urlscan.io logo urlscan.io
SecurityTrails logo

corehr.hrcloud.com Open in urlscan Pro
162.246.160.92  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://corehr.hrcloud.com/#/Checklists/ChecklistItem/Form/3fef3de96dc2e6d04a6cc3effbbcb603/74fce15847bd9862e6eca604a03b5eac
Effective URL: https://corehr.hrcloud.com/Start/
Submission: On April 12 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 13 domains to perform 36 HTTP transactions. The main IP is 162.246.160.92, located in United States and belongs to NEOGOV - NEOGOV, US. The main domain is corehr.hrcloud.com.
TLS certificate: Issued by thawte SSL CA - G2 on January 25th 2017. Valid for: 3 years.
This is the only time corehr.hrcloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 162.246.160.92 33093 (NEOGOV)
4 52.222.149.142 16509 (AMAZON-02)
2 172.217.22.46 15169 (GOOGLE)
5 172.217.23.170 15169 (GOOGLE)
2 151.139.237.113 54104 (AS-STACKPATH)
1 52.222.146.18 16509 (AMAZON-02)
1 2 104.16.84.55 13335 (CLOUDFLAR...)
1 216.58.214.104 15169 (GOOGLE)
1 151.139.236.194 54104 (AS-STACKPATH)
2 185.60.216.19 32934 (FACEBOOK)
2 185.60.216.35 32934 (FACEBOOK)
1 23.111.9.32 54104 (AS-STACKPATH)
1 151.101.114.110 54113 (FASTLY)
1 162.247.242.20 23467 (NEWRELIC-...)
36 14
12    162.246.160.92 (United States)

ASN33093 (NEOGOV - NEOGOV, US)
PTR: api.hrcloud.com
corehr.hrcloud.com
4    52.222.149.142 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-149-142.fra53.r.cloudfront.net
d2iqo0i0q1jxbv.cloudfront.net
2    172.217.22.46 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f14.1e100.net
apis.google.com
5    172.217.23.170 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f10.1e100.net
maps.googleapis.com
2    151.139.237.113 (Dallas, United States)

ASN54104 (AS-STACKPATH - netDNA, US)
code.jquery.com
1    52.222.146.18 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-146-18.fra53.r.cloudfront.net
kendo.cdn.telerik.com
2    104.16.84.55 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
v2.zopim.com
1    216.58.214.104 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s05-in-f8.1e100.net
www.googletagmanager.com
1    151.139.236.194 (Dallas, United States)

ASN54104 (AS-STACKPATH - netDNA, US)
static.hotjar.com
2    185.60.216.19 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
2    185.60.216.35 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    23.111.9.32 (Phoenix, United States)

ASN54104 (AS-STACKPATH - netDNA, US)
script.hotjar.com
1    151.101.114.110 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    162.247.242.20 (United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-8.nr-data.net
bam.nr-data.net
Domain Requested by
12 corehr.hrcloud.com corehr.hrcloud.com
connect.facebook.net
js-agent.newrelic.com
5 maps.googleapis.com corehr.hrcloud.com
maps.googleapis.com
4 d2iqo0i0q1jxbv.cloudfront.net corehr.hrcloud.com
2 www.facebook.com corehr.hrcloud.com
2 connect.facebook.net corehr.hrcloud.com
connect.facebook.net
2 v2.zopim.com 1 redirects corehr.hrcloud.com
2 code.jquery.com corehr.hrcloud.com
2 apis.google.com corehr.hrcloud.com
apis.google.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com corehr.hrcloud.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.googletagmanager.com
1 www.googletagmanager.com corehr.hrcloud.com
1 kendo.cdn.telerik.com corehr.hrcloud.com
36 14

This site contains no links.

Subject Issuer Validity Valid
*.hrcloud.com
thawte SSL CA - G2		 2017-01-25 -
2020-02-24		 3 years crt.sh

This page contains 1 frames:

Primary Page: https://corehr.hrcloud.com/Start/
Frame ID: 663F27010E0FADB0144346D01428D819
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://corehr.hrcloud.com/ Page URL
  2. https://corehr.hrcloud.com/Start/ Page URL

Page Statistics

36
Requests

33 %
HTTPS

0 %
IPv6

13
Domains

14
Subdomains

14
IPs

2
Countries

2121 kB
Transfer

6272 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://corehr.hrcloud.com/ Page URL
  2. https://corehr.hrcloud.com/Start/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://v2.zopim.com/?2dDYCoF0bnmhm0Y2STSbMYJqF21TbvTS HTTP 302
  • https://v2.zopim.com/bin/v/widget_v2.244.js

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
corehr.hrcloud.com/ 		146 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://corehr.hrcloud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
162.246.160.92 , United States, ASN33093 (NEOGOV - NEOGOV, US),
Reverse DNS
api.hrcloud.com
Software
Web Server /
Resource Hash
c877b80d6ce39fbb27c6a935263b1d61d8f424e79e266ec63aea99c0a48a3422
Security Headers
Name Value
Strict-Transport-Security max-age=157680000 max-age=157680000
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
corehr.hrcloud.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=157680000 max-age=157680000
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Web Server
Mobile_AuthToken
Date
Thu, 12 Apr 2018 15:29:33 GMT
Content-Security-Policy-Report-Only
default-src 'self'; script-src 'self' *.newrelic.com *.hotjar.com *.zopim.com *.cloudfront.net *.google.com maps.googleapis.com www.google-analytics.com *.jquery.com *.linkedin.com linkedin.com *.intercom.io *.intercomcdn.com *.telerik.com *.skypeassets.com *.onesignal.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.cloudfront.net 'unsafe-inline'; font-src 'self' data: *.zopim.com *.intercomcdn.com *.cloudfront.net; img-src 'self' data: *.doubleclick.net *.linkedin.com linkedin.com *.cloudfront.net www.google-analytics.com *.gstatic.com *.giphy.com *.ytimg.com *.skypeassets.com *.vimeocdn.com; form-action 'self'; connect-src 'self' *.onesignal.com *.hotjar.com *.pndsn.com wss: *.intercom.io intercom.io api.sendbird.com *.giphy.com www.googleapis.com vimeo.com; frame-src 'self' *.hotjar.com *.google.com www.youtube.com *.vimeo.com skype:; report-uri /api/reporting/csp-violation-report
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, no-store
Set-Cookie
XSRF-TOKEN=24cf00ce-74a2-4207-9256-994e8b375585; domain=.hrcloud.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/ coreHr=; domain=.hrcloud.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure; HttpOnly __CoreHrTempData=; expires=Wed, 11-Apr-2018 15:29:33 GMT; path=/
Content-Length
218
X-XSS-Protection
1; mode=block
MetadataChangesetId
Expires
-1
Primary Request Cookie set /
corehr.hrcloud.com/Start/ 		12 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://corehr.hrcloud.com/Start/
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
162.246.160.92 , United States, ASN33093 (NEOGOV - NEOGOV, US),
Reverse DNS
api.hrcloud.com
Software
Web Server /
Resource Hash
6b57d8cbc8b39b5bc42a478ee7e82665b4503737ef466b5265ac63f985746dee
Security Headers
Name Value
Strict-Transport-Security max-age=157680000 max-age=157680000
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
corehr.hrcloud.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://corehr.hrcloud.com/
Cookie
XSRF-TOKEN=24cf00ce-74a2-4207-9256-994e8b375585; coreHr=
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
https://corehr.hrcloud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Strict-Transport-Security
max-age=157680000 max-age=157680000
Content-Encoding
gzip
Content-Security-Policy-Report-Only
default-src 'self'; script-src 'self' *.newrelic.com *.hotjar.com *.zopim.com *.cloudfront.net *.google.com maps.googleapis.com www.google-analytics.com *.jquery.com *.linkedin.com linkedin.com *.intercom.io *.intercomcdn.com *.telerik.com *.skypeassets.com *.onesignal.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.cloudfront.net 'unsafe-inline'; font-src 'self' data: *.zopim.com *.intercomcdn.com *.cloudfront.net; img-src 'self' data: *.doubleclick.net *.linkedin.com linkedin.com *.cloudfront.net www.google-analytics.com *.gstatic.com *.giphy.com *.ytimg.com *.skypeassets.com *.vimeocdn.com; form-action 'self'; connect-src 'self' *.onesignal.com *.hotjar.com *.pndsn.com wss: *.intercom.io intercom.io api.sendbird.com *.giphy.com www.googleapis.com vimeo.com; frame-src 'self' *.hotjar.com *.google.com www.youtube.com *.vimeo.com skype:; report-uri /api/reporting/csp-violation-report
Server
Web Server
Mobile_AuthToken
Date
Thu, 12 Apr 2018 15:29:33 GMT
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
private
Set-Cookie
coreHr=; domain=.hrcloud.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure; HttpOnly __CoreHrTempData=; expires=Wed, 11-Apr-2018 15:29:34 GMT; path=/
Content-Length
5311
X-XSS-Protection
1; mode=block
MetadataChangesetId
authStyles.bundle-7e6d3cbbe14255bacc9e.css
d2iqo0i0q1jxbv.cloudfront.net/production/hrcloud/GeneratedBundles/bundles/ 		76 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2iqo0i0q1jxbv.cloudfront.net/production/hrcloud/GeneratedBundles/bundles/authStyles.bundle-7e6d3cbbe14255bacc9e.css
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/Start/
Protocol
SPDY
Server
52.222.149.142 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-142.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8389eca841b166cfe8794f84365cffdfc63c907123b10dccad42fdfc43da6856

