urlscan.io logo urlscan.io
SecurityTrails logo

tsheets.intuit.com Open in urlscan Pro
35.81.9.204  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://visit.tsheets.com/ls/click?upn=VPPml9HLNaLmKlPyGG-2FnjS0WtE7OSyvhcUNhUaj7U4WIO2EM6SxO5-2FoiLcGlXaY0ZgrbWbJykwsPJes...
Effective URL: https://tsheets.intuit.com/page/login_oii
Submission: On July 06 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 9 domains to perform 58 HTTP transactions. The main IP is 35.81.9.204, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is tsheets.intuit.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 20th 2021. Valid for: a year.
This is the only time tsheets.intuit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    167.89.123.54 (Chicago, United States)

ASN11377 (SENDGRID, US)
PTR: o16789123x54.outbound-mail.sendgrid.net
visit.tsheets.com
9    35.81.9.204 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-9-204.us-west-2.compute.amazonaws.com
tsheets.intuit.com
9    104.111.250.17 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-250-17.deploy.static.akamaitechnologies.com
accounts.intuit.com
1    13.225.87.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-15.fra2.r.cloudfront.net
cdn.decibelinsight.net
13    23.39.250.224 (Aubervilliers, France)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-250-224.deploy.static.akamaitechnologies.com
plugin.intuitcdn.net
3    2600:9000:2156:b400:8:5d53:c240:93a1 (United States)

ASN16509 (AMAZON-02, US)
buildassets.tsheets.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
11    91.235.133.92 (United States)

ASN30286 (THM, US)
pf.intuit.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
2    23.79.134.81 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-134-81.deploy.static.akamaitechnologies.com
lib.intuitcdn.net
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.156.152.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-152-125.eu-central-1.compute.amazonaws.com
collection.decibelinsight.net
2    91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net
h.online-metrix.net
1    91.235.134.131 (United States)

ASN30286 (THM, US)
v60nf4ojgozfikjruysq6kvxzf4py63b3zpewwp2393b18bb2672a089am1.e.aa.online-metrix.net
2    13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
sci.intuit.com
Domain Requested by
13 plugin.intuitcdn.net accounts.intuit.com
11 pf.intuit.com accounts.intuit.com
pf.intuit.com
9 accounts.intuit.com tsheets.intuit.com
accounts.intuit.com
9 tsheets.intuit.com tsheets.intuit.com
3 buildassets.tsheets.com tsheets.intuit.com
2 sci.intuit.com 1 redirects
2 h.online-metrix.net pf.intuit.com
2 lib.intuitcdn.net tsheets.intuit.com
2 www.google-analytics.com buildassets.tsheets.com
www.google-analytics.com
1 v60nf4ojgozfikjruysq6kvxzf4py63b3zpewwp2393b18bb2672a089am1.e.aa.online-metrix.net
1 collection.decibelinsight.net cdn.decibelinsight.net
1 ampcid.google.de www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 cdn.decibelinsight.net tsheets.intuit.com
1 visit.tsheets.com 1 redirects
0 ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed pf.intuit.com
58 16
Subject Issuer Validity Valid
*.tsheets.intuit.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-20 -
2022-01-24		 a year crt.sh
accounts-prd.intuit.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-18 -
2021-11-22		 a year crt.sh
*.decibelinsight.net
Amazon		 2021-03-15 -
2022-04-13		 a year crt.sh
*.intuitcdn.net
DigiCert SHA2 Secure Server CA		 2021-03-15 -
2022-03-23		 a year crt.sh
*.tsheets.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-04-08		 10 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
pf.intuit.com
DigiCert SHA2 Secure Server CA		 2020-08-28 -
2021-09-23		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
lib.intuitcdn.net
GeoTrust RSA CA 2018		 2021-06-09 -
2022-06-14		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
h.online-metrix.net
Trustwave Organization Validation SHA256 CA, Level 1		 2021-01-21 -
2022-01-21		 a year crt.sh
*.e.aa.online-metrix.net
Go Daddy Secure Certificate Authority - G2		 2019-09-13 -
2021-09-13		 2 years crt.sh
sci.intuit.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-18 -
2021-12-19		 a year crt.sh

This page contains 8 frames:

Primary Page: https://tsheets.intuit.com/page/login_oii
Frame ID: A221F3BF24ABE1F1EA39447BD2D32FCE
Requests: 39 HTTP requests in this frame

Frame: https://accounts.intuit.com/xdr.html?v2=true&corsEnabled&tests=ius_session
Frame ID: 48C87B016699A41555BC4430961A9D02
Requests: 3 HTTP requests in this frame

Frame: https://tsheets.intuit.com/ajax?xdm_e=https%3A%2F%2Ftsheets.intuit.com%2Fpage%2Flogin_oii&xdm_c=default554&xdm_p=4
Frame ID: 045E7DA9EF023E9F9B892CAB90E09422
Requests: 2 HTTP requests in this frame

Frame: https://pf.intuit.com/fp/tags?js=1&org_id=v60nf4oj&session_id=03CCE676B38D42E9AC81FEB4F476F9E8&page_id=2&pageid=2
Frame ID: D5AD5D6F2BE122317142C7640019921D
Requests: 11 HTTP requests in this frame

Frame: https://accounts.intuit.com/ividFrame.html?samesite_support=true
Frame ID: AB35B0C413F6DAF6A490F6B8EE5E8F9D
Requests: 2 HTTP requests in this frame

Frame: https://pf.intuit.com/fp/ls_fp.html;CIS3SID=828AD83B72ECB5F00918389055ECB6F7?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2
Frame ID: BDE29F446A555DD6C33547E0855A355C
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=828AD83B72ECB5F00918389055ECB6F7?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2
Frame ID: D027FAF341A125B7DA0861F8261757A1
Requests: 2 HTTP requests in this frame

Frame: https://pf.intuit.com/fp/top_fp.html;CIS3SID=828AD83B72ECB5F00918389055ECB6F7?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2
Frame ID: 920BAE2E347EBE3A0AF98A28A5DDBD2F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://visit.tsheets.com/ls/click?upn=VPPml9HLNaLmKlPyGG-2FnjS0WtE7OSyvhcUNhUaj7U4WIO2EM6SxO5-2FoiLcG... HTTP 302
    https://tsheets.intuit.com/?show=~YWRkb25fdGltZV9vZmZfcmVxdWVzdHN%2BZGlzcGxheX5pbml0aWFsX3JlcXVlc3RfaWQ... Page URL
  2. https://tsheets.intuit.com/page/login_oii Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

58
Requests

98 %
HTTPS

31 %
IPv6

9
Domains

16
Subdomains

16
IPs

3
Countries

1517 kB
Transfer

5800 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://visit.tsheets.com/ls/click?upn=VPPml9HLNaLmKlPyGG-2FnjS0WtE7OSyvhcUNhUaj7U4WIO2EM6SxO5-2FoiLcGlXaY0ZgrbWbJykwsPJesG-2BfCEX-2F4g-2BLx-2FET9jS7ZZ6Qesydk6wzPa3kE2CHSrZc7TS5VqbHpJlFRRxqJ0Isp1ejxuP8f61yBDSTAeVRPdHADA6oHOF8mKNdK3D6ur6tGei82fPObA_3YGB4G0VQXKAC69TMXXycaQyEFWR-2BCpduLXxiiRIDJhb3510-2BD5Ym6-2BallisbtpO6T1NQtjmmTJjvHbjIrsCtnUL5JFOQ1bw4-2FRTFTFd1WYTDcXpZru4zX0zixgIrv9FkQkFqaC2r-2B1V-2Byfu2Nub0mfokqrvYPfCyioKtC-2BuO8TvhK9-2BE5PlAUlyg-2FWJGExq3RZXQQvv4DW1ZjMCqnkxmQ-3D-3D HTTP 302
    https://tsheets.intuit.com/?show=~YWRkb25fdGltZV9vZmZfcmVxdWVzdHN%2BZGlzcGxheX5pbml0aWFsX3JlcXVlc3RfaWQ9PjIyMzM3Ng%3D%3D Page URL
  2. https://tsheets.intuit.com/page/login_oii Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://visit.tsheets.com/ls/click?upn=VPPml9HLNaLmKlPyGG-2FnjS0WtE7OSyvhcUNhUaj7U4WIO2EM6SxO5-2FoiLcGlXaY0ZgrbWbJykwsPJesG-2BfCEX-2F4g-2BLx-2FET9jS7ZZ6Qesydk6wzPa3kE2CHSrZc7TS5VqbHpJlFRRxqJ0Isp1ejxuP8f61yBDSTAeVRPdHADA6oHOF8mKNdK3D6ur6tGei82fPObA_3YGB4G0VQXKAC69TMXXycaQyEFWR-2BCpduLXxiiRIDJhb3510-2BD5Ym6-2BallisbtpO6T1NQtjmmTJjvHbjIrsCtnUL5JFOQ1bw4-2FRTFTFd1WYTDcXpZru4zX0zixgIrv9FkQkFqaC2r-2B1V-2Byfu2Nub0mfokqrvYPfCyioKtC-2BuO8TvhK9-2BE5PlAUlyg-2FWJGExq3RZXQQvv4DW1ZjMCqnkxmQ-3D-3D HTTP 302
  • https://tsheets.intuit.com/?show=~YWRkb25fdGltZV9vZmZfcmVxdWVzdHN%2BZGlzcGxheX5pbml0aWFsX3JlcXVlc3RfaWQ9PjIyMzM3Ng%3D%3D
Request Chain 59
  • https://sci.intuit.com/b/ss/intuitctoiux/1/H.26.2/s7959743890102?AQB=1&ndh=1&t=6%2F6%2F2021%2019%3A4%3A13%202%20-120&fid=33F86A8A6AE5CFD0-062C244270B27337&ce=UTF-8&ns=intuitinc&g=https%3A%2F%2Ftsheets.intuit.com%2Fpage%2Flogin_oii&r=https%3A%2F%2Ftsheets.intuit.com%2F%3Fshow%3D%7EYWRkb25fdGltZV9vZmZfcmVxdWVzdHN%252BZGlzcGxheX5pbml0aWFsX3JlcXVlc3RfaWQ9PjIyMzM3Ng%253D%253D&cc=USD&c6=D%3Dv6&v6=sign-in-widget-loaded&c9=D%3Dv9&v9=en-us&c11=D%3Dv11&v11=Intuit.qbshared.tsheets&c12=D%3Dv12&c13=D%3Dv13&c14=D%3Dv14&v14=v2-sign-in&c15=D%3Dv15&c16=D%3Dv16&v16=https%3A%2F%2Ftsheets.intuit.com%2Fpage%2Flogin_oii&c17=D%3Dv17&v17=https%3A%2F%2Ftsheets.intuit.com%2F%3Fshow%3D%7EYWRkb25fdGltZV9vZmZfcmVxdWVzdHN%252BZGlzcGxheX5pbml0aWFsX3JlcXVlc3RfaWQ9PjIyMzM3Ng%253D%253D&c19=D%3Dv19&v19=tmx_tag_obfuscation_cutover%3Aa&c24=D%3Dv24&v24=globalView%3Dfalse%7CidentifierFirst%3Dtrue%7CknownDevice%3Dfalse%7CtargetAAL%3D20&pe=lnk_o&pev2=sign-in-widget-loaded&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
  • https://sci.intuit.com/b/ss/intuitctoiux/1/H.26.2/s7959743890102?AQB=1&pccr=true&vidn=30724686DCE5A26A-600014C24FCFAEFA&ndh=1&t=6%2F6%2F2021%2019%3A4%3A13%202%20-120&fid=33F86A8A6AE5CFD0-062C244270B27337&ce=UTF-8&ns=intuitinc&g=https%3A%2F%2Ftsheets.intuit.com%2Fpage%2Flogin_oii&r=https%3A%2F%2Ftsheets.intuit.com%2F%3Fshow%3D%7EYWRkb25fdGltZV9vZmZfcmVxdWVzdHN%252BZGlzcGxheX5pbml0aWFsX3JlcXVlc3RfaWQ9PjIyMzM3Ng%253D%253D&cc=USD&c6=D%3Dv6&v6=sign-in-widget-loaded&c9=D%3Dv9&v9=en-us&c11=D%3Dv11&v11=Intuit.qbshared.tsheets&c12=D%3Dv12&c13=D%3Dv13&c14=D%3Dv14&v14=v2-sign-in&c15=D%3Dv15&c16=D%3Dv16&v16=https%3A%2F%2Ftsheets.intuit.com%2Fpage%2Flogin_oii&c17=D%3Dv17&v17=https%3A%2F%2Ftsheets.intuit.com%2F%3Fshow%3D%7EYWRkb25fdGltZV9vZmZfcmVxdWVzdHN%252BZGlzcGxheX5pbml0aWFsX3JlcXVlc3RfaWQ9PjIyMzM3Ng%253D%253D&c19=D%3Dv19&v19=tmx_tag_obfuscation_cutover%3Aa&c24=D%3Dv24&v24=globalView%3Dfalse%7CidentifierFirst%3Dtrue%7CknownDevice%3Dfalse%7CtargetAAL%3D20&pe=lnk_o&pev2=sign-in-widget-loaded&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
tsheets.intuit.com/
Redirect Chain
  • http://visit.tsheets.com/ls/click?upn=VPPml9HLNaLmKlPyGG-2FnjS0WtE7OSyvhcUNhUaj7U4WIO2EM6SxO5-2FoiLcGlXaY0ZgrbWbJykwsPJesG-2BfCEX-2F4g-2BLx-2FET9jS7ZZ6Qesydk6wzPa3kE2CHSrZc7TS5VqbHpJlFRRxqJ0Isp1ejx...
  • https://tsheets.intuit.com/?show=~YWRkb25fdGltZV9vZmZfcmVxdWVzdHN%2BZGlzcGxheX5pbml0aWFsX3JlcXVlc3RfaWQ9PjIyMzM3Ng%3D%3D
87 B
927 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tsheets.intuit.com/?show=~YWRkb25fdGltZV9vZmZfcmVxdWVzdHN%2BZGlzcGxheX5pbml0aWFsX3JlcXVlc3RfaWQ9PjIyMzM3Ng%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.81.9.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-9-204.us-west-2.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains
X-Frame-Options Deny

