
cf-ray
860790507b148c60-EWR
expires
Fri, 07 Mar 2025 03:40:23 GMT
WebResource.axd
payroll-prev-qa.sprout.ph/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payroll-prev-qa.sprout.ph/WebResource.axd?d=Fju2BlXHaXEowG4T9P8K_zzVJfHEypGz8_0stHV33Jx8io-aO9rG3MnwxGVu8LPDM9x0Gh6WpWl-ojLHa6wgjFTL1y8Skz46Mooae68t9yeppeJMJj_1vGhr_kbQa-AboAjFCF1YuybXjaMfHFv4WNFjtP89jdOTHLa3GBSIjRA1&t=638452892752323579
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
37c7075db923f45bfc05b0d21286d5b5573e25707994fbbbfa27fd3c95a6d963
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:40:23 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 05 Mar 2024 18:34:35 GMT
server
cloudflare
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public
cf-ray
860790507b178c60-EWR
expires
Fri, 07 Mar 2025 03:40:23 GMT
WebResource.axd
payroll-prev-qa.sprout.ph/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payroll-prev-qa.sprout.ph/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZCI-MyXT_rrIDHqsvpMvKQahmzy-QanJkLv4yUmy8S7Av1l5eCwW8UICeDV6zlqyLw2&t=638393537798026697
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:40:23 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 28 Dec 2023 01:49:39 GMT
server
cloudflare
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public
cf-ray
860790509b4d8c60-EWR
expires
Fri, 07 Mar 2025 03:40:23 GMT
Telerik.Web.UI.WebResource.axd
payroll-prev-qa.sprout.ph/ 		588 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payroll-prev-qa.sprout.ph/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3aen-US%3ab1b4952e-9da7-42da-9336-4b750b188f75%3aea597d4b%3ab25378d2%3bTelerik.Web.UI%2c+Version%3d2021.1.330.45%2c+Culture%3dneutral%2c+PublicKeyToken%3d121fae78165ba3d4%3aen-US%3a6ddfaaf7-68e8-4aa2-a15d-336c3a8f9e4b%3a16e4e7cd%3aed16cbdc%3af7645509%3a88144a7a%3a4877f69a%3a874f8ea2%3ab2e06756%3a24ee1bba%3a33715776%3a92fe8ea0%3af46195d3%3afa31b949%3ac128760b%3a19620875%3a490a9d4e%3abd8f85e4
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e787829fb214603cf5ea7ad65d9a82fbd747470577c9c5d0e240126c7d2266e5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:40:23 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 30 Mar 2021 00:00:00 GMT
server
cloudflare
x-powered-by
ASP.NET
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
860790509b4e8c60-EWR
content-length
156843
expires
Fri, 07 Mar 2025 03:40:23 GMT
payroll-logo.svg
payroll-prev-qa.sprout.ph/resources/svg/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payroll-prev-qa.sprout.ph/resources/svg/payroll-logo.svg
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
519436218a6dc8c7e071cdbedaa751dfb0aaeec5dd50954421423e9625ab79ff
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:40:23 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 05 Mar 2024 18:35:43 GMT
server
cloudflare
etag
W/"c83f78ee2b6fda1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=YDyMLdydZQ1cydvaZXy3.LOWbiyDQqW4rEX01y6_1nk-1709782823-1.0.1.1-OanJYUGSjw_RCeEIxzGU2u40opmmfy1aooE2WtbZIzmKLfC07t33kfaGDBjmQ6OpxAjYrr62pH9w4w6m5Of3RQDhqwmsCbVezsd6DdZPRuyxoBvnznumJGe5nMeMKF7yCFvpIuwmf6gQt91oEmzjlBkqNoOu9bKX_d91GzhPv0s"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
image/svg+xml
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=YDyMLdydZQ1cydvaZXy3.LOWbiyDQqW4rEX01y6_1nk-1709782823-1.0.1.1-OanJYUGSjw_RCeEIxzGU2u40opmmfy1aooE2WtbZIzmKLfC07t33kfaGDBjmQ6OpxAjYrr62pH9w4w6m5Of3RQDhqwmsCbVezsd6DdZPRuyxoBvnznumJGe5nMeMKF7yCFvpIuwmf6gQt91oEmzjlBkqNoOu9bKX_d91GzhPv0s; report-to cf-csp-endpoint
vary
Accept-Encoding
cf-ray
86079051ecb48c60-EWR
email-decode.min.js
payroll-prev-qa.sprout.ph/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://payroll-prev-qa.sprout.ph/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:40:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 01 Mar 2024 16:51:05 GMT
server
cloudflare
etag
W/"65e20779-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
86079051ecb58c60-EWR
expires
Sat, 09 Mar 2024 03:40:22 GMT
jquery-1.4.1.min.js
payroll-prev-qa.sprout.ph/Scripts/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payroll-prev-qa.sprout.ph/Scripts/jquery-1.4.1.min.js
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
56d03e275332777ce57ececa93220c0d46cfdf75c43133a5dfd25ef8937aa15c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:40:24 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 05 Mar 2024 18:35:43 GMT
server
cloudflare
etag
W/"da6aaeee2b6fda1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cf-ray
860790522ce38c60-EWR
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