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Wed, 11 Apr 2018 14:09:29 GMT
content-encoding
gzip
x-amz-expiration
expiry-date="Sun, 27 May 2018 00:00:00 GMT", rule-id="Prod"
last-modified
Wed, 11 Apr 2018 14:09:04 GMT
server
AmazonS3
age
3027
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-id
Hes43VLQHmGYxzn55c6jK5-FtvUUjvdhbjzPnWWQ8nSu0ElQlDFWUA==
via
1.1 f66721f299cdd94cb1cfea4adb30fe56.cloudfront.net (CloudFront)
client:platform.js
apis.google.com/js/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client:platform.js
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/Start/
Protocol
SPDY
Server
172.217.22.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f14.1e100.net
Software
ESF /
Resource Hash
1671519ca4af4671426fdeab757cfc08efcd552b4f92108849f27e3308df7209
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20180405.13_p0
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

content-security-policy
script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20180405.13_p0
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
date
Thu, 12 Apr 2018 15:29:34 GMT
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"6c9d017376da5a1dd04aca980b9e720d"
timing-allow-origin
*
expires
Thu, 12 Apr 2018 15:29:34 GMT
js
maps.googleapis.com/maps/api/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?v=3.exp&libraries=weather,visualization,panoramio,places
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/Start/
Protocol
SPDY
Server
172.217.23.170 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f10.1e100.net
Software
mafe /
Resource Hash
f233eb1a88003307cd4ea67fd38f43f230adfa59b9699cd4e47b0dde06160e9f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Thu, 12 Apr 2018 15:29:34 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
27356
x-xss-protection
1; mode=block
expires
Thu, 12 Apr 2018 15:59:34 GMT
jquery-2.0.3.min.js
code.jquery.com/ 		82 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.0.3.min.js
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/Start/
Protocol
SPDY
Server
151.139.237.113 Dallas, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Thu, 12 Apr 2018 15:29:34 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 00:16:07 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"54499a47-1469c"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-ui.min.js
code.jquery.com/ui/1.11.4/ 		235 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.11.4/jquery-ui.min.js
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/Start/
Protocol
SPDY
Server
151.139.237.113 Dallas, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Thu, 12 Apr 2018 15:29:34 GMT
content-encoding
gzip
last-modified
Wed, 11 Mar 2015 13:03:17 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"55003d15-3ab2b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
expires
Thu, 31 Dec 2037 23:55:55 GMT
kendo.all.min.js
kendo.cdn.telerik.com/2016.1.112/js/ 		3 MB
908 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kendo.cdn.telerik.com/2016.1.112/js/kendo.all.min.js
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/Start/
Protocol
SPDY
Server
52.222.146.18 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-146-18.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
a7471d27b77263e2791e8501168caaedb078917aa7235fa876df60a310baf628

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Wed, 06 Sep 2017 17:10:09 GMT
content-encoding
gzip
last-modified
Thu, 03 Aug 2017 11:48:59 GMT
server
nginx
age
18829165
status
200
x-cache
Hit from cloudfront
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-amz-cf-id
S7JnT43X3B_FNQzkf_sOI6UkwKsDxMYVGxWC6CBP1QBgcdPGJ4wTeA==
via
1.1 a9e1c5fff6a2739d3f7026c216819292.cloudfront.net (CloudFront)
expires
Thu, 31 Dec 2037 23:55:55 GMT
authVendorScripts.bundle-64ba7d7b9c2aab1e0c1d.js
d2iqo0i0q1jxbv.cloudfront.net/production/hrcloud/GeneratedBundles/bundles/ 		758 KB
227 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2iqo0i0q1jxbv.cloudfront.net/production/hrcloud/GeneratedBundles/bundles/authVendorScripts.bundle-64ba7d7b9c2aab1e0c1d.js
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/Start/
Protocol
SPDY
Server
52.222.149.142 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-142.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
783b910a3ab5ef6a20af10eb0048f8a960d396ec07c3b106b1ff29734e26f37a

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Wed, 11 Apr 2018 14:12:00 GMT
content-encoding
gzip
x-amz-expiration
expiry-date="Sun, 27 May 2018 00:00:00 GMT", rule-id="Prod"
last-modified
Wed, 11 Apr 2018 14:09:04 GMT
server
AmazonS3
age
3027
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-id
EgCyhOmKzDrql84dD84phhBB0REOCAmy11Svc0q8CibiGZQAyg_CJg==
via
1.1 f66721f299cdd94cb1cfea4adb30fe56.cloudfront.net (CloudFront)
authScripts.bundle-90b4311fe7a2cadd16ff.js
d2iqo0i0q1jxbv.cloudfront.net/production/hrcloud/GeneratedBundles/bundles/ 		115 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2iqo0i0q1jxbv.cloudfront.net/production/hrcloud/GeneratedBundles/bundles/authScripts.bundle-90b4311fe7a2cadd16ff.js
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/Start/
Protocol
SPDY
Server
52.222.149.142 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-142.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4152a7e6ab7be767add7c6f7506c2394e333edfd91071ddaa4686d0b4770880