Request headers

Host
tsheets.intuit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Jul 2021 17:04:03 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
102
Server
Apache/2.4.25 (Debian)
Strict-Transport-Security
max-age=300; includeSubDomains
Set-Cookie
SESSION_ID=S%3A0%3AMC%24%24e502e2c1917df349ebdd8f7bd3f70ae5; path=/; domain=tsheets.intuit.com; secure; HttpOnly csrfv2=l33vBiHXwuvT.2LDQACh3JEHN.1625594643; expires=Thu, 05-Aug-2021 17:04:03 GMT; Max-Age=2592000; path=/; domain=tsheets.intuit.com; secure origin_tid=9607b055-39dd-4939-9f37-24d473a348f5; expires=Tue, 06-Jul-2021 17:09:03 GMT; Max-Age=300; path=/; domain=tsheets.intuit.com; secure; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
private, must-revalidate
Pragma
no-cache
X-Frame-Options
Deny
Content-Encoding
gzip
Vary
Accept-Encoding

Redirect headers

Server
nginx
Date
Tue, 06 Jul 2021 17:04:03 GMT
Content-Type
text/html; charset=utf-8
Content-Length
143
Connection
keep-alive
Location
https://tsheets.intuit.com/?show=~YWRkb25fdGltZV9vZmZfcmVxdWVzdHN%2BZGlzcGxheX5pbml0aWFsX3JlcXVlc3RfaWQ9PjIyMzM3Ng%3D%3D
X-Robots-Tag
noindex, nofollow
Primary Request Cookie set login_oii
tsheets.intuit.com/page/ 		15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tsheets.intuit.com/page/login_oii
Requested by
Host: tsheets.intuit.com
URL: https://tsheets.intuit.com/?show=~YWRkb25fdGltZV9vZmZfcmVxdWVzdHN%2BZGlzcGxheX5pbml0aWFsX3JlcXVlc3RfaWQ9PjIyMzM3Ng%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.81.9.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-9-204.us-west-2.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
d251ff14934540b2aa0ec0e0f995d29acf63d933aad3dfd39142ee44974c9633
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains
X-Frame-Options Deny

Request headers

Host
tsheets.intuit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://tsheets.intuit.com/?show=~YWRkb25fdGltZV9vZmZfcmVxdWVzdHN%2BZGlzcGxheX5pbml0aWFsX3JlcXVlc3RfaWQ9PjIyMzM3Ng%3D%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
SESSION_ID=S%3A0%3AMC%24%24e502e2c1917df349ebdd8f7bd3f70ae5; csrfv2=l33vBiHXwuvT.2LDQACh3JEHN.1625594643; origin_tid=9607b055-39dd-4939-9f37-24d473a348f5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tsheets.intuit.com/?show=~YWRkb25fdGltZV9vZmZfcmVxdWVzdHN%2BZGlzcGxheX5pbml0aWFsX3JlcXVlc3RfaWQ9PjIyMzM3Ng%3D%3D

Response headers

Date
Tue, 06 Jul 2021 17:04:04 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
4850
Server
Apache/2.4.25 (Debian)
Strict-Transport-Security
max-age=300; includeSubDomains
Set-Cookie
origin_tid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=tsheets.intuit.com; secure; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
private, must-revalidate
Pragma
no-cache
X-Frame-Options
Deny
Content-Encoding
gzip
Vary
Accept-Encoding
css.php
tsheets.intuit.com/ 		143 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tsheets.intuit.com/css.php
Requested by
Host: tsheets.intuit.com
URL: https://tsheets.intuit.com/page/login_oii
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.81.9.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-9-204.us-west-2.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
6ca5261e218c1c1da066c474ae34a1db2530819badfbd7b79c7e8dfd998e7b20
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
tsheets.intuit.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Cookie
SESSION_ID=S%3A0%3AMC%24%24e502e2c1917df349ebdd8f7bd3f70ae5; csrfv2=l33vBiHXwuvT.2LDQACh3JEHN.1625594643
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Jul 2021 17:04:04 GMT
Content-Encoding
gzip
Server
Apache/2.4.25 (Debian)
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
private, must-revalidate
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=300; includeSubDomains
Expires
Wed, 06 Jul 2022 23:44:04 GMT
js.php
tsheets.intuit.com/ 		2 MB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tsheets.intuit.com/js.php
Requested by
Host: tsheets.intuit.com
URL: https://tsheets.intuit.com/page/login_oii
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.81.9.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-9-204.us-west-2.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
dc1f3b3ac25b2732d747751af350c82bbe5a23506db735befebdebeb3ea64806
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
tsheets.intuit.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Cookie
SESSION_ID=S%3A0%3AMC%24%24e502e2c1917df349ebdd8f7bd3f70ae5; csrfv2=l33vBiHXwuvT.2LDQACh3JEHN.1625594643
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Jul 2021 17:04:04 GMT
Content-Encoding
gzip
Server
Apache/2.4.25 (Debian)
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, must-revalidate
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=300; includeSubDomains
Expires
Wed, 06 Jul 2022 23:44:04 GMT
ts_message_box.css
tsheets.intuit.com/css/ 		930 B
733 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tsheets.intuit.com/css/ts_message_box.css
Requested by
Host: tsheets.intuit.com
URL: https://tsheets.intuit.com/page/login_oii
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.81.9.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-9-204.us-west-2.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
b457b7c1a4a75dc8ff285dec03390f728ce41ee54ba4f4736cd61a18785770ee
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
tsheets.intuit.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Cookie
SESSION_ID=S%3A0%3AMC%24%24e502e2c1917df349ebdd8f7bd3f70ae5; csrfv2=l33vBiHXwuvT.2LDQACh3JEHN.1625594643
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Jul 2021 17:04:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Jul 2021 19:59:27 GMT
Server
Apache/2.4.25 (Debian)
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Strict-Transport-Security
max-age=300; includeSubDomains
Accept-Ranges
bytes
Content-Length
363
Expires
Wed, 06 Jul 2022 23:44:04 GMT
babel-polyfill-6.26.0.min.js
tsheets.intuit.com/include/js/ 		102 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tsheets.intuit.com/include/js/babel-polyfill-6.26.0.min.js
Requested by
Host: tsheets.intuit.com
URL: https://tsheets.intuit.com/page/login_oii
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.81.9.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-9-204.us-west-2.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
tsheets.intuit.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Cookie
SESSION_ID=S%3A0%3AMC%24%24e502e2c1917df349ebdd8f7bd3f70ae5; csrfv2=l33vBiHXwuvT.2LDQACh3JEHN.1625594643
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Jul 2021 17:04:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Jul 2021 19:59:28 GMT
Server
Apache/2.4.25 (Debian)
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private
Strict-Transport-Security
max-age=300; includeSubDomains
Accept-Ranges
bytes
Content-Length
34738
Expires
Wed, 06 Jul 2022 23:44:04 GMT
ius-core.js
accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ 		751 KB
210 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
Requested by
Host: tsheets.intuit.com
URL: https://tsheets.intuit.com/page/login_oii
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.250.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6cae8a0d2f9d1d465fc38ded4c383dbfdb5ac598b44a5464c933bb79f683cc67