793414a5c29820d33c9a6a7120fdbbf4fdbabaf3f3cc0176a53336cc5bb4da5c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:40:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 07 Mar 2024 03:40:23 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 07 Mar 2024 01:51:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6521
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 07 Mar 2024 03:51:42 GMT
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7c690a6ebb2eef51e8ccc66161b02197c22f388f1fc23c89e0f5c7b70e1eac50

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:31:59 GMT
content-encoding
gzip
age
504
x-guploader-uploadid
ABPtcPqSHMbYR5jezioju5SKukmYa-Ujx2QB_QZda2vFSQA70F-ELwxFHOOka3qdYQSvFsxRBHk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18490
last-modified
Tue, 06 Feb 2024 00:09:36 GMT
server
UploadServer
etag
"eb0675a8749ea5d76345796217db928f"
vary
Accept-Encoding
x-goog-generation
1707178176338436
x-goog-hash
crc32c=fWmQwA==, md5=6wZ1qHSepddjRXliF9uSjw==
access-control-allow-origin
*
content-type
text/javascript
cache-control
public,max-age=600
x-goog-stored-content-length
18490
accept-ranges
bytes
expires
Thu, 07 Mar 2024 03:41:59 GMT
/
www.groovehq.com/
Redirect Chain
  • https://sprout.groovehq.com/widgets/5ea2b157-1b41-464b-8032-aa34311a734c/ticket.js
  • https://groovehq.com/
  • https://www.groovehq.com/
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.groovehq.com/
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Server
23.22.199.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-199-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Redirect headers

x-runtime
0.009678
date
Thu, 07 Mar 2024 03:40:24 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
location
https://www.groovehq.com
cache-control
no-cache
x-xss-protection
1; mode=block
x-request-id
2287cbbd-6b79-49c9-bf83-b34284c887d9
collect
www.google-analytics.com/j/ 		15 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=950235220&t=pageview&_s=1&dl=https%3A%2F%2Fpayroll-prev-qa.sprout.ph%2FLogin.aspx&ul=en-us&de=UTF-8&dt=Sprout%20Payroll%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1958375144&gjid=1940957054&cid=581781256.1709782824&tid=UA-46354538-2&_gid=806541678.1709782824&_r=1&_slc=1&z=1875571799
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9b6be3e478180b3afef3f27ce785189adbbb790636edccb998fa2239bb789a3a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://payroll-prev-qa.sprout.ph/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Mar 2024 03:40:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payroll-prev-qa.sprout.ph
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		236 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EWJV11899B&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9f29efc0a7d968a5b7678968d113a700bd7bf133483dd2d3c7e0c6d0b9213fdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:40:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86183
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 07 Mar 2024 03:40:23 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-EWJV11899B&gtm=45je4340v9125464166za200&_p=1709782823853&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1600x1200&cid=581781256.1709782824&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fpayroll-prev-qa.sprout.ph%2FLogin.aspx&dt=Sprout%20Payroll%20Login&sid=1709782824&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=12348
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EWJV11899B&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Mar 2024 03:40:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payroll-prev-qa.sprout.ph
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Rubik.ttf
payroll-prev-qa.sprout.ph/resources/font/ 		348 KB
348 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://payroll-prev-qa.sprout.ph/resources/font/Rubik.ttf
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/css/reskin-fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7604615c681d3594432cb7f1b592657d1cac98acdb60c7e95619cddda19b265f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://payroll-prev-qa.sprout.ph/css/reskin-fonts.css
Origin
https://payroll-prev-qa.sprout.ph
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:40:26 GMT
cf-cache-status
MISS
last-modified
Tue, 05 Mar 2024 18:35:43 GMT
server
cloudflare
etag
"63c679ee2b6fda1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
8607905e19a58c60-EWR
content-length
356080
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ 		492 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://payroll-prev-qa.sprout.ph/
Origin
https://payroll-prev-qa.sprout.ph
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:26:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199830
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 03:01:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 07 Mar 2025 03:26:19 GMT