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Wed, 11 Apr 2018 14:09:29 GMT
content-encoding
gzip
x-amz-expiration
expiry-date="Sun, 27 May 2018 00:00:00 GMT", rule-id="Prod"
last-modified
Wed, 11 Apr 2018 14:09:04 GMT
server
AmazonS3
age
3027
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-id
z23yjXmdOUYplDvWmVp-VbEO4cJ_SQEG_K_5GI6sZzMhSJH_-NbP1A==
via
1.1 f66721f299cdd94cb1cfea4adb30fe56.cloudfront.net (CloudFront)
hrcloud-logo.png
corehr.hrcloud.com/Client/PatternLibrary/Styles/Assets/Images/ 		5 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://corehr.hrcloud.com/Client/PatternLibrary/Styles/Assets/Images/hrcloud-logo.png
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/Start/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
162.246.160.92 , United States, ASN33093 (NEOGOV - NEOGOV, US),
Reverse DNS
api.hrcloud.com
Software
Web Server /
Resource Hash
5701875e14deccd375ec4546472a67560c6262b766df324d81a218e7c53bdd99
Security Headers
Name Value
Strict-Transport-Security max-age=157680000 max-age=157680000
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
corehr.hrcloud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://corehr.hrcloud.com/Start/
Cookie
XSRF-TOKEN=24cf00ce-74a2-4207-9256-994e8b375585; coreHr=
Connection
keep-alive
Cache-Control
no-cache
Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Strict-Transport-Security
max-age=157680000 max-age=157680000
Last-Modified
Wed, 11 Apr 2018 14:08:17 GMT
Server
Web Server
ETag
"c65d458a9ed1d31:0"
Content-Security-Policy-Report-Only
default-src 'self'; script-src 'self' *.newrelic.com *.hotjar.com *.zopim.com *.cloudfront.net *.google.com maps.googleapis.com www.google-analytics.com *.jquery.com *.linkedin.com linkedin.com *.intercom.io *.intercomcdn.com *.telerik.com *.skypeassets.com *.onesignal.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.cloudfront.net 'unsafe-inline'; font-src 'self' data: *.zopim.com *.intercomcdn.com *.cloudfront.net; img-src 'self' data: *.doubleclick.net *.linkedin.com linkedin.com *.cloudfront.net www.google-analytics.com *.gstatic.com *.giphy.com *.ytimg.com *.skypeassets.com *.vimeocdn.com; form-action 'self'; connect-src 'self' *.onesignal.com *.hotjar.com *.pndsn.com wss: *.intercom.io intercom.io api.sendbird.com *.giphy.com www.googleapis.com vimeo.com; frame-src 'self' *.hotjar.com *.google.com www.youtube.com *.vimeo.com skype:; report-uri /api/reporting/csp-violation-report
Content-Type
image/png
Cache-Control
no-cache
Date
Thu, 12 Apr 2018 15:29:34 GMT
Accept-Ranges
bytes
Content-Length
5407
X-XSS-Protection
1; mode=block
landing-page-text.png
corehr.hrcloud.com/Client/PatternLibrary/Styles/Assets/Images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://corehr.hrcloud.com/Client/PatternLibrary/Styles/Assets/Images/landing-page-text.png
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/Start/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
162.246.160.92 , United States, ASN33093 (NEOGOV - NEOGOV, US),
Reverse DNS
api.hrcloud.com
Software
Web Server /
Resource Hash
ac3881287cf09b080fb694a2b3768302d879fb3a115eaff46673cda53617f57f
Security Headers
Name Value
Strict-Transport-Security max-age=157680000 max-age=157680000
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
corehr.hrcloud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://corehr.hrcloud.com/Start/
Cookie
XSRF-TOKEN=24cf00ce-74a2-4207-9256-994e8b375585; coreHr=
Connection
keep-alive
Cache-Control
no-cache
Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Strict-Transport-Security
max-age=157680000 max-age=157680000
Last-Modified
Wed, 11 Apr 2018 14:08:17 GMT
Server
Web Server
ETag
"8ab6d8899ed1d31:0"
Content-Security-Policy-Report-Only
default-src 'self'; script-src 'self' *.newrelic.com *.hotjar.com *.zopim.com *.cloudfront.net *.google.com maps.googleapis.com www.google-analytics.com *.jquery.com *.linkedin.com linkedin.com *.intercom.io *.intercomcdn.com *.telerik.com *.skypeassets.com *.onesignal.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.cloudfront.net 'unsafe-inline'; font-src 'self' data: *.zopim.com *.intercomcdn.com *.cloudfront.net; img-src 'self' data: *.doubleclick.net *.linkedin.com linkedin.com *.cloudfront.net www.google-analytics.com *.gstatic.com *.giphy.com *.ytimg.com *.skypeassets.com *.vimeocdn.com; form-action 'self'; connect-src 'self' *.onesignal.com *.hotjar.com *.pndsn.com wss: *.intercom.io intercom.io api.sendbird.com *.giphy.com www.googleapis.com vimeo.com; frame-src 'self' *.hotjar.com *.google.com www.youtube.com *.vimeo.com skype:; report-uri /api/reporting/csp-violation-report
Content-Type
image/png
Cache-Control
no-cache
Date
Thu, 12 Apr 2018 15:29:34 GMT
Accept-Ranges
bytes
Content-Length
19285
X-XSS-Protection
1; mode=block
landing-page-text-left.png
corehr.hrcloud.com/Client/PatternLibrary/Styles/Assets/Images/ 		20 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://corehr.hrcloud.com/Client/PatternLibrary/Styles/Assets/Images/landing-page-text-left.png
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/Start/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
162.246.160.92 , United States, ASN33093 (NEOGOV - NEOGOV, US),
Reverse DNS
api.hrcloud.com
Software
Web Server /
Resource Hash
fc9b4a59ef46592f73c2a8bb7b2dc9d4047fbce35ada1d1b58d5a62c9b3d739f
Security Headers
Name Value
Strict-Transport-Security max-age=157680000 max-age=157680000
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
corehr.hrcloud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://corehr.hrcloud.com/Start/
Cookie
XSRF-TOKEN=24cf00ce-74a2-4207-9256-994e8b375585; coreHr=
Connection
keep-alive
Cache-Control
no-cache
Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Strict-Transport-Security
max-age=157680000 max-age=157680000
Last-Modified
Wed, 11 Apr 2018 14:08:18 GMT
Server
Web Server
ETag
"9821698a9ed1d31:0"
Content-Security-Policy-Report-Only
default-src 'self'; script-src 'self' *.newrelic.com *.hotjar.com *.zopim.com *.cloudfront.net *.google.com maps.googleapis.com www.google-analytics.com *.jquery.com *.linkedin.com linkedin.com *.intercom.io *.intercomcdn.com *.telerik.com *.skypeassets.com *.onesignal.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.cloudfront.net 'unsafe-inline'; font-src 'self' data: *.zopim.com *.intercomcdn.com *.cloudfront.net; img-src 'self' data: *.doubleclick.net *.linkedin.com linkedin.com *.cloudfront.net www.google-analytics.com *.gstatic.com *.giphy.com *.ytimg.com *.skypeassets.com *.vimeocdn.com; form-action 'self'; connect-src 'self' *.onesignal.com *.hotjar.com *.pndsn.com wss: *.intercom.io intercom.io api.sendbird.com *.giphy.com www.googleapis.com vimeo.com; frame-src 'self' *.hotjar.com *.google.com www.youtube.com *.vimeo.com skype:; report-uri /api/reporting/csp-violation-report
Content-Type
image/png
Cache-Control
no-cache
Date
Thu, 12 Apr 2018 15:29:34 GMT
Accept-Ranges
bytes
Content-Length
20903
X-XSS-Protection
1; mode=block
landing-page.jpg
corehr.hrcloud.com/Client/PatternLibrary/Styles/Assets/Images/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://corehr.hrcloud.com/Client/PatternLibrary/Styles/Assets/Images/landing-page.jpg
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/Start/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
162.246.160.92 , United States, ASN33093 (NEOGOV - NEOGOV, US),
Reverse DNS
api.hrcloud.com
Software
Web Server /
Resource Hash
b562bba893620d45b6a1cef6ee2883fb81c7d4a342197868877f07ca17ad49ae
Security Headers
Name Value
Strict-Transport-Security max-age=157680000 max-age=157680000
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
corehr.hrcloud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://corehr.hrcloud.com/Start/
Cookie
XSRF-TOKEN=24cf00ce-74a2-4207-9256-994e8b375585; coreHr=
Connection
keep-alive
Cache-Control
no-cache
Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Strict-Transport-Security
max-age=157680000 max-age=157680000
Last-Modified
Wed, 11 Apr 2018 14:08:17 GMT
Server
Web Server
ETag
"f97add899ed1d31:0"
Content-Security-Policy-Report-Only
default-src 'self'; script-src 'self' *.newrelic.com *.hotjar.com *.zopim.com *.cloudfront.net *.google.com maps.googleapis.com www.google-analytics.com *.jquery.com *.linkedin.com linkedin.com *.intercom.io *.intercomcdn.com *.telerik.com *.skypeassets.com *.onesignal.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.cloudfront.net 'unsafe-inline'; font-src 'self' data: *.zopim.com *.intercomcdn.com *.cloudfront.net; img-src 'self' data: *.doubleclick.net *.linkedin.com linkedin.com *.cloudfront.net www.google-analytics.com *.gstatic.com *.giphy.com *.ytimg.com *.skypeassets.com *.vimeocdn.com; form-action 'self'; connect-src 'self' *.onesignal.com *.hotjar.com *.pndsn.com wss: *.intercom.io intercom.io api.sendbird.com *.giphy.com www.googleapis.com vimeo.com; frame-src 'self' *.hotjar.com *.google.com www.youtube.com *.vimeo.com skype:; report-uri /api/reporting/csp-violation-report
Content-Type
image/jpeg
Cache-Control
no-cache
Date
Thu, 12 Apr 2018 15:29:34 GMT
Accept-Ranges
bytes
Content-Length
93831
X-XSS-Protection
1; mode=block
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.pa4EfGZJtyM.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQE/rs=AGLTcCNvuMxw8LpLrCWFeoIaET1OMP8dSQ/ 		277 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.pa4EfGZJtyM.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQE/rs=AGLTcCNvuMxw8LpLrCWFeoIaET1OMP8dSQ/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js
Protocol
SPDY
Server
172.217.22.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f14.1e100.net
Software
sffe /
Resource Hash
20fb1c9b44eedd7124c59701b1084cdece0bac0b1324bfd418640f9bd2e8567e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Fri, 06 Apr 2018 19:01:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Apr 2018 21:54:04 GMT
server
sffe
age
505674
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
96680
x-xss-protection
1; mode=block
expires
Sat, 06 Apr 2019 19:01:40 GMT
widget_v2.244.js
v2.zopim.com/bin/v/
Redirect Chain
  • https://v2.zopim.com/?2dDYCoF0bnmhm0Y2STSbMYJqF21TbvTS
  • https://v2.zopim.com/bin/v/widget_v2.244.js
1 MB
238 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v2.zopim.com/bin/v/widget_v2.244.js
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/Start/
Protocol
SPDY
Server
104.16.84.55 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c184f7f144938ce294b40a87dc8613cba0f86857f4e4ede97348b4cf44e2319