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qBz8f9xfllMus5rOmafmG.86evHrGPrW
content-encoding
gzip
etag
"bc0e08a7ca5275f2117faefc87f484b8"
x-amz-meta-module
identity-authn-core-ui
x-akamai-pragma-client-ip
2.16.187.53, 18.196.119.136
x-amz-request-id
8XW5QD3CENZHGQ1D
x-amz-meta-version
1.162.2
x-amz-storage-class
INTELLIGENT_TIERING
access-control-max-age
86400
x-amz-meta-type
plugin
content-length
214038
x-amz-id-2
NNEI2jmtPpeT7p7kVKJqIt40R/5I+EE72Pc1egsv2YNg4oVDvhnYwgFTZms132gyBxOUuLtKzlw=
pragma
no-cache
last-modified
Wed, 30 Jun 2021 16:09:20 GMT
server
AmazonS3
date
Tue, 06 Jul 2021 17:04:04 GMT
x-serial
420
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=0, no-cache
x-amz-meta-slug
identity-authn-core-ui/1.162.2
x-akamai-ssl-client-sid
vRYZEO3IBd3WwLnVuhk25g==
accept-ranges
bytes
timing-allow-origin
*
x-amz-meta-id
identity-authn-core-ui
access-control-allow-credentials
false
expires
Tue, 06 Jul 2021 17:04:04 GMT
widgets
accounts.intuit.com/configuration/ 		150 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.intuit.com/configuration/widgets?offering_id=Intuit.qbshared.tsheets
Requested by
Host: tsheets.intuit.com
URL: https://tsheets.intuit.com/page/login_oii
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.250.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-17.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5d406ef498045a52244d272e3a87b6fa312483ffa081f3f740bd8754e6a7597b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jul 2021 17:04:05 GMT
server
nginx
vary
*
content-type
text/plain;charset=ISO-8859-1
cache-control
max-age=0, no-cache, no-store
content-length
150
expires
Tue, 06 Jul 2021 17:04:05 GMT
di.js
cdn.decibelinsight.net/i/13878/264967/ 		170 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.decibelinsight.net/i/13878/264967/di.js
Requested by
Host: tsheets.intuit.com
URL: https://tsheets.intuit.com/page/login_oii
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-15.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
a075f1a76af84bb76fd94a195b54d5e7d02fd9a18089a0d837cbdc1896bc2357
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 16:08:01 GMT
content-encoding
gzip
age
3364
x-cache
Hit from cloudfront
server
nginx
etag
W/000063641-17A7C9387EA
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
cache-control
private, max-age=7200
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
x-amz-cf-id
Nb74lWZQgG7vyjXA-qRfDmvFWUkMC7w6MAU8kGYD5CnVQkdJbgpPdg==
ius-base-reset-9aff3505.js
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-base-reset-9aff3505.js
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.250.224 Aubervilliers, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-250-224.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f17cf3404331cf4142f97dedeaabe99a1d8cd894abee2f102cc25e431f826fad

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ZcZczhvgxzZeekQDAS4K8p6lzi6dH_EQ
content-encoding
gzip
etag
"6c7d6b50bd5594f3480be0d786e4472f"
x-check-cacheable
YES
x-akamai-pragma-client-ip
10.20.243.45, 52.47.138.207
x-amz-request-id
MVNGHYQ4VDXWAKA7
x-amz-meta-version
1.159.1-apr.1410.b.2
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-meta-module
identity-authn-core-ui
x-amz-meta-type
plugin
vary
Accept-Encoding
content-length
4148
x-amz-id-2
vudhZSF1p89Hn2eYqAptaeY7YbO+Hss7OZeyB8wcU7EAO1/NxSBa6wwuThyqCD6p1iohP9dl0jI=
last-modified
Thu, 24 Jun 2021 22:43:24 GMT
server
AmazonS3
date
Tue, 06 Jul 2021 17:04:05 GMT
x-serial
4047
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556926, immutable
x-amz-meta-slug
identity-authn-core-ui/1.159.1-apr.1410.b.2
accept-ranges
bytes
timing-allow-origin
*
x-amz-meta-id
identity-authn-core-ui
access-control-allow-credentials
false
ius-base-e51b3b3c.js
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 		251 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-base-e51b3b3c.js
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.250.224 Aubervilliers, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-250-224.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6250cfb70ff4c463bea4ba23dd7f089b489945e468b5ca91ee9447df0a768a19

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
dio3hYxLifpVsf9sMngVyR3y109qD8T1
content-encoding
gzip
etag
"18aa08c13aee23f09a5f905432d424d7"
x-check-cacheable
YES
x-akamai-pragma-client-ip
10.20.243.45, 52.47.138.207
x-amz-request-id
SF0BA7129GSTK6PS
x-amz-meta-version
1.159.2-apr.1393.b.14
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-meta-module
identity-authn-core-ui
x-amz-meta-type
plugin
vary
Accept-Encoding
x-amz-id-2
KWzYtGy/zefkPZU6KzVhSZ5Mc7sbtTJexGtt114v8POa+ASxxfY9ehmSHCJBxb3EBH3xqejnHrM=
last-modified
Thu, 24 Jun 2021 22:56:31 GMT
server
AmazonS3
date
Tue, 06 Jul 2021 17:04:05 GMT
x-serial
4047
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556926, immutable
x-amz-meta-slug
identity-authn-core-ui/1.159.2-apr.1393.b.14
accept-ranges
bytes
timing-allow-origin
*
x-amz-meta-id
identity-authn-core-ui
access-control-allow-credentials
false
ius-widget-header-footer-8a46572d.js
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-widget-header-footer-8a46572d.js
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.250.224 Aubervilliers, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-250-224.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1b9d7193ef73e6d9b8724e30b3962afab7277c4fe7bb72c2f20429adf656a00b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
mexL4tr_lvm5TSx7c9SY4Fh.X.6EUwnu
content-encoding
gzip
etag
"6f00339cb6e6f49d070ead06cc3509c9"
x-check-cacheable
YES
x-akamai-pragma-client-ip
10.20.243.45, 52.47.138.207
x-amz-request-id
MVNK8M6XMPJET7H3
x-amz-meta-version
1.159.1-apr.1410.b.2
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-meta-module
identity-authn-core-ui
x-amz-meta-type
plugin
vary
Accept-Encoding
content-length
2404
x-amz-id-2
7JIOw3xPYEVN91ZKxs0zeJdoxDVF+xgl5k9FXFyu3ATggigwGzZoPK8NEmsaopjXdr8PutH6NPw=
last-modified
Thu, 24 Jun 2021 22:43:25 GMT
server
AmazonS3
date
Tue, 06 Jul 2021 17:04:05 GMT
x-serial
4047
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556926, immutable
x-amz-meta-slug
identity-authn-core-ui/1.159.1-apr.1410.b.2
accept-ranges
bytes
timing-allow-origin
*
x-amz-meta-id
identity-authn-core-ui
access-control-allow-credentials
false
xdr.html
accounts.intuit.com/ Frame 48C8 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.intuit.com/xdr.html?v2=true&corsEnabled&tests=ius_session
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.250.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-17.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1b9eee5ddb201ea4ef89ffb26b836696b04f779ee832fa6cd6c0179b8ce6f673
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
accounts.intuit.com
:scheme
https
:path
/xdr.html?v2=true&corsEnabled&tests=ius_session
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html;charset=UTF-8
server
nginx
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache no-store
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow, noarchive, nosnippet, noimageindex, notranslate
content-language
en-US
vary
Accept-Encoding
content-encoding
gzip
date
Tue, 06 Jul 2021 17:04:05 GMT
content-length
1851
set-cookie
ius_session=03CCE676B38D42E9AC81FEB4F476F9E8; Domain=intuit.com; Path=/; Secure
ius-style-canary-8c85b6bb.js
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-style-canary-8c85b6bb.js
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.250.224 Aubervilliers, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-250-224.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ff9e3600a8ffbb66ddd3da50be38f2d87bbdd89e06936a5b5e677c06f57238db

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eeTj73FKVeOSyXdqVdza.gPG0ppuqXS5
content-encoding
gzip
etag
"dc7361ee4529f75ff58839203d9352d6"
x-check-cacheable
YES
x-akamai-pragma-client-ip
10.20.243.45, 52.47.138.207
x-amz-request-id
XXQY23VP1ZHXR6XS
x-amz-meta-version
1.159.1-apr.1410.b.1
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-meta-module
identity-authn-core-ui
x-amz-meta-type
plugin
vary
Accept-Encoding
content-length
1847
x-amz-id-2
aQE8R7X3UJbsixAlKd5TI1+Nhe7NZbqt49yJs1FktiPxUgdc/ZEt2HtT6ZlQN6PDuSrWPxkQSE8=
last-modified
Thu, 24 Jun 2021 22:19:31 GMT
server
AmazonS3
date
Tue, 06 Jul 2021 17:04:05 GMT
x-serial
4047
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556926, immutable
x-amz-meta-slug
identity-authn-core-ui/1.159.1-apr.1410.b.1
accept-ranges
bytes
timing-allow-origin
*
x-amz-meta-id
identity-authn-core-ui
access-control-allow-credentials
false
ius-hostedui-base-ecosystem-d56c3fa8.js
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-hostedui-base-ecosystem-d56c3fa8.js
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.250.224 Aubervilliers, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-250-224.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1fc96431d628ef309a88d59ab494875c55c5f3733d08ac37e75623fbc4a337d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
NfngL1i2BYB4RjMxzcN9w0vWp_JCMVf.
content-encoding
gzip
etag
"a43913b30f3bf6666412d210b07a4844"
x-check-cacheable
YES
x-akamai-pragma-client-ip
10.20.243.45, 52.47.138.207
x-amz-request-id
XHR96092P95DHXH1
x-amz-meta-version
1.159.1-apr.1410.b.1
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-meta-module
identity-authn-core-ui
x-amz-meta-type
plugin
vary
Accept-Encoding
content-length
6865
x-amz-id-2
IpTxaUYNA66FHroD3Wwfpy442piOYoa4HyBpxbH0ejvWWLEUs+wQjRSECsnw0EkYEuB4CAz6oas=
last-modified
Thu, 24 Jun 2021 22:19:30 GMT
server
AmazonS3
date
Tue, 06 Jul 2021 17:04:05 GMT
x-serial
4047
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556926, immutable
x-amz-meta-slug
identity-authn-core-ui/1.159.1-apr.1410.b.1
accept-ranges
bytes
timing-allow-origin
*
x-amz-meta-id
identity-authn-core-ui
access-control-allow-credentials
false
ius-base-theme-intuit-ecosystem-f4cbadec.js
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-base-theme-intuit-ecosystem-f4cbadec.js
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.250.224 Aubervilliers, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-250-224.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7d8b56c84b1110d18df5f0514be0300330085dc2c4b9257ec1a8423f0ba6736a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
5jgZAzj.1ajMo4P76U1fS_L159os8X1l
content-encoding
gzip
etag
"8c6cc3976dcf928b0d8cc071471e8c6c"
x-check-cacheable
YES
x-akamai-pragma-client-ip
10.20.243.45, 52.47.138.207
x-amz-request-id
XHR7T6RJFHFF8E7B
x-amz-meta-version
1.159.1-apr.1410.b.1
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-meta-module
identity-authn-core-ui
x-amz-meta-type
plugin
vary
Accept-Encoding
content-length
12021
x-amz-id-2
utBfiOLaj5zpSpqC+P82WRsKoZtzvVN9jqFBh+dY7b9EgnQ2F0guuxkbyIoTYJt2MOdcQuXl6vA=
last-modified
Thu, 24 Jun 2021 22:19:29 GMT
server
AmazonS3
date
Tue, 06 Jul 2021 17:04:05 GMT
x-serial
4047
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556926, immutable
x-amz-meta-slug
identity-authn-core-ui/1.159.1-apr.1410.b.1
accept-ranges
bytes
timing-allow-origin
*
x-amz-meta-id
identity-authn-core-ui
access-control-allow-credentials
false
ius-base-widget-header-footer-intuit-ecosystem-e954e241.js
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 		64 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-base-widget-header-footer-intuit-ecosystem-e954e241.js
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.250.224 Aubervilliers, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-250-224.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9f2baa7e80d21eadaae94a2d6ac66c139b5f93230ee5d559f6ef9520283ec868