bkMazMr.png
i.imgur.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/bkMazMr.png
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.36.193 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
0ffcac8c17a0105c6ecb30c9c97bb1c5c212024425e8132854836ff154265bf8
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:40:24 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
3336997
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
4301
x-served-by
cache-iad-kiad7000044-IAD, cache-lga21928-LGA
last-modified
Fri, 01 Dec 2023 08:39:21 GMT
server
cat factory 1.0
x-timer
S1709782825.798332,VS0,VE2
etag
"edb7f9b16d86285cfea46d612ae4f73a"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
98_pNW9kQp86-HPN7RxjMVa4vkwLooj4DHornrxR8cs7yUKvBev_6Q==
x-cache-hits
29, 1
249vq0m07s1Yu5kW06BBIl0P61w6ZeO6Gb.png
sproutpayrollteststorage.blob.core.windows.net/payroll-ads-images-test/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sproutpayrollteststorage.blob.core.windows.net/payroll-ads-images-test/249vq0m07s1Yu5kW06BBIl0P61w6ZeO6Gb.png
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.150.86.68 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
071b679cd75d48757f714cbbad006fd3beb7f30fcfe1e0caae000e5d4e66dea0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 07 Mar 2024 03:40:25 GMT
Last-Modified
Fri, 01 Dec 2023 17:23:33 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
iU4GV9a2/TopWuPjRba8vA==
ETag
0x8DBF2923EAAF8F7
Content-Type
image/png
x-ms-request-id
d0cc31bd-d01e-0059-6a41-70487a000000
x-ms-version
2009-09-19
Content-Length
47805
Ol0nXUV.png
i.imgur.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/Ol0nXUV.png
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.36.193 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
33b35b9e64edd8618f1bc6d094e5c954ad00f227c5c3b69529d98061eed0d976
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:40:24 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
2761052
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
5165
x-served-by
cache-iad-kiad7000169-IAD, cache-lga21928-LGA
last-modified
Fri, 01 Dec 2023 08:39:46 GMT
server
cat factory 1.0
x-timer
S1709782825.798355,VS0,VE2
etag
"a2cf3f51650aff929ac95c162da64e2b"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_UW1leJPVZXkrsrlAF8C2ax7K5c39E4rZiI6UORwQ7bErn_CddmVsg==
x-cache-hits
127, 1
34PIUs2U02bRYiqwt04qwkEqemnxbbJo.png
sproutpayrollteststorage.blob.core.windows.net/payroll-ads-images-test/ 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sproutpayrollteststorage.blob.core.windows.net/payroll-ads-images-test/34PIUs2U02bRYiqwt04qwkEqemnxbbJo.png
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.150.86.68 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
166b0389c54d214bdac5e9283434f171404413d4448f949763d22fed5479c013

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 07 Mar 2024 03:40:24 GMT
Last-Modified
Fri, 01 Dec 2023 17:22:22 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
s4qjBaHXkrRW9e4LIQUmmg==
ETag
0x8DBF2921497F82A
Content-Type
image/png
x-ms-request-id
3a2f0173-f01e-004e-5541-70e171000000
x-ms-version
2009-09-19
Content-Length
105697
see-password-icon.svg
payroll-prev-qa.sprout.ph/resources/svg/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payroll-prev-qa.sprout.ph/resources/svg/see-password-icon.svg
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/css/reskin-styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6b5466ebf829f0effe6770cde6cc416ffc904ac6cae7a56fc98e23011b100295
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/css/reskin-styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:40:24 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 05 Mar 2024 18:35:43 GMT
server
cloudflare
etag
W/"e85a7eee2b6fda1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
8607905e79ed8c60-EWR
/
jsonip.com/ 		48 B
191 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jsonip.com/?callback=jsonp1709782824691
Requested by
Host: payroll-prev-qa.sprout.ph
URL: https://payroll-prev-qa.sprout.ph/Scripts/jquery-1.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:bbc3:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fasthttp /
Resource Hash
1d3d0f35f2b3ac8081c4bf0474d6ed17caa5d430b5140294b42d372eea9bd84e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payroll-prev-qa.sprout.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Mar 2024 03:40:24 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48
content-type
application/javascript; charset=utf-8
/
api-js.mixpanel.com/track/ 		46 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1709782828690
Requested by
Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.34.183 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