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Thu, 12 Apr 2018 15:29:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 03 Apr 2018 06:18:02 GMT
server
cloudflare
etag
W/"5ac31c9a-103118"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=315360000
cf-ray
40a6baad591197e0-FRA
expires
Sun, 09 Apr 2028 15:29:34 GMT

Redirect headers

date
Thu, 12 Apr 2018 15:29:34 GMT
cf-cache-status
EXPIRED
server
cloudflare
status
302
etag
"5acecbbe-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
location
https://v2.zopim.com/bin/v/widget_v2.244.js
cache-control
max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray
40a6baad28ec97e0-FRA
content-length
0
expires
Thu, 12 Apr 2018 19:29:34 GMT
Cookie set csp-violation-report
corehr.hrcloud.com/api/reporting/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://corehr.hrcloud.com/api/reporting/csp-violation-report
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/Start/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
162.246.160.92 , United States, ASN33093 (NEOGOV - NEOGOV, US),
Reverse DNS
api.hrcloud.com
Software
Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=157680000 max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Pragma
no-cache
Origin
https://corehr.hrcloud.com
Accept-Encoding
gzip, deflate
Host
corehr.hrcloud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-Type
application/csp-report
Accept
*/*
Cache-Control
no-cache
Referer
https://corehr.hrcloud.com/Start/
Cookie
XSRF-TOKEN=24cf00ce-74a2-4207-9256-994e8b375585; coreHr=
Connection
keep-alive
Content-Length
1316
Referer
https://corehr.hrcloud.com/Start/
Origin
https://corehr.hrcloud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-Type
application/csp-report