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Va7hOJCJGVdaoEhVivVz2xXssqdk1N70
content-encoding
gzip
etag
"befb3d4b71958b474275679d8f1856b2"
x-check-cacheable
YES
x-akamai-pragma-client-ip
10.20.243.45, 52.47.138.207
x-amz-request-id
AD6FWN3TGGQXRCF9
x-amz-meta-version
1.159.1-apr.1410.b.1
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-meta-module
identity-authn-core-ui
x-amz-meta-type
plugin
vary
Accept-Encoding
content-length
25413
x-amz-id-2
c4756x0X9ThGSmwCL7+UtoxSwGWFJVvTTN5/shVo2Yua3lHBr1e1fNbUcNDXEHxlfPxnprrk4Fc=
last-modified
Thu, 24 Jun 2021 22:19:29 GMT
server
AmazonS3
date
Tue, 06 Jul 2021 17:04:05 GMT
x-serial
4047
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556926, immutable
x-amz-meta-slug
identity-authn-core-ui/1.159.1-apr.1410.b.1
accept-ranges
bytes
timing-allow-origin
*
x-amz-meta-id
identity-authn-core-ui
access-control-allow-credentials
false
ius-widget-header-footer-intuit-ecosystem-default-fa44371c.js
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-widget-header-footer-intuit-ecosystem-default-fa44371c.js
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.250.224 Aubervilliers, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-250-224.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
785b96448e3c19cb9f0015fd3379718159c8fbcc31e8a47c111688c8f52f9f6c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
MolCqMzXtlno04l0_7dn8py.SWv3tyoT
content-encoding
gzip
etag
"fb511a10507806a9a21924adcd40269d"
x-check-cacheable
YES
x-akamai-pragma-client-ip
10.20.243.45, 52.47.138.207
x-amz-request-id
AD67REVRD9D34F5S
x-amz-meta-version
1.159.1-apr.1410.b.1
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-meta-module
identity-authn-core-ui
x-amz-meta-type
plugin
vary
Accept-Encoding
content-length
1986
x-amz-id-2
WFSjc6SH0Q9eC2lAzVPfhCA0YPRfktW1o+xyfNSZ0EQdGVj2s7Ny9JFhX+n2oTld2Cx85M3kakw=
last-modified
Thu, 24 Jun 2021 22:19:31 GMT
server
AmazonS3
date
Tue, 06 Jul 2021 17:04:05 GMT
x-serial
4047
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556926, immutable
x-amz-meta-slug
identity-authn-core-ui/1.159.1-apr.1410.b.1
accept-ranges
bytes
timing-allow-origin
*
x-amz-meta-id
identity-authn-core-ui
access-control-allow-credentials
false
common-v1.6.10.css
buildassets.tsheets.com/tsheets-frontend-library-common/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buildassets.tsheets.com/tsheets-frontend-library-common/common-v1.6.10.css
Requested by
Host: tsheets.intuit.com
URL: https://tsheets.intuit.com/js.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b400:8:5d53:c240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c780bb4a8c5bae139b5fd19171ceb234e7f25bd6dba6d7afead96cce5fecf2e9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 05:47:03 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 20:23:35 GMT
server
AmazonS3
age
40623
etag
W/"b6be5554111b68e58fb818f5149b4af5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
wUg-c1XFtcDQ_JX4qTvcPAo9n3-phpVdvZ0GXtsqObCoaYuVJekIyw==
common-v1.6.10.js
buildassets.tsheets.com/tsheets-frontend-library-common/ 		688 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buildassets.tsheets.com/tsheets-frontend-library-common/common-v1.6.10.js
Requested by
Host: tsheets.intuit.com
URL: https://tsheets.intuit.com/js.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b400:8:5d53:c240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c550b8ec11638f35123bb8c0d85029aef9043e6577d6bf4f9625d95697f539c4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Jul 2021 23:23:04 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 20:23:35 GMT
server
AmazonS3
age
63662
etag
W/"a0e654ab23a3f8fcdc8be40d6cf2a3d0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
qQq-3I-JbKtIrsSoq8PbnkSbQfAlRKVgaDUYmXHhwTFSVhrwxeoBiw==
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
oii-v2.41.0.js
buildassets.tsheets.com/tsheets-frontend-app-oii/ 		463 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buildassets.tsheets.com/tsheets-frontend-app-oii/oii-v2.41.0.js
Requested by
Host: tsheets.intuit.com
URL: https://tsheets.intuit.com/js.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b400:8:5d53:c240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16d3ed349b984e936be3a908f6ac4ae78d70a1f057a6c9bb51c4a263a109361a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 13:08:29 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 00:01:29 GMT
server
AmazonS3
age
186937
etag
"5eb7103689d43b8011d27e57b28914e6"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, immutable, max-age=259200
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
136954
x-amz-cf-id
IqEZNmuG2s_TulJQQPp-BjIEoIARYIHhjY0HG8N19F6bczFto_LDMw==
ClearSans-Regular.woff
tsheets.intuit.com/include/fonts/ 		128 KB
128 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tsheets.intuit.com/include/fonts/ClearSans-Regular.woff
Requested by
Host: tsheets.intuit.com
URL: https://tsheets.intuit.com/css.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.81.9.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-9-204.us-west-2.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
d4fe9aaa99bae15c3c5a8f13ff68bfea4bb63c488962c4a0d4fdff717884553c
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://tsheets.intuit.com
Accept-Encoding
gzip, deflate, br
Host
tsheets.intuit.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://tsheets.intuit.com/css.php
Cookie
SESSION_ID=S%3A0%3AMC%24%24e502e2c1917df349ebdd8f7bd3f70ae5; csrfv2=l33vBiHXwuvT.2LDQACh3JEHN.1625594643
Connection
keep-alive
Origin
https://tsheets.intuit.com
Referer
https://tsheets.intuit.com/css.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Jul 2021 17:04:05 GMT
Last-Modified
Fri, 02 Jul 2021 19:59:28 GMT
Server
Apache/2.4.25 (Debian)
Strict-Transport-Security
max-age=300; includeSubDomains
Content-Type
application/font-woff
Cache-Control
public
Accept-Ranges
bytes
Content-Length
130846
Expires
Tue, 06 Jul 2021 17:04:10 GMT
ajax
tsheets.intuit.com/ Frame 045E 		59 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tsheets.intuit.com/ajax?xdm_e=https%3A%2F%2Ftsheets.intuit.com%2Fpage%2Flogin_oii&xdm_c=default554&xdm_p=4
Requested by
Host: tsheets.intuit.com
URL: https://tsheets.intuit.com/js.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.81.9.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-9-204.us-west-2.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
d8ef933f6d5e383b20e118da4e7cccd51a03e7b2405d03cf616a9d58a65d18b1
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.intuit.com *.tsheets.com *.tsheets-dev.com
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Host
tsheets.intuit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
SESSION_ID=S%3A0%3AMC%24%24e502e2c1917df349ebdd8f7bd3f70ae5; csrfv2=l33vBiHXwuvT.2LDQACh3JEHN.1625594643
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Jul 2021 17:04:05 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Server
Apache/2.4.25 (Debian)
Strict-Transport-Security
max-age=300; includeSubDomains
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
private, must-revalidate
Pragma
no-cache
Content-Security-Policy
frame-ancestors *.intuit.com *.tsheets.com *.tsheets-dev.com
Content-Encoding
gzip
Vary
Accept-Encoding
ius.xdr.min.js
accounts.intuit.com/scripts/ Frame 48C8 		112 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.intuit.com/scripts/ius.xdr.min.js?v=1.70.0.356
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/xdr.html?v2=true&corsEnabled&tests=ius_session
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.250.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-17.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
60d119357a6569748336a4b86f35eaa287d4b6bc507b6c583425e12a35c3c04a

Request headers

Referer
https://accounts.intuit.com/xdr.html?v2=true&corsEnabled&tests=ius_session
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 17:04:06 GMT
content-encoding
gzip
last-modified
Tue, 06 Jul 2021 12:29:39 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=162642
accept-ranges
bytes
content-length
40717
expires
Thu, 08 Jul 2021 14:14:48 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: buildassets.tsheets.com
URL: https://buildassets.tsheets.com/tsheets-frontend-app-oii/oii-v2.41.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
5901
date
Tue, 06 Jul 2021 15:25:45 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Tue, 06 Jul 2021 17:25:45 GMT
Cookie set tags
pf.intuit.com/fp/ Frame D5AD 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pf.intuit.com/fp/tags?js=1&org_id=v60nf4oj&session_id=03CCE676B38D42E9AC81FEB4F476F9E8&page_id=2&pageid=2
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/xdr.html?v2=true&corsEnabled&tests=ius_session
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.92 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
7f0c2763b1b34efa49ebb419e3a878339809639fff966b04f8d11eb6292890f3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' https://*.online-metrix.net ; script-src 'self' 'unsafe-inline' https://*.online-metrix.net ; style-src 'self' 'unsafe-inline'; img-src 'self' https://*.online-metrix.net; connect-src 'self' wss://127.0.0.1:*; worker-src blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
pf.intuit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://accounts.intuit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ius_session=03CCE676B38D42E9AC81FEB4F476F9E8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://accounts.intuit.com/