183.34.211.130.bc.googleusercontent.com
Software
envoy /
Resource Hash
69180dfc742889de9473d6c5d537d03eca22c1b880345085438888a8e7e054dc
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://payroll-prev-qa.sprout.ph/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Thu, 07 Mar 2024 03:40:28 GMT
via
1.1 google
server
envoy
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://payroll-prev-qa.sprout.ph
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
X-Requested-With
content-length
46
alt-svc
clear

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ConfirmCallBackFn function| IsFirstLogin function| toggleShowPassword function| showResetForm function| hideResetForm function| validateInput function| toggleLoginValidation function| toggleResetPasswordValidation string| GoogleAnalyticsObject function| ga object| mixpanel object| theForm function| __doPostBack object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY object| dataLayer object| google_tag_manager function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find object| commonScripts function| GetRadWindowManager function| Type object| Sys object| _events object| Telerik object| $telerik object| TelerikCommonScripts function| $ function| jQuery function| radalert function| radconfirm function| radprompt function| radopen function| radopenWithContainer function| RadWindowprompt_detectenter object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| hdnOnResetForm object| hdnImageUrls object| rawData object| data function| showContents function| changeContent function| autoNextSlide object| __TsmHiddenField object| RadAjaxManager1 object| RadAjaxLoadingPanel1 object| recaptcha

6 Cookies

Domain/Path Name / Value
payroll-prev-qa.sprout.ph/ Name: ASP.NET_SessionId
Value: bpcs2eyk524n1lysr14v5cm2
.sprout.ph/ Name: mp__mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A18e16ff73102ebb-0c419b8db86f2c-673d5551-1d4c00-18e16ff73112ebb%22%2C%22%24device_id%22%3A%20%2218e16ff73102ebb-0c419b8db86f2c-673d5551-1d4c00-18e16ff73112ebb%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
.sprout.ph/ Name: _ga
Value: GA1.2.581781256.1709782824
.sprout.ph/ Name: _gid
Value: GA1.2.806541678.1709782824
.sprout.ph/ Name: _gat
Value: 1
.sprout.ph/ Name: _ga_EWJV11899B
Value: GS1.2.1709782824.1.0.1709782824.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.mixpanel.com
cdn.mxpnl.com
groovehq.com
i.imgur.com
jsonip.com
payroll-prev-qa.sprout.ph
sprout.groovehq.com
sproutpayrollteststorage.blob.core.windows.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.groovehq.com
www.gstatic.com
130.211.34.183
199.232.36.193
20.150.86.68
23.22.199.173
2600:1901:0:bbc3::
2600:1901:0:bc29::
2606:4700::6812:1935
2607:f8b0:4006:816::2003
2607:f8b0:4006:817::2004
2607:f8b0:4006:81e::200e
2607:f8b0:4006:821::2008
52.20.128.238
071b679cd75d48757f714cbbad006fd3beb7f30fcfe1e0caae000e5d4e66dea0
07898dbea18e7ce4e914d0bc94e23f568f47d03c57bdf0cc53751348b297569c
0ffcac8c17a0105c6ecb30c9c97bb1c5c212024425e8132854836ff154265bf8
166b0389c54d214bdac5e9283434f171404413d4448f949763d22fed5479c013
1d3d0f35f2b3ac8081c4bf0474d6ed17caa5d430b5140294b42d372eea9bd84e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7
33b35b9e64edd8618f1bc6d094e5c954ad00f227c5c3b69529d98061eed0d976
37c7075db923f45bfc05b0d21286d5b5573e25707994fbbbfa27fd3c95a6d963
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4ff676c053aa2a5b8fdd9cc25df446af989c205c9b4592db87f205386a05d00c
519436218a6dc8c7e071cdbedaa751dfb0aaeec5dd50954421423e9625ab79ff
56d03e275332777ce57ececa93220c0d46cfdf75c43133a5dfd25ef8937aa15c
69180dfc742889de9473d6c5d537d03eca22c1b880345085438888a8e7e054dc
69b234cb52f3b448fa888ffb85f25df6f9ece27dfb3b0561d19e6d8701def6da
6b5466ebf829f0effe6770cde6cc416ffc904ac6cae7a56fc98e23011b100295
7173071d77727862263cbc8816cdc18ad844a6292a7e19a70023d3b2352e1c63
7604615c681d3594432cb7f1b592657d1cac98acdb60c7e95619cddda19b265f
793414a5c29820d33c9a6a7120fdbbf4fdbabaf3f3cc0176a53336cc5bb4da5c
7c690a6ebb2eef51e8ccc66161b02197c22f388f1fc23c89e0f5c7b70e1eac50
8fe009a69ece1f14df16feeef8e747c5b5f713f43734b345ffb9f950004a3bfc
9a960d7aed8e5ab97945db2e9de63365b2c87a1bdfe5edc7f908fc6daa9cf881
9b6be3e478180b3afef3f27ce785189adbbb790636edccb998fa2239bb789a3a
9f29efc0a7d968a5b7678968d113a700bd7bf133483dd2d3c7e0c6d0b9213fdb
ae3c3ee0298361f0f13b06292dae856595ef18587bf238c51a7040b9b616ddd3
c788f139dee68ccc9b5e66fb18c033359f53316e7798975e30c5e0ddf15565d2
d2007b3a5292e084f682d6a36a7a0e74613fb142c1788e52d39bf22661936a1b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e787829fb214603cf5ea7ad65d9a82fbd747470577c9c5d0e240126c7d2266e5
f3a20fe98b85eadf7722040597af5bc2f2394c40cc7bd1466fe4d0654991f094