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=157680000 max-age=157680000
X-Content-Type-Options
nosniff
Server
Web Server
MetadataChangesetId
Mobile_AuthToken
Date
Thu, 12 Apr 2018 15:29:33 GMT
X-Frame-Options
SAMEORIGIN
Cache-Control
no-cache
Set-Cookie
coreHr=; domain=.hrcloud.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure; HttpOnly
Content-Security-Policy-Report-Only
default-src 'self'; script-src 'self' *.newrelic.com *.hotjar.com *.zopim.com *.cloudfront.net *.google.com maps.googleapis.com www.google-analytics.com *.jquery.com *.linkedin.com linkedin.com *.intercom.io *.intercomcdn.com *.telerik.com *.skypeassets.com *.onesignal.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.cloudfront.net 'unsafe-inline'; font-src 'self' data: *.zopim.com *.intercomcdn.com *.cloudfront.net; img-src 'self' data: *.doubleclick.net *.linkedin.com linkedin.com *.cloudfront.net www.google-analytics.com *.gstatic.com *.giphy.com *.ytimg.com *.skypeassets.com *.vimeocdn.com; form-action 'self'; connect-src 'self' *.onesignal.com *.hotjar.com *.pndsn.com wss: *.intercom.io intercom.io api.sendbird.com *.giphy.com www.googleapis.com vimeo.com; frame-src 'self' *.hotjar.com *.google.com www.youtube.com *.vimeo.com skype:; report-uri /api/reporting/csp-violation-report
Content-Length
0
X-XSS-Protection
1; mode=block 1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Expires
-1
gtm.js
www.googletagmanager.com/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MR3FWVL
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/Start/
Protocol
SPDY
Server
216.58.214.104 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f8.1e100.net
Software
Google Tag Manager (scaffolding) /
Resource Hash
a7c8c1edba7ef45b375c20b6caac64a8468045ccb94597e6c0f7f2cce3e25d85
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Thu, 12 Apr 2018 15:29:34 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
16970
x-xss-protection
1; mode=block
expires
Thu, 12 Apr 2018 15:29:34 GMT
landing-page.jpg
d2iqo0i0q1jxbv.cloudfront.net/production/hrcloud/GeneratedBundles/assets/App/Images/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2iqo0i0q1jxbv.cloudfront.net/production/hrcloud/GeneratedBundles/assets/App/Images/landing-page.jpg
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/Start/
Protocol
SPDY
Server
52.222.149.142 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-142.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b562bba893620d45b6a1cef6ee2883fb81c7d4a342197868877f07ca17ad49ae

Request headers

Referer
https://d2iqo0i0q1jxbv.cloudfront.net/production/hrcloud/GeneratedBundles/bundles/authStyles.bundle-7e6d3cbbe14255bacc9e.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Wed, 11 Apr 2018 14:12:12 GMT
via
1.1 f66721f299cdd94cb1cfea4adb30fe56.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Sun, 27 May 2018 00:00:00 GMT", rule-id="Prod"
last-modified
Wed, 11 Apr 2018 14:09:06 GMT
server
AmazonS3
age
3026
etag
"95fa4f9d9cc8999df108bfeddd4f2d6a"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
status
200
accept-ranges
bytes
content-length
93831
x-amz-cf-id
Yma8tOrdjM9htv_qPNOkhtAhy30g8NiiZYCwm2l-Mz5Xaw7ireZWYg==
hotjar-544364.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-544364.js?sv=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR3FWVL
Protocol
SPDY
Server
151.139.236.194 Dallas, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
f025a0f0484a8262615d3954132e74dd1ca6bffef7347bec7ca708e245afc68e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

x-cache-hit
1
date
Thu, 12 Apr 2018 15:29:34 GMT
content-encoding
gzip
status
200
server
NetDNA-cache/2.2
x-frame-options
SAMEORIGIN
etag
W/73589e50e53cf1fd8168d427e97a1fe7
vary
Accept-Encoding
x-cache
REVALIDATED
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
access-control-allow-headers
content-type
Cookie set csp-violation-report
corehr.hrcloud.com/api/reporting/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://corehr.hrcloud.com/api/reporting/csp-violation-report
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
162.246.160.92 , United States, ASN33093 (NEOGOV - NEOGOV, US),
Reverse DNS
api.hrcloud.com
Software
Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=157680000 max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Pragma
no-cache
Origin
https://corehr.hrcloud.com
Accept-Encoding
gzip, deflate
Host
corehr.hrcloud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-Type
application/csp-report
Accept
*/*
Cache-Control
no-cache
Referer
https://corehr.hrcloud.com/Start/
Cookie
XSRF-TOKEN=24cf00ce-74a2-4207-9256-994e8b375585; coreHr=
Connection
keep-alive
Content-Length
1257
Referer
https://corehr.hrcloud.com/Start/
Origin
https://corehr.hrcloud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-Type
application/csp-report

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=157680000 max-age=157680000
X-Content-Type-Options
nosniff
Server
Web Server
MetadataChangesetId
Mobile_AuthToken
Date
Thu, 12 Apr 2018 15:29:34 GMT
X-Frame-Options
SAMEORIGIN
Cache-Control
no-cache
Set-Cookie
coreHr=; domain=.hrcloud.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure; HttpOnly
Content-Security-Policy-Report-Only
default-src 'self'; script-src 'self' *.newrelic.com *.hotjar.com *.zopim.com *.cloudfront.net *.google.com maps.googleapis.com www.google-analytics.com *.jquery.com *.linkedin.com linkedin.com *.intercom.io *.intercomcdn.com *.telerik.com *.skypeassets.com *.onesignal.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.cloudfront.net 'unsafe-inline'; font-src 'self' data: *.zopim.com *.intercomcdn.com *.cloudfront.net; img-src 'self' data: *.doubleclick.net *.linkedin.com linkedin.com *.cloudfront.net www.google-analytics.com *.gstatic.com *.giphy.com *.ytimg.com *.skypeassets.com *.vimeocdn.com; form-action 'self'; connect-src 'self' *.onesignal.com *.hotjar.com *.pndsn.com wss: *.intercom.io intercom.io api.sendbird.com *.giphy.com www.googleapis.com vimeo.com; frame-src 'self' *.hotjar.com *.google.com www.youtube.com *.vimeo.com skype:; report-uri /api/reporting/csp-violation-report
Content-Length
0
X-XSS-Protection
1; mode=block 1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Expires
-1
fbevents.js
connect.facebook.net/en_US/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/
Protocol
SPDY
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
29451fb716c05b025bfb8a468767f7112baad0112dbc512d1610f64dbbad4bc0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
12439
x-xss-protection
0
pragma
public
x-fb-debug
8OQFTIFYSUhps556XxEeGLgWDmskS5uORu9FqBhGguw5uD5AEKyEjJZVEE1yNyVzqvViDLnJnsrdUtbW99c8AQ==
x-frame-options
DENY
date
Thu, 12 Apr 2018 15:29:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
Cookie set csp-violation-report
corehr.hrcloud.com/api/reporting/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://corehr.hrcloud.com/api/reporting/csp-violation-report
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
162.246.160.92 , United States, ASN33093 (NEOGOV - NEOGOV, US),
Reverse DNS
api.hrcloud.com
Software
Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=157680000 max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Pragma
no-cache
Origin
https://corehr.hrcloud.com
Accept-Encoding
gzip, deflate
Host
corehr.hrcloud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-Type
application/csp-report
Accept
*/*
Cache-Control
no-cache
Referer
https://corehr.hrcloud.com/Start/
Cookie
XSRF-TOKEN=24cf00ce-74a2-4207-9256-994e8b375585; coreHr=
Connection
keep-alive
Content-Length
1354
Referer
https://corehr.hrcloud.com/Start/
Origin
https://corehr.hrcloud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-Type
application/csp-report