Response headers

Date
Tue, 06 Jul 2021 17:04:06 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src 'self'; frame-src 'self' https://*.online-metrix.net ; script-src 'self' 'unsafe-inline' https://*.online-metrix.net ; style-src 'self' 'unsafe-inline'; img-src 'self' https://*.online-metrix.net; connect-src 'self' wss://127.0.0.1:*; worker-src blob:
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie
thx_guid=019d7d8f5fbb4307aaae3b68ea601fbe; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure; SameSite=None;
P3P
CP=IVAa PSAa
X-UA-Compatible
IE=Edge
Content-Type
text/html;charset=UTF-8
Content-Language
en-US
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
676
Keep-Alive
timeout=2, max=100
ividFrame.html
accounts.intuit.com/ Frame AB35 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.intuit.com/ividFrame.html?samesite_support=true
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.250.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-17.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0d2ab7896bc22a031f1e00b88e6c3980831256606bc1d46801944944e24f4719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
accounts.intuit.com
:scheme
https
:path
/ividFrame.html?samesite_support=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ius_session=03CCE676B38D42E9AC81FEB4F476F9E8; ivid_b=25f5832f-ebe2-4996-9592-a0e4b98de055; websdk_swiper_flags=first_sc_hit%2Cwait_for_sc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html;charset=UTF-8
server
nginx
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache no-store
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow, noarchive, nosnippet, noimageindex, notranslate
content-language
en-US
vary
Accept-Encoding
content-encoding
gzip
date
Tue, 06 Jul 2021 17:04:06 GMT
content-length
1471
set-cookie
ivid=901ad6b3-00ab-4c41-a029-fe595a1530d5; path=/; domain=intuit.com; max-age=157680000; secure; samesite=none ivid_b=25f5832f-ebe2-4996-9592-a0e4b98de055; path=/; domain=intuit.com; max-age=157680000; secure; samesite=none
ius-account-recovery-widget~ius-email-confirmation-widget~ius-idp-consent-flow-widget~ius-sign-in-wi~5c14c9bc-471f73da.js
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-account-recovery-widget~ius-email-confirmation-widget~ius-idp-consent-flow-widget~ius-sign-in-wi~5c14c9bc-471f73da.js
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.250.224 Aubervilliers, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-250-224.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fab1f3f5afc35c2d8d2f952a9756a0e8d03801148561e74555bf7d026d5f4cf3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
TE8KR0hVGMTGhI9LTT4NFOZHtWYgW7yM
content-encoding
gzip
etag
"804c37a8fff4c121ff45924289810c78"
x-check-cacheable
YES
x-akamai-pragma-client-ip
10.20.243.45, 52.47.138.207
x-amz-request-id
GR3A3GTJSRP4SG08
x-amz-meta-version
1.160.1-apr.1401.b.4
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-meta-module
identity-authn-core-ui
x-amz-meta-type
plugin
vary
Accept-Encoding
content-length
4860
x-amz-id-2
Bz+FnOOXhTDa06Iex5yI74kfV8KE5HsQZd5bYrJqFRNi4UQkL6VtqMshWBLwUmjrIQCxl1Xy7TA=
last-modified
Fri, 25 Jun 2021 02:52:58 GMT
server
AmazonS3
date
Tue, 06 Jul 2021 17:04:06 GMT
x-serial
4047
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556926, immutable
x-amz-meta-slug
identity-authn-core-ui/1.160.1-apr.1401.b.4
accept-ranges
bytes
timing-allow-origin
*
x-amz-meta-id
identity-authn-core-ui
access-control-allow-credentials
false
ius-sign-in-widget-c64220eb.js
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 		305 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-sign-in-widget-c64220eb.js
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.250.224 Aubervilliers, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-250-224.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ac20ed6a321d03f2709446eee7e081c5c9dd3844e1f8df595f888283b3185907

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
2Z5ORFjUBSiQp.tLKAW4TTjsTTYLSySK
content-encoding
gzip
etag
"8abd36e104a5addd93c9073d1a7da3ba"
x-check-cacheable
YES
x-akamai-pragma-client-ip
10.20.243.45, 52.47.138.207
x-amz-request-id
GR3D3Q0EV6P2Z7EG
x-amz-meta-version
1.160.1-apr.1401.b.4
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-meta-module
identity-authn-core-ui
x-amz-meta-type
plugin
vary
Accept-Encoding
x-amz-id-2
YY0AF5Ps7YJffKVgkxAVKnZZZaZc0qcSuZcridLSb3ZCn53I+oRTAXX6+ptliSKh2/t6mhGNt/s=
last-modified
Fri, 25 Jun 2021 02:52:59 GMT
server
AmazonS3
date
Tue, 06 Jul 2021 17:04:06 GMT
x-serial
4047
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556926, immutable
x-amz-meta-slug
identity-authn-core-ui/1.160.1-apr.1401.b.4
accept-ranges
bytes
timing-allow-origin
*
x-amz-meta-id
identity-authn-core-ui
access-control-allow-credentials
false
ius-sign-in-layout-1e99092a.js
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-sign-in-layout-1e99092a.js
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.250.224 Aubervilliers, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-250-224.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0e68a4e49cffc89f8affcd1213dcf5bf379f016599e34465ba81c4bd9ecb43c1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
6muKIra8DgiFEa01dVIlGC_61xOZoW7v
content-encoding
gzip
etag
"500f9d317ab73333e598b2c8e4eab0b7"
x-check-cacheable
YES
x-akamai-pragma-client-ip
10.20.243.45, 52.47.138.207
x-amz-request-id
2K6FEC7RKJ0HAVD8
x-amz-meta-version
1.159.1-apr.1410.b.2
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-meta-module
identity-authn-core-ui
x-amz-meta-type
plugin
vary
Accept-Encoding
content-length
2831
x-amz-id-2
TbB2ay9cCP6j9YXW0DeD86gP/PBs1AHxSj/9R3IIby9k0ZfgV5WDQQao3X51g0Du2bAwMgZqhgo=
last-modified
Thu, 24 Jun 2021 22:43:25 GMT
server
AmazonS3
date
Tue, 06 Jul 2021 17:04:06 GMT
x-serial
4047
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556926, immutable
x-amz-meta-slug
identity-authn-core-ui/1.159.1-apr.1410.b.2
accept-ranges
bytes
timing-allow-origin
*
x-amz-meta-id
identity-authn-core-ui
access-control-allow-credentials
false
ius-sign-in-theme-f86c1203.js
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-sign-in-theme-f86c1203.js
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.250.224 Aubervilliers, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-250-224.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ac60a533b77b9c17f5c039ac84326ceb2890a3fe53166a1cb6de7fe7628032f1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
PbwhzqcTjo3m7cCuT2SRL8nGMvvnikij
content-encoding
gzip
etag
"51891a471493a82625d6f979bf4ecb0d"
x-check-cacheable
YES
x-akamai-pragma-client-ip
10.20.243.45, 52.47.138.207
x-amz-request-id
F3AYXZHM4BS18TRS
x-amz-meta-version
1.159.1-apr.1410.b.1
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-meta-module
identity-authn-core-ui
x-amz-meta-type
plugin
vary
Accept-Encoding
content-length
1997
x-amz-id-2
zPw+2OeqU5Bcvj8GeHi6/nNfAnNFRxboNLj3g4RDqVM6vtyJKb1aKeLeevqaiXI/ko8WpZwhtQs=
last-modified
Thu, 24 Jun 2021 22:19:30 GMT
server
AmazonS3
date
Tue, 06 Jul 2021 17:04:06 GMT
x-serial
4047
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556926, immutable
x-amz-meta-slug
identity-authn-core-ui/1.159.1-apr.1410.b.1
accept-ranges
bytes
timing-allow-origin
*
x-amz-meta-id
identity-authn-core-ui
access-control-allow-credentials
false
publisher:getClientId
ampcid.google.com/v1/ 		74 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jul 2021 17:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://tsheets.intuit.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
ajax
tsheets.intuit.com/ Frame 045E 		111 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tsheets.intuit.com/ajax
Requested by
Host: tsheets.intuit.com
URL: https://tsheets.intuit.com/ajax?xdm_e=https%3A%2F%2Ftsheets.intuit.com%2Fpage%2Flogin_oii&xdm_c=default554&xdm_p=4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.81.9.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-9-204.us-west-2.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
39e0c9c782944cb26ff4894ec622713bfc35ab7b54949089258453194f2b5fa2
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.intuit.com *.tsheets.com *.tsheets-dev.com
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Sec-Fetch-Mode
cors
Origin
https://tsheets.intuit.com
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
empty
Cookie
SESSION_ID=S%3A0%3AMC%24%24e502e2c1917df349ebdd8f7bd3f70ae5; csrfv2=l33vBiHXwuvT.2LDQACh3JEHN.1625594643; ius_session=03CCE676B38D42E9AC81FEB4F476F9E8; ivid_b=25f5832f-ebe2-4996-9592-a0e4b98de055; websdk_swiper_flags=first_sc_hit%2Cwait_for_sc; AMP_TOKEN=%24RETRIEVING
Connection
keep-alive
X-CSRF
l33vBiHXwuvT.2LDQACh3JEHN.1625594643
Content-Length
147
Pragma
no-cache
Method
POST https://tsheets.intuit.com/ajax HTTP/1.1
Host
tsheets.intuit.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
https://tsheets.intuit.com/ajax?xdm_e=https%3A%2F%2Ftsheets.intuit.com%2Fpage%2Flogin_oii&xdm_c=default554&xdm_p=4
Sec-Fetch-Site
same-origin
Referer
https://tsheets.intuit.com/ajax?xdm_e=https%3A%2F%2Ftsheets.intuit.com%2Fpage%2Flogin_oii&xdm_c=default554&xdm_p=4
Method
POST https://tsheets.intuit.com/ajax HTTP/1.1
X-CSRF
l33vBiHXwuvT.2LDQACh3JEHN.1625594643
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 06 Jul 2021 17:04:06 GMT
Content-Encoding
gzip
Server
Apache/2.4.25 (Debian)
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Cache-Control
private, must-revalidate
Content-Security-Policy
frame-ancestors *.intuit.com *.tsheets.com *.tsheets-dev.com
Strict-Transport-Security
max-age=300; includeSubDomains
Content-Length
111
Expires
Thu, 19 Nov 1981 08:52:00 GMT
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1be7216236e82280d0e3f4fdf5040971e8307343082d91dc3886e387771f9285

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
avenir-400.woff2
lib.intuitcdn.net/fonts/AvenirNext/1.0/en/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lib.intuitcdn.net/fonts/AvenirNext/1.0/en/avenir-400.woff2
Requested by
Host: tsheets.intuit.com
URL: https://tsheets.intuit.com/page/login_oii
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.134.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-134-81.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c8278b56794c389919d388951c5fa4dc07a388e16eb7055d675b0b916acc70e5