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=157680000 max-age=157680000
X-Content-Type-Options
nosniff
Server
Web Server
MetadataChangesetId
Mobile_AuthToken
Date
Thu, 12 Apr 2018 15:29:34 GMT
X-Frame-Options
SAMEORIGIN
Cache-Control
no-cache
Set-Cookie
coreHr=; domain=.hrcloud.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure; HttpOnly
Content-Security-Policy-Report-Only
default-src 'self'; script-src 'self' *.newrelic.com *.hotjar.com *.zopim.com *.cloudfront.net *.google.com maps.googleapis.com www.google-analytics.com *.jquery.com *.linkedin.com linkedin.com *.intercom.io *.intercomcdn.com *.telerik.com *.skypeassets.com *.onesignal.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.cloudfront.net 'unsafe-inline'; font-src 'self' data: *.zopim.com *.intercomcdn.com *.cloudfront.net; img-src 'self' data: *.doubleclick.net *.linkedin.com linkedin.com *.cloudfront.net www.google-analytics.com *.gstatic.com *.giphy.com *.ytimg.com *.skypeassets.com *.vimeocdn.com; form-action 'self'; connect-src 'self' *.onesignal.com *.hotjar.com *.pndsn.com wss: *.intercom.io intercom.io api.sendbird.com *.giphy.com www.googleapis.com vimeo.com; frame-src 'self' *.hotjar.com *.google.com www.youtube.com *.vimeo.com skype:; report-uri /api/reporting/csp-violation-report
Content-Length
0
X-XSS-Protection
1; mode=block 1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Expires
-1
1820129298313121
connect.facebook.net/signals/config/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1820129298313121?v=2.8.12&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
SPDY
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
2e090c640208f97f63e9d91b5a1397b6c8f3738529ab1643551c31cfe9cf0987
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
H2ZxeZvYFahvnZdnZDyQPc57YWp65m19ICF4Uy+HWT5qCNR76Aqm7LN+PSOCmB/A6Zl2mdxmqB/vgmHB65t+FQ==
x-frame-options
DENY
date
Thu, 12 Apr 2018 15:29:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
Cookie set csp-violation-report
corehr.hrcloud.com/api/reporting/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://corehr.hrcloud.com/api/reporting/csp-violation-report
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/Start/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
162.246.160.92 , United States, ASN33093 (NEOGOV - NEOGOV, US),
Reverse DNS
api.hrcloud.com
Software
Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=157680000 max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Pragma
no-cache
Origin
https://corehr.hrcloud.com
Accept-Encoding
gzip, deflate
Host
corehr.hrcloud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-Type
application/csp-report
Accept
*/*
Cache-Control
no-cache
Referer
https://corehr.hrcloud.com/Start/
Cookie
XSRF-TOKEN=24cf00ce-74a2-4207-9256-994e8b375585; coreHr=
Connection
keep-alive
Content-Length
1587
Referer
https://corehr.hrcloud.com/Start/
Origin
https://corehr.hrcloud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-Type
application/csp-report

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=157680000 max-age=157680000
X-Content-Type-Options
nosniff
Server
Web Server
MetadataChangesetId
Mobile_AuthToken
Date
Thu, 12 Apr 2018 15:29:34 GMT
X-Frame-Options
SAMEORIGIN
Cache-Control
no-cache
Set-Cookie
coreHr=; domain=.hrcloud.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure; HttpOnly
Content-Security-Policy-Report-Only
default-src 'self'; script-src 'self' *.newrelic.com *.hotjar.com *.zopim.com *.cloudfront.net *.google.com maps.googleapis.com www.google-analytics.com *.jquery.com *.linkedin.com linkedin.com *.intercom.io *.intercomcdn.com *.telerik.com *.skypeassets.com *.onesignal.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.cloudfront.net 'unsafe-inline'; font-src 'self' data: *.zopim.com *.intercomcdn.com *.cloudfront.net; img-src 'self' data: *.doubleclick.net *.linkedin.com linkedin.com *.cloudfront.net www.google-analytics.com *.gstatic.com *.giphy.com *.ytimg.com *.skypeassets.com *.vimeocdn.com; form-action 'self'; connect-src 'self' *.onesignal.com *.hotjar.com *.pndsn.com wss: *.intercom.io intercom.io api.sendbird.com *.giphy.com www.googleapis.com vimeo.com; frame-src 'self' *.hotjar.com *.google.com www.youtube.com *.vimeo.com skype:; report-uri /api/reporting/csp-violation-report
Content-Length
0
X-XSS-Protection
1; mode=block 1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Expires
-1
/
www.facebook.com/tr/ 		44 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1820129298313121&ev=PageView&dl=https%3A%2F%2Fcorehr.hrcloud.com%2FStart%2F%23%2FAuthentication%2FLogin%3FreturnUrl%3D%2523%252FChecklists%252FChecklistItem%252FForm%252F3fef3de96dc2e6d04a6cc3effbbcb603%252F74fce15847bd9862e6eca604a03b5eac&rl=https%3A%2F%2Fcorehr.hrcloud.com%2F&if=false&ts=1523546974452&sw=1600&sh=1200&v=2.8.12&r=stable&a=tmgoogletagmanager&ec=0&o=28&it=1523546974349
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/Start/
Protocol
SPDY
Server
185.60.216.35 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Thu, 12 Apr 2018 15:29:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 12 Apr 2018 15:29:34 GMT
modules-6790f3a9851d3ea1a2a8ed8c2225d8c7.js
script.hotjar.com/ 		359 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules-6790f3a9851d3ea1a2a8ed8c2225d8c7.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-544364.js?sv=5
Protocol
SPDY
Server
23.111.9.32 Phoenix, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
92f7c4f82f0027e53d4f004bb38ed25df8e22985b6be500513d29acff078f0c6

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Thu, 12 Apr 2018 15:29:34 GMT
content-encoding
gzip
last-modified
Mon, 09 Apr 2018 18:53:17 GMT
server
NetDNA-cache/2.2
x-amz-request-id
D6F0E86FC8879CDD
etag
W/"6790f3a9851d3ea1a2a8ed8c2225d8c7"
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-amz-id-2
xvMs8l1WG67gbtcM5wau0HIWVEEkYpUWrU/bV1ct7I5cSZml0QMsYK7mS63tJmklSTyJgW5Laoc=
nr-1071.min.js
js-agent.newrelic.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1071.min.js
Requested by
Host: corehr.hrcloud.com
URL: https://corehr.hrcloud.com/Start/
Protocol
SPDY
Server
151.101.114.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Thu, 12 Apr 2018 15:29:35 GMT
content-encoding
gzip
x-amz-request-id
4FA97F9146AC1E0C
x-cache
HIT
status
200
content-length
9086
x-amz-id-2
2u+ePBLq0i+86Rc6Ty4s1JjLllOr+DvppPFIKi56RBFSrYzKnBNjQJjsdHXpgMCr0P5LWmRHmOY=
x-served-by
cache-hhn1538-HHN
last-modified
Wed, 28 Feb 2018 23:33:31 GMT
server
AmazonS3
x-timer
S1523546976.580699,VS0,VE0
etag
"a1a545c95f313a230157b47dca555c25"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
13506
Cookie set csp-violation-report
corehr.hrcloud.com/api/reporting/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://corehr.hrcloud.com/api/reporting/csp-violation-report
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
162.246.160.92 , United States, ASN33093 (NEOGOV - NEOGOV, US),
Reverse DNS
api.hrcloud.com
Software
Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=157680000 max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Pragma
no-cache
Origin
https://corehr.hrcloud.com
Accept-Encoding
gzip, deflate
Host
corehr.hrcloud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-Type
application/csp-report
Accept
*/*
Cache-Control
no-cache
Referer
https://corehr.hrcloud.com/Start/
Cookie
XSRF-TOKEN=24cf00ce-74a2-4207-9256-994e8b375585; coreHr=; __zlcmid=lthGHyK52enNgp
Connection
keep-alive
Content-Length
1804
Referer
https://corehr.hrcloud.com/Start/
Origin
https://corehr.hrcloud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-Type
application/csp-report

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=157680000 max-age=157680000
X-Content-Type-Options
nosniff
Server
Web Server
MetadataChangesetId
Mobile_AuthToken
Date
Thu, 12 Apr 2018 15:29:35 GMT
X-Frame-Options
SAMEORIGIN
Cache-Control
no-cache
Set-Cookie
coreHr=; domain=.hrcloud.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure; HttpOnly
Content-Security-Policy-Report-Only
default-src 'self'; script-src 'self' *.newrelic.com *.hotjar.com *.zopim.com *.cloudfront.net *.google.com maps.googleapis.com www.google-analytics.com *.jquery.com *.linkedin.com linkedin.com *.intercom.io *.intercomcdn.com *.telerik.com *.skypeassets.com *.onesignal.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.cloudfront.net 'unsafe-inline'; font-src 'self' data: *.zopim.com *.intercomcdn.com *.cloudfront.net; img-src 'self' data: *.doubleclick.net *.linkedin.com linkedin.com *.cloudfront.net www.google-analytics.com *.gstatic.com *.giphy.com *.ytimg.com *.skypeassets.com *.vimeocdn.com; form-action 'self'; connect-src 'self' *.onesignal.com *.hotjar.com *.pndsn.com wss: *.intercom.io intercom.io api.sendbird.com *.giphy.com www.googleapis.com vimeo.com; frame-src 'self' *.hotjar.com *.google.com www.youtube.com *.vimeo.com skype:; report-uri /api/reporting/csp-violation-report
Content-Length
0
X-XSS-Protection
1; mode=block 1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Expires
-1
89019a8e50
bam.nr-data.net/1/ 		57 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/89019a8e50?a=4102883&v=1071.385e752&to=NlAGYxEFC0RWBhUIDQ8aKWEgSyRCQw0EDxYIVgVDCgsLdFgLFRMNDVkBRUwtC1NSHQ%3D%3D&rst=1725&ref=https://corehr.hrcloud.com/Start/&ap=21&be=198&fe=1713&dc=944&perf=%7B%22timing%22:%7B%22of%22:1523546973864,%22n%22:0,%22u%22:193,%22ue%22:193,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22ce%22:1,%22rq%22:1,%22rp%22:191,%22rpe%22:193,%22dl%22:195,%22di%22:401,%22ds%22:944,%22de%22:947,%22dc%22:1713,%22l%22:1713,%22le%22:1714%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol
HTTP/1.1
Server
162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
Cookie set csp-violation-report
corehr.hrcloud.com/api/reporting/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://corehr.hrcloud.com/api/reporting/csp-violation-report
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
162.246.160.92 , United States, ASN33093 (NEOGOV - NEOGOV, US),
Reverse DNS
api.hrcloud.com
Software
Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=157680000 max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Pragma
no-cache
Origin
https://corehr.hrcloud.com
Accept-Encoding
gzip, deflate
Host
corehr.hrcloud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-Type
application/csp-report
Accept
*/*
Cache-Control
no-cache
Referer
https://corehr.hrcloud.com/Start/
Cookie
XSRF-TOKEN=24cf00ce-74a2-4207-9256-994e8b375585; coreHr=; __zlcmid=lthGHyK52enNgp
Connection
keep-alive
Content-Length
1698
Referer
https://corehr.hrcloud.com/Start/
Origin
https://corehr.hrcloud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-Type
application/csp-report