Request headers

Origin
https://tsheets.intuit.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
x-amz-version-id
OPFtBDNalSyCWO.bICfmOdfRCPsnPceN
last-modified
Thu, 29 Apr 2021 20:42:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"90295f3e1a1560ea86e77cb757adba59"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
date
Tue, 06 Jul 2021 17:04:06 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, DNT
content-length
8728
x-amz-cf-id
qrfy0cxSdoMAROdI_IwxDZrZJ9EIhs8lSJkBbNHYzz9qHEzdd12vVg==
ius-mfa-widget-35de6c69.js
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 		125 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-mfa-widget-35de6c69.js
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.250.224 Aubervilliers, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-250-224.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9b30eaa4a59b9dfbd4a7713a0db892731fe7ba63830ea448835da2ab0ecf476d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
zd91C.KeKpPCLEk37fit2We2EGmolHB7
content-encoding
gzip
etag
"61cb26510941865e6651848bc9edf03d"
x-amz-meta-module
identity-authn-core-ui
x-amz-request-id
Z0AZTGKQ081VA8BM
x-amz-meta-version
1.160.1-apr.1401.b.4
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-meta-type
plugin
vary
Accept-Encoding
content-length
31003
x-amz-id-2
CuL/PfX4QSnUs8fh9JpqdSEFar7jyu/AquoGTU4hWwnqJnphGKpI8hU6zOFNm+/fWDefBf7cQp4=
last-modified
Fri, 25 Jun 2021 02:52:59 GMT
server
AmazonS3
date
Tue, 06 Jul 2021 17:04:06 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556926, immutable
x-amz-meta-slug
identity-authn-core-ui/1.160.1-apr.1401.b.4
accept-ranges
bytes
timing-allow-origin
*
x-amz-meta-id
identity-authn-core-ui
access-control-allow-credentials
false
fe_logger
accounts.intuit.com/ 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.intuit.com/fe_logger?context=%7B%22offeringId%22%3A%22Intuit.qbshared.tsheets%22%2C%22releaseVersion%22%3A%221.162.2%22%2C%22usesEnsighten%22%3Afalse%2C%22usesTealium%22%3Afalse%2C%22browser%22%3A%22Chrome%2089%22%2C%22caller%22%3A%22coreui%22%2C%22type%22%3A%22default%22%2C%22tests%22%3A%22tmx_tag_obfuscation_cutover%3Aa%22%7D&logs=%5B%7B%22message%22%3A%22time%3D198%2Cpreloaded%3Dfalse%2Cconnection_downlink%3D9.3%2Cconnection_effectiveType%3D4g%22%2C%22name%22%3A%22ius_core_js_download_time%22%2C%22level%22%3A%22INFO%22%7D%2C%7B%22message%22%3A%22time%3D1979%2Cpreloaded%3Dfalse%2Cconnection_downlink%3D9.3%2Cconnection_effectiveType%3D4g%22%2C%22name%22%3A%22ius_core_js_navigation_to_first_paint_time%22%2C%22level%22%3A%22INFO%22%2C%22fileName%22%3A%22ius-sign-in-widget.js%22%7D%2C%7B%22message%22%3A%22time%3D1593%2Cpreloaded%3Dfalse%2Cconnection_downlink%3D9.3%2Cconnection_effectiveType%3D4g%22%2C%22name%22%3A%22ius_core_js_download_to_first_paint_time%22%2C%22level%22%3A%22INFO%22%2C%22fileName%22%3A%22ius-sign-in-widget.js%22%7D%2C%7B%22message%22%3A%22nonhosted%20%20ius_nav_start_to_render_time%3D1979%20connection_downlink%3D9.3%2Cconnection_effectiveType%3D4g%20ius_all_cookies_size%3D207%20cp_setup%3D1921%2Ccp_chunksStart%3D1926%2Ccp_chunksDone%3D1970%2Ccp_v2Setup%3D1973%2Ccp_init%3D1974%20%20ius_core_js_download_time%3D198%20ius_internal_time_to_interact%3D54%22%2C%22level%22%3A%22INFO%22%2C%22fileName%22%3A%22ius-sign-in-widget.js%22%7D%2C%7B%22message%22%3A%22time%3D1994%2Cpreloaded%3Dfalse%2Cconnection_downlink%3D9.3%2Cconnection_effectiveType%3D4g%22%2C%22name%22%3A%22ius_core_js_navigation_to_interactive_time%22%2C%22level%22%3A%22INFO%22%2C%22fileName%22%3A%22ius-sign-in-widget.js%22%7D%2C%7B%22message%22%3A%22time%3D1608%2Cpreloaded%3Dfalse%2Cconnection_downlink%3D9.3%2Cconnection_effectiveType%3D4g%22%2C%22name%22%3A%22ius_core_js_download_to_interactive_time%22%2C%22level%22%3A%22INFO%22%2C%22fileName%22%3A%22ius-sign-in-widget.js%22%7D%5D&callback=jsonp_1625591046217_87633
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.250.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-17.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 17:04:06 GMT
server
nginx
intuit_tid
4848f467-5e6d-4a9b-a19f-6bd7fb6aac7f
content-length
0
content-type
application/json;charset=ISO-8859-1
publisher:getClientId
ampcid.google.de/v1/ 		3 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jul 2021 17:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://tsheets.intuit.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
truncated
/ 		615 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d263be0a8e7a793360e69d0d799493552b80192f13bbe9edb0021f2732f0f00c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		679 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbc51286b2e25cd77fe6bf4fe18cbc14d68bfd1518fd55d2535357a63818f4d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
avenir-700.woff2
lib.intuitcdn.net/fonts/AvenirNext/1.0/en/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lib.intuitcdn.net/fonts/AvenirNext/1.0/en/avenir-700.woff2
Requested by
Host: tsheets.intuit.com
URL: https://tsheets.intuit.com/page/login_oii
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.134.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-134-81.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f76664b1313cdfbbf1aeddd340deb2f070ff993bda8bba26395da7a8af6af6fd

Request headers

Origin
https://tsheets.intuit.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
x-amz-version-id
GOZL0ttmTHJ9_x85IqGbIZ6IDhIMotAv
last-modified
Sun, 02 May 2021 02:19:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"084683345d2181ed6e752a2d70eacf04"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
date
Tue, 06 Jul 2021 17:04:06 GMT
x-amz-replication-status
PENDING
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, DNT
content-length
9148
x-amz-cf-id
rS8DyEolBR8Z7BkHYjJnhir_ux85MwS53vA6fEHmq9P220d6Kk01AQ==
js
www.google-analytics.com/gtm/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-WTF6H96&cid=278640807.1625591046
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5ffa3aac51a6269b294f0ad5c8222c274475637e54916ab6e8714ee9f48922cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 17:04:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36392
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Jul 2021 17:04:06 GMT
check.js;CIS3SID=828AD83B72ECB5F00918389055ECB6F7
pf.intuit.com/fp/ Frame D5AD 		232 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pf.intuit.com/fp/check.js;CIS3SID=828AD83B72ECB5F00918389055ECB6F7?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2
Requested by
Host: pf.intuit.com
URL: https://pf.intuit.com/fp/tags?js=1&org_id=v60nf4oj&session_id=03CCE676B38D42E9AC81FEB4F476F9E8&page_id=2&pageid=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.92 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
8c7f7da38738d2d88a2482cdeae481930c15df61a70f66ba460c46ba4192979e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pf.intuit.com/fp/tags?js=1&org_id=v60nf4oj&session_id=03CCE676B38D42E9AC81FEB4F476F9E8&page_id=2&pageid=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jul 2021 17:04:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
tmx-nonce
393b18bb2672a089
Connection
Keep-Alive, Keep-Alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=2, max=99
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
pf.intuit.com/fp/ Frame D5AD 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pf.intuit.com/fp/clear.png?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2&ck=0&m=2
Requested by
Host: pf.intuit.com
URL: https://pf.intuit.com/fp/tags?js=1&org_id=v60nf4oj&session_id=03CCE676B38D42E9AC81FEB4F476F9E8&page_id=2&pageid=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.92 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pf.intuit.com/fp/tags?js=1&org_id=v60nf4oj&session_id=03CCE676B38D42E9AC81FEB4F476F9E8&page_id=2&pageid=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jul 2021 17:04:06 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
pf.intuit.com/fp/ Frame D5AD 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pf.intuit.com/fp/clear.png?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2&w=393b18bb2672a089&ck=0&m=1
Requested by
Host: pf.intuit.com
URL: https://pf.intuit.com/fp/tags?js=1&org_id=v60nf4oj&session_id=03CCE676B38D42E9AC81FEB4F476F9E8&page_id=2&pageid=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.92 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pf.intuit.com/fp/tags?js=1&org_id=v60nf4oj&session_id=03CCE676B38D42E9AC81FEB4F476F9E8&page_id=2&pageid=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jul 2021 17:04:06 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
oii-ivid-perisistence.js
accounts.intuit.com/scripts/ Frame AB35 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.intuit.com/scripts/oii-ivid-perisistence.js?v=1.17
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/ividFrame.html?samesite_support=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.250.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-17.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
366650bf66f8b1a3f31275e0a093fd3182a4fadcebfe4301c8ba8e8f63369160

Request headers

Referer
https://accounts.intuit.com/ividFrame.html?samesite_support=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 17:04:06 GMT
content-encoding
gzip
x-check-cacheable
YES
x-serial
1604
x-akamai-pragma-client-ip
2.16.187.53, 18.196.119.136
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=99115
last-modified
Fri, 02 Jul 2021 13:42:59 GMT
accept-ranges
bytes
content-length
4859
server
nginx
expires
Wed, 07 Jul 2021 20:36:01 GMT
c.json
collection.decibelinsight.net/i/13878/264967/ 		8 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://collection.decibelinsight.net/i/13878/264967/c.json
Requested by
Host: cdn.decibelinsight.net
URL: https://cdn.decibelinsight.net/i/13878/264967/di.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.152.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-152-125.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f3cbe724eeaa071cf5a0e197fc9faf9b80a456f92824da12854cd18ce99b5daa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Jul 2021 17:04:06 GMT
Content-Encoding
gzip
Vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://tsheets.intuit.com
Cache-Control
private, max-age=31537800
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
clear.png
pf.intuit.com/fp/ Frame D5AD 		81 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pf.intuit.com/fp/clear.png
Requested by
Host: pf.intuit.com
URL: https://pf.intuit.com/fp/check.js;CIS3SID=828AD83B72ECB5F00918389055ECB6F7?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.92 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*, v60nf4oj/393b18bb2672a08903cce676b38d42e9ac81feb4f476f9e8
Referer
https://pf.intuit.com/fp/tags?js=1&org_id=v60nf4oj&session_id=03CCE676B38D42E9AC81FEB4F476F9E8&page_id=2&pageid=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Jul 2021 17:04:06 GMT
Last-Modified
Tue, 06 Jul 2021 17:04:06 GMT
Server
Apache
Etag
787c35d87e4048378dde223bd2ac7396
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
Content-Length
81
Expires
Sun, 05 Jul 2026 17:04:06 GMT
ls_fp.html;CIS3SID=828AD83B72ECB5F00918389055ECB6F7
pf.intuit.com/fp/ Frame BDE2 		82 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pf.intuit.com/fp/ls_fp.html;CIS3SID=828AD83B72ECB5F00918389055ECB6F7?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2
Requested by
Host: pf.intuit.com
URL: https://pf.intuit.com/fp/check.js;CIS3SID=828AD83B72ECB5F00918389055ECB6F7?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.92 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
36c15fde583b2d92e23437b205233b14f8a3ccaea7c06ec6edf96e21752e4156
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; connect-src 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
pf.intuit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pf.intuit.com/fp/tags?js=1&org_id=v60nf4oj&session_id=03CCE676B38D42E9AC81FEB4F476F9E8&page_id=2&pageid=2
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ius_session=03CCE676B38D42E9AC81FEB4F476F9E8; ivid_b=25f5832f-ebe2-4996-9592-a0e4b98de055; websdk_swiper_flags=first_sc_hit%2Cwait_for_sc; thx_guid=019d7d8f5fbb4307aaae3b68ea601fbe; AMP_TOKEN=%24NOT_FOUND; _ga=GA1.2.278640807.1625591046; _gid=GA1.2.639445125.1625591046; ivid=901ad6b3-00ab-4c41-a029-fe595a1530d5; da_sid=2E0D27118E32AE9D06D3AA134E2ABEF35D|4|0|0; da_lid=1D3E14229A72EA069382BB990C28F4F8EE|0|0|0; da_intState=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://pf.intuit.com/fp/tags?js=1&org_id=v60nf4oj&session_id=03CCE676B38D42E9AC81FEB4F476F9E8&page_id=2&pageid=2

Response headers

Date
Tue, 06 Jul 2021 17:04:06 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Security-Policy
frame-src 'self'; connect-src 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'unsafe-inline'
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=2, max=98
Transfer-Encoding
chunked
sid_fp.html;CIS3SID=828AD83B72ECB5F00918389055ECB6F7
h.online-metrix.net/fp/ Frame D027 		95 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=828AD83B72ECB5F00918389055ECB6F7?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2
Requested by
Host: pf.intuit.com
URL: https://pf.intuit.com/fp/check.js;CIS3SID=828AD83B72ECB5F00918389055ECB6F7?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
6f8f98e94e62be9caa8b7e6f99fe6dfc95a9409f3fea0a3c35b46c6636d6cf33
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; connect-src 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
h.online-metrix.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pf.intuit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://pf.intuit.com/

Response headers

Date
Tue, 06 Jul 2021 17:04:06 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Security-Policy
frame-src 'self'; connect-src 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'unsafe-inline'
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=2, max=100
Transfer-Encoding
chunked
page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame D5AD 		0
0
top_fp.html;CIS3SID=828AD83B72ECB5F00918389055ECB6F7
pf.intuit.com/fp/ Frame 920B 		82 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pf.intuit.com/fp/top_fp.html;CIS3SID=828AD83B72ECB5F00918389055ECB6F7?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2
Requested by
Host: pf.intuit.com
URL: https://pf.intuit.com/fp/check.js;CIS3SID=828AD83B72ECB5F00918389055ECB6F7?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.92 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
b919bb5233413acf570b0e5846b40e4c91ec6723ed886332aa0873828785da3d
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; connect-src 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
pf.intuit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pf.intuit.com/fp/tags?js=1&org_id=v60nf4oj&session_id=03CCE676B38D42E9AC81FEB4F476F9E8&page_id=2&pageid=2
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ius_session=03CCE676B38D42E9AC81FEB4F476F9E8; ivid_b=25f5832f-ebe2-4996-9592-a0e4b98de055; websdk_swiper_flags=first_sc_hit%2Cwait_for_sc; thx_guid=019d7d8f5fbb4307aaae3b68ea601fbe; AMP_TOKEN=%24NOT_FOUND; _ga=GA1.2.278640807.1625591046; _gid=GA1.2.639445125.1625591046; ivid=901ad6b3-00ab-4c41-a029-fe595a1530d5; da_sid=2E0D27118E32AE9D06D3AA134E2ABEF35D|4|0|0; da_lid=1D3E14229A72EA069382BB990C28F4F8EE|0|0|0; da_intState=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://pf.intuit.com/fp/tags?js=1&org_id=v60nf4oj&session_id=03CCE676B38D42E9AC81FEB4F476F9E8&page_id=2&pageid=2

Response headers

Date
Tue, 06 Jul 2021 17:04:06 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Security-Policy
frame-src 'self'; connect-src 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'unsafe-inline'
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=2, max=99
Transfer-Encoding
chunked
clear.png
pf.intuit.com/fp/ Frame D5AD 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pf.intuit.com/fp/clear.png?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2&ja=3737302426613f343224723d3632266e3d333e3032783332323024636435313e30327a3332323224717a713d307a302e64727a3d332c333632302e3330383024313432322c333032322e3b30302e313d302e393632302e313030322e3224302e7361663f3236246e6a3f60747472732d33432d324425304672662c6b6c7c7561742c616d6d27304464722d324676616f73273b4668732733463127303467726f5f6b662733467434326c6e346f68253a36716d7371696d6e5d696627314c303b43414734373440313a463c32453b414b38334e45403444343536443b4730253a36726365655d6b6627314c322530367861656d6966253144302666703f60747c707127314127304427304e6163616f7d6e767b2e6b6e76756b742c616d65253a46246a6a3d34676736346c613732643034676b3563363a3264333260353e3438323a313b632468716d3f44696e77782e6a716a3d4168706f6f6527303230392e6a716d773d4e6b6c777a2e6e68613d39322466646f3d3a26767a663f477d726770672730464067706e6b66266d637460723f3c3032336631613260676138326d366161373632323a30636c313537343831646c3437383a31363166346769613a3466613b3463646066353a333131313136632e703f706e7565696c5d6464617b685c64636c716723726e7d67696c5f7f696c6c6f75735d6d67646b635d786c697967705c66636e716723786c756569665f636c6f60655d6161726d60637c5e6e616e716721726e77656b665f7177696b6b76616d675e64616e7367237264756f696c5d71686d616975637e655e646164736729706e7565696c5f706763647064617b67705e64636e716729706c7767616e5d7e6c615f726c637967705c6e6164736723726c77656b6c5d6c6576636c7e725c6e616e736721726c77656b665f7b76655d7469677567705c6e616c716529706e7d676b6e5d6a6376635c64696c7b6524677a333f613a36643c376435363163603b3763333663303067306631316e6635313a3432616335323d613461266b63663531&jb=313731246c733f4f6d78616c6c63253a463726302732322855696c666d7f732d32324c5625303233322c38253340253a3055616e34342733402530327a3e34212530324370726e6755676a4b6976253a46373b372c33342530302a494a5c4d442530412732326e6b69672d323045656b6b6d212530304168706f6f67273a4630392c322c34313a3b2c353a253232536966637a692732443531372c3134
Requested by
Host: pf.intuit.com
URL: https://pf.intuit.com/fp/check.js;CIS3SID=828AD83B72ECB5F00918389055ECB6F7?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.92 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pf.intuit.com/fp/tags?js=1&org_id=v60nf4oj&session_id=03CCE676B38D42E9AC81FEB4F476F9E8&page_id=2&pageid=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Jul 2021 17:04:06 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript;charset=UTF-8
clear.png
v60nf4ojgozfikjruysq6kvxzf4py63b3zpewwp2393b18bb2672a089am1.e.aa.online-metrix.net/fp/ Frame D5AD 		81 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v60nf4ojgozfikjruysq6kvxzf4py63b3zpewwp2393b18bb2672a089am1.e.aa.online-metrix.net/fp/clear.png?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2&di=yes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.134.131 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pf.intuit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jul 2021 17:04:06 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear1.png;CIS3SID=828AD83B72ECB5F00918389055ECB6F7
pf.intuit.com/fp/ Frame D5AD 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pf.intuit.com/fp/clear1.png;CIS3SID=828AD83B72ECB5F00918389055ECB6F7?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2&jf=34333424736b665d706c6c3d7466725737334e67666874646a425661463e4f5226716b665f666376673f39363237353131323c3624736b645d747b726735776d6238676164716324716b6c5f6b67793533323d3931303333323632353069383e343a61673366323032333836303a326938343c386165316432333233323f303b3430323230363b3134356a353934356e38633f61616464303465603a346b666b31603b32353264353a303b613930333f30616b613b6361363137663b676d383b623331613864633b363b6b34303a333938303e66673134383b383633663a653d6560603a6335643b63306a653730346d35366961663737623b626066666b393a31606136313a24716b66577369653d3b30363d30303232363a346066353b6469386632333260313a303b6e363032363964613a3161366666646567663239623e62643a61616131643b606b333130393032373b306739673030323332326d303e3260333a353a643037676a36363a366b39333d323234313863363b633b6c363c3030643664363034313b3b3264616539653b316336643b3435353236302e736166703f32
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.92 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pf.intuit.com/fp/tags?js=1&org_id=v60nf4oj&session_id=03CCE676B38D42E9AC81FEB4F476F9E8&page_id=2&pageid=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jul 2021 17:04:06 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=97
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear1.png;CIS3SID=B67975EB86E5D3C0EAE6B71C0B620100
h.online-metrix.net/fp/ Frame D027 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.online-metrix.net/fp/clear1.png;CIS3SID=B67975EB86E5D3C0EAE6B71C0B620100?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=1&jf=34333624736b665d706c6c3d746672574a635f664455465965544669563d545e26716b665f666376673f39363237353131323c3624736b645d747b726735776d6238676164716324716b6c5f6b67793533323d3931303333323632353069383e343a61673366323032333836303a326938343c386165316432333233323f303b343032323036353561356a323266303861363c393064636632343b633339303d646337323466373b34373934343b333034376c343734616130306730333a326c633637366467603434376b62333b623036333d303633613331653163663a313b6535666766323a3a673a3b31353b626a3967393061376337636333663331346a31376735613124716b66577369653d3b30363c303032323063616463316b313c62343a646437633a3b6131663460623b39356a6564356339673532353b3c636a66673764626337373b6338316566633d63673b3933323b30303232333a3d336b303061343633336464363c396130616b38613e623b643a3934323460376d3638653532303931376737643e613764626c6137693760343036676363247161667a3d33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=828AD83B72ECB5F00918389055ECB6F7?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jul 2021 17:04:06 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
pf.intuit.com/fp/ Frame D5AD 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pf.intuit.com/fp/clear.png?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2&jac=1&je=313537242675676070766b5f657a746d726c696c5d69723d3a322c33323a2e39382c33333424756b6f3f7f656270746b5f6b667467726c616e5f6f666c7b26786d3f6c6d266063767176357b226e657e656e2a3a332e32302e227176637c757b22382061686370656b6c6f227d24617d646a3563676660616734353a343f376e3030646062663b3531343937363b326c6266316334343730606637343639363e396760676633373b37636a373437613a31333f
Requested by
Host: pf.intuit.com
URL: https://pf.intuit.com/fp/check.js;CIS3SID=828AD83B72ECB5F00918389055ECB6F7?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.92 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pf.intuit.com/fp/tags?js=1&org_id=v60nf4oj&session_id=03CCE676B38D42E9AC81FEB4F476F9E8&page_id=2&pageid=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jul 2021 17:04:07 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=96
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear3.png;CIS3SID=828AD83B72ECB5F00918389055ECB6F7
pf.intuit.com/fp/ Frame D5AD 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pf.intuit.com/fp/clear3.png;CIS3SID=828AD83B72ECB5F00918389055ECB6F7?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2&jac=1&je=31333724266a60663f387f645f333a6b685d383a72715d3038706b5d32326c695f33386e6e5d3338726157303a726857303865695d3138736e5f3238617f5f393a71745d3137322e333038302c333638302e3b30322c322c322c322e333e30382c333032302e3334323224313232302432362432362c33
Requested by
Host: pf.intuit.com
URL: https://pf.intuit.com/fp/check.js;CIS3SID=828AD83B72ECB5F00918389055ECB6F7?org_id=v60nf4oj&session_id=03cce676b38d42e9ac81feb4f476f9e8&nonce=393b18bb2672a089&pageid=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.92 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pf.intuit.com/fp/tags?js=1&org_id=v60nf4oj&session_id=03CCE676B38D42E9AC81FEB4F476F9E8&page_id=2&pageid=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Jul 2021 17:04:07 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript;charset=UTF-8
ius_did
accounts.intuit.com/ Frame 48C8 		115 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.intuit.com/ius_did?a2=true
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/scripts/ius.xdr.min.js?v=1.70.0.356
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.250.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-17.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
28e36810b0515d41ba609750a7deb44c33c4e9cf5e12dc18c4a51a6f2d0cf6e5

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://accounts.intuit.com/xdr.html?v2=true&corsEnabled&tests=ius_session
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jul 2021 17:04:07 GMT
server
nginx
intuit_tid
cf7a9518-e9e4-40a2-9978-fcd7537335b2
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store
content-length
115
expires
Thu, 01 Jan 1970 00:00:00 GMT
fe_logger
accounts.intuit.com/ 		0
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.intuit.com/fe_logger?context=%7B%22offeringId%22%3A%22Intuit.qbshared.tsheets%22%2C%22releaseVersion%22%3A%221.162.2%22%2C%22usesEnsighten%22%3Afalse%2C%22usesTealium%22%3Afalse%2C%22browser%22%3A%22Chrome%2089%22%2C%22caller%22%3A%22coreui%22%2C%22type%22%3A%22default%22%2C%22tests%22%3A%22tmx_tag_obfuscation_cutover%3Aa%22%7D&logs=%5B%7B%22message%22%3A%22time%3D1539%2Cpreloaded%3Dfalse%2Cconnection_downlink%3D9.3%2Cconnection_effectiveType%3D4g%22%2C%22name%22%3A%22ius_core_js_download_end_to_interactive_time%22%2C%22level%22%3A%22INFO%22%2C%22fileName%22%3A%22ius-sign-in-widget.js%22%7D%5D&callback=jsonp_1625591048812_92674
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.250.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-17.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 17:04:08 GMT
server
nginx
intuit_tid
11cefabf-5a66-4234-8642-08e73c50d30c
content-length
0
content-type
application/json;charset=ISO-8859-1
s7959743890102
sci.intuit.com/b/ss/intuitctoiux/1/H.26.2/
Redirect Chain
  • https://sci.intuit.com/b/ss/intuitctoiux/1/H.26.2/s7959743890102?AQB=1&ndh=1&t=6%2F6%2F2021%2019%3A4%3A13%202%20-120&fid=33F86A8A6AE5CFD0-062C244270B27337&ce=UTF-8&ns=intuitinc&g=https%3A%2F%2Ftshe...
  • https://sci.intuit.com/b/ss/intuitctoiux/1/H.26.2/s7959743890102?AQB=1&pccr=true&vidn=30724686DCE5A26A-600014C24FCFAEFA&ndh=1&t=6%2F6%2F2021%2019%3A4%3A13%202%20-120&fid=33F86A8A6AE5CFD0-062C244270...
43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sci.intuit.com/b/ss/intuitctoiux/1/H.26.2/s7959743890102?AQB=1&pccr=true&vidn=30724686DCE5A26A-600014C24FCFAEFA&ndh=1&t=6%2F6%2F2021%2019%3A4%3A13%202%20-120&fid=33F86A8A6AE5CFD0-062C244270B27337&ce=UTF-8&ns=intuitinc&g=https%3A%2F%2Ftsheets.intuit.com%2Fpage%2Flogin_oii&r=https%3A%2F%2Ftsheets.intuit.com%2F%3Fshow%3D%7EYWRkb25fdGltZV9vZmZfcmVxdWVzdHN%252BZGlzcGxheX5pbml0aWFsX3JlcXVlc3RfaWQ9PjIyMzM3Ng%253D%253D&cc=USD&c6=D%3Dv6&v6=sign-in-widget-loaded&c9=D%3Dv9&v9=en-us&c11=D%3Dv11&v11=Intuit.qbshared.tsheets&c12=D%3Dv12&c13=D%3Dv13&c14=D%3Dv14&v14=v2-sign-in&c15=D%3Dv15&c16=D%3Dv16&v16=https%3A%2F%2Ftsheets.intuit.com%2Fpage%2Flogin_oii&c17=D%3Dv17&v17=https%3A%2F%2Ftsheets.intuit.com%2F%3Fshow%3D%7EYWRkb25fdGltZV9vZmZfcmVxdWVzdHN%252BZGlzcGxheX5pbml0aWFsX3JlcXVlc3RfaWQ9PjIyMzM3Ng%253D%253D&c19=D%3Dv19&v19=tmx_tag_obfuscation_cutover%3Aa&c24=D%3Dv24&v24=globalView%3Dfalse%7CidentifierFirst%3Dtrue%7CknownDevice%3Dfalse%7CtargetAAL%3D20&pe=lnk_o&pev2=sign-in-widget-loaded&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 17:04:13 GMT
x-content-type-options
nosniff
x-c
main-1489.I96e1bb.M0-504
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 07 Jul 2021 17:04:13 GMT
server
jag
xserver
anedge-58944c9887-rnm8k
etag
3490930205683384320-4619793195202700798
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Mon, 05 Jul 2021 17:04:13 GMT

Redirect headers

date
Tue, 06 Jul 2021 17:04:13 GMT
x-content-type-options
nosniff
x-c
main-1489.I96e1bb.M0-504
p3p
CP="This is not a P3P policy"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
location
https://sci.intuit.com/b/ss/intuitctoiux/1/H.26.2/s7959743890102?AQB=1&pccr=true&vidn=30724686DCE5A26A-600014C24FCFAEFA&ndh=1&t=6%2F6%2F2021%2019%3A4%3A13%202%20-120&fid=33F86A8A6AE5CFD0-062C244270B27337&ce=UTF-8&ns=intuitinc&g=https%3A%2F%2Ftsheets.intuit.com%2Fpage%2Flogin_oii&r=https%3A%2F%2Ftsheets.intuit.com%2F%3Fshow%3D%7EYWRkb25fdGltZV9vZmZfcmVxdWVzdHN%252BZGlzcGxheX5pbml0aWFsX3JlcXVlc3RfaWQ9PjIyMzM3Ng%253D%253D&cc=USD&c6=D%3Dv6&v6=sign-in-widget-loaded&c9=D%3Dv9&v9=en-us&c11=D%3Dv11&v11=Intuit.qbshared.tsheets&c12=D%3Dv12&c13=D%3Dv13&c14=D%3Dv14&v14=v2-sign-in&c15=D%3Dv15&c16=D%3Dv16&v16=https%3A%2F%2Ftsheets.intuit.com%2Fpage%2Flogin_oii&c17=D%3Dv17&v17=https%3A%2F%2Ftsheets.intuit.com%2F%3Fshow%3D%7EYWRkb25fdGltZV9vZmZfcmVxdWVzdHN%252BZGlzcGxheX5pbml0aWFsX3JlcXVlc3RfaWQ9PjIyMzM3Ng%253D%253D&c19=D%3Dv19&v19=tmx_tag_obfuscation_cutover%3Aa&c24=D%3Dv24&v24=globalView%3Dfalse%7CidentifierFirst%3Dtrue%7CknownDevice%3Dfalse%7CtargetAAL%3D20&pe=lnk_o&pev2=sign-in-widget-loaded&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
last-modified
Wed, 07 Jul 2021 17:04:13 GMT
server
jag
xserver
anedge-58944c9887-bcn6t
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Mon, 05 Jul 2021 17:04:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL
chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Verdicts & Comments Add Verdict or Comment

220 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| ts number| ts_version string| ua boolean| msIE function| el function| get_parent boolean| old_browser boolean| unsupported_browser function| getXDomainCSS number| SPACE number| ENTER number| ESCAPE function| clickTargetForKeys function| printStackTrace function| ts_debounce function| Browser object| browser object| dragObj function| dragStart function| dragGo function| dragStop object| suggestions string| storedSearchString number| hoveredSuggestion object| inter_exec function| suggest_setup function| suggest_init function| calcOffset function| searchKeyDown function| searchKeyUp function| suggest_display function| hoverSuggestion number| window_default_zindex function| toggle_window function| initialize_window function| focus_window object| wwTTobj function| wwTT function| wwTT_create function| wwTT_position function| wwTT_isDescendantOf function| Xajax object| xajax object| _gat object| _gaq function| moment function| $ function| jQuery object| React object| ReactDOM object| easyXDM function| build_version_comments function| replace_css_chunk function| get_existing_version function| update_css function| formatTime function| round function| play_sound function| toggleBox function| toggleCheckBox function| removeElement function| tag function| elClass function| addClass function| removeClass function| hasClass function| switch_tab function| switchTab function| prev function| next function| first function| last function| createElements function| put_before function| append function| msg_box function| popover function| loading_overlay function| ts_tip_bubble function| ts_screen_top_notify function| ts_overlay function| ts_overlay_close_icon function| ts_content_wrapper function| ts_alert function| response_overlay function| ts_form_okd function| ts_download function| jconsole function| register_event function| run_event function| unregister_event function| get_style function| getcookie function| getexpirydate function| setcookie function| timeAsText function| timeAsHtml function| updateTimeTotal function| update_clock function| calculate_timezone object| clockHandlers function| select_box_disable function| setupSortTabs function| get_html_translation_table function| array2json function| winc_notify function| winc_notify_close function| element_state_change function| unscroll_text function| htmlentities function| clean_url function| detectBrowserVersion function| userzoom_intercept function| get_wui_combo_library function| element_is_in_view object| accessibilityHandlers function| click_a11y_feedback_button function| launch_help_panel function| click_live_engage_chat_button function| display_user_error function| css_require_once object| window_position boolean| xajaxLoaded function| displayChatUnavailableMessage function| liveEngageChatLaunch string| xajaxRequestUri boolean| xajaxWaitCursor number| xajaxDefinedGet