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=157680000 max-age=157680000
X-Content-Type-Options
nosniff
Server
Web Server
MetadataChangesetId
Mobile_AuthToken
Date
Thu, 12 Apr 2018 15:29:35 GMT
X-Frame-Options
SAMEORIGIN
Cache-Control
no-cache
Set-Cookie
coreHr=; domain=.hrcloud.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure; HttpOnly
Content-Security-Policy-Report-Only
default-src 'self'; script-src 'self' *.newrelic.com *.hotjar.com *.zopim.com *.cloudfront.net *.google.com maps.googleapis.com www.google-analytics.com *.jquery.com *.linkedin.com linkedin.com *.intercom.io *.intercomcdn.com *.telerik.com *.skypeassets.com *.onesignal.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.cloudfront.net 'unsafe-inline'; font-src 'self' data: *.zopim.com *.intercomcdn.com *.cloudfront.net; img-src 'self' data: *.doubleclick.net *.linkedin.com linkedin.com *.cloudfront.net www.google-analytics.com *.gstatic.com *.giphy.com *.ytimg.com *.skypeassets.com *.vimeocdn.com; form-action 'self'; connect-src 'self' *.onesignal.com *.hotjar.com *.pndsn.com wss: *.intercom.io intercom.io api.sendbird.com *.giphy.com www.googleapis.com vimeo.com; frame-src 'self' *.hotjar.com *.google.com www.youtube.com *.vimeo.com skype:; report-uri /api/reporting/csp-violation-report
Content-Length
0
X-XSS-Protection
1; mode=block 1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Expires
-1
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1820129298313121&ev=Microdata&dl=https%3A%2F%2Fcorehr.hrcloud.com%2FStart%2F%23%2FAuthentication%2FLogin%3FreturnUrl%3D%2523%252FChecklists%252FChecklistItem%252FForm%252F3fef3de96dc2e6d04a6cc3effbbcb603%252F74fce15847bd9862e6eca604a03b5eac&rl=https%3A%2F%2Fcorehr.hrcloud.com%2F&if=false&ts=1523546975963&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22HR%20Cloud%22%7D&cd[DataLayer]=%5B%5D&sw=1600&sh=1200&v=2.8.12&r=stable&a=tmgoogletagmanager&ec=1&o=28&it=1523546974349
Protocol
SPDY
Server
185.60.216.35 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Thu, 12 Apr 2018 15:29:35 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 12 Apr 2018 15:29:35 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/32/10/ 		81 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/32/10/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3.exp&libraries=weather,visualization,panoramio,places
Protocol
SPDY
Server
172.217.23.170 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f10.1e100.net
Software
sffe /
Resource Hash
c5ebd0bdb6b5873fa135da7a710d26d520993e16dd52b01685d2340768f9e546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Wed, 11 Apr 2018 21:34:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Apr 2018 03:12:44 GMT
server
sffe
age
64516
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
29383
x-xss-protection
1; mode=block
expires
Thu, 11 Apr 2019 21:34:23 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/32/10/ 		133 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/32/10/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3.exp&libraries=weather,visualization,panoramio,places
Protocol
SPDY
Server
172.217.23.170 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f10.1e100.net
Software
sffe /
Resource Hash
8b40ecd9741ba2bb9ba8220cac64785f22925853983294c960fdb045fbe19f8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Wed, 11 Apr 2018 21:34:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Apr 2018 03:12:44 GMT
server
sffe
age
64514
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
51889
x-xss-protection
1; mode=block
expires
Thu, 11 Apr 2019 21:34:25 GMT
stats.js
maps.googleapis.com/maps-api-v3/api/js/32/10/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/32/10/stats.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3.exp&libraries=weather,visualization,panoramio,places
Protocol
SPDY
Server
172.217.23.170 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f10.1e100.net
Software
sffe /
Resource Hash
3ba197980512a0cc9a3b4075ceb57c8ecab482305b2c25ed9457d1c44ab50946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Wed, 11 Apr 2018 21:34:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Apr 2018 03:12:44 GMT
server
sffe
age
64501
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
1585
x-xss-protection
1; mode=block
expires
Thu, 11 Apr 2019 21:34:38 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ 		48 B
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fcorehr.hrcloud.com%2FStart%2F%23%2FAuthentication%2FLogin%3FreturnUrl%3D%2523%252FChecklists%252FChecklistItem%252FForm%252F3fef3de96dc2e6d04a6cc3effbbcb603%252F74fce15847bd9862e6eca604a03b5eac&callback=_xdc_._hngdot&token=40474
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3.exp&libraries=weather,visualization,panoramio,places
Protocol
SPDY
Server
172.217.23.170 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f10.1e100.net
Software
mafe /
Resource Hash
637abe9fd197f590e926bfb45eed1ec0c7a2fe9f7ed950ec1d349edd95978229
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://corehr.hrcloud.com/Start/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Apr 2018 15:29:39 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
57
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| newrelic function| __nr_require object| ___gcfg string| CKEDITOR_BASEPATH number| maxRequestLengthInBytes string| embeddedSharedFolderBase object| gapi object| ___jsl object| ___gu object| google function| $ function| jQuery function| fakeLocalStorage undefined| Skype object| SharedEnumerations object| AngularExtensions object| EmbeddedTemplateUrlFactory object| FlyoutHelper undefined| InfrastructureAngular undefined| LayoutUrls undefined| ControllerName undefined| Layout undefined| __extends undefined| AuthAngular undefined| Auth undefined| SignUp undefined| ProductThemes undefined| Shared undefined| Users undefined| patterns object| applicationBootstrapModel undefined| Intercom object| googleAnalyticsConfiguration function| $zopim object| dataLayer object| osapi object| gadgets object| shindig object| pos object| googleapis object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__ object| google_tag_manager function| hj object| _hjSettings function| fbq function| _fbq string| __$__GEO string| __$z_results string| __$z_innerText object| hjSiteSettings function| hjBootstrap object| kendo object| _xdc_

3 Cookies

Domain/Path Name / Value
.hrcloud.com/ Name: __zlcmid
Value: lthGHyK52enNgp
.hrcloud.com/ Name: coreHr
Value:
.hrcloud.com/ Name: XSRF-TOKEN
Value: 24cf00ce-74a2-4207-9256-994e8b375585

1 Console Messages

Source Level URL
Text
console-api warning URL: https://maps.googleapis.com/maps-api-v3/api/js/32/10/util.js(Line 228)
Message:
Google Maps API warning: NoApiKeys https://developers.google.com/maps/documentation/javascript/error-messages#no-api-keys

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=157680000 max-age=157680000
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
bam.nr-data.net
code.jquery.com
connect.facebook.net
corehr.hrcloud.com
d2iqo0i0q1jxbv.cloudfront.net
js-agent.newrelic.com
kendo.cdn.telerik.com
maps.googleapis.com
script.hotjar.com
static.hotjar.com
v2.zopim.com
www.facebook.com
www.googletagmanager.com
104.16.84.55
151.101.114.110
151.139.236.194
151.139.237.113
162.246.160.92
162.247.242.20
172.217.22.46
172.217.23.170
185.60.216.19
185.60.216.35
216.58.214.104
23.111.9.32
52.222.146.18
52.222.149.142
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1671519ca4af4671426fdeab757cfc08efcd552b4f92108849f27e3308df7209
1c184f7f144938ce294b40a87dc8613cba0f86857f4e4ede97348b4cf44e2319
20fb1c9b44eedd7124c59701b1084cdece0bac0b1324bfd418640f9bd2e8567e
29451fb716c05b025bfb8a468767f7112baad0112dbc512d1610f64dbbad4bc0
2e090c640208f97f63e9d91b5a1397b6c8f3738529ab1643551c31cfe9cf0987
3ba197980512a0cc9a3b4075ceb57c8ecab482305b2c25ed9457d1c44ab50946
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
5701875e14deccd375ec4546472a67560c6262b766df324d81a218e7c53bdd99
637abe9fd197f590e926bfb45eed1ec0c7a2fe9f7ed950ec1d349edd95978229
6b57d8cbc8b39b5bc42a478ee7e82665b4503737ef466b5265ac63f985746dee
783b910a3ab5ef6a20af10eb0048f8a960d396ec07c3b106b1ff29734e26f37a
8389eca841b166cfe8794f84365cffdfc63c907123b10dccad42fdfc43da6856
8b40ecd9741ba2bb9ba8220cac64785f22925853983294c960fdb045fbe19f8b
92f7c4f82f0027e53d4f004bb38ed25df8e22985b6be500513d29acff078f0c6
a7471d27b77263e2791e8501168caaedb078917aa7235fa876df60a310baf628
a7c8c1edba7ef45b375c20b6caac64a8468045ccb94597e6c0f7f2cce3e25d85
ac3881287cf09b080fb694a2b3768302d879fb3a115eaff46673cda53617f57f
b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba
b562bba893620d45b6a1cef6ee2883fb81c7d4a342197868877f07ca17ad49ae
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c5ebd0bdb6b5873fa135da7a710d26d520993e16dd52b01685d2340768f9e546
c877b80d6ce39fbb27c6a935263b1d61d8f424e79e266ec63aea99c0a48a3422
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f025a0f0484a8262615d3954132e74dd1ca6bffef7347bec7ca708e245afc68e
f233eb1a88003307cd4ea67fd38f43f230adfa59b9699cd4e47b0dde06160e9f
f4152a7e6ab7be767add7c6f7506c2394e333edfd91071ddaa4686d0b4770880
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fc9b4a59ef46592f73c2a8bb7b2dc9d4047fbce35ada1d1b58d5a62c9b3d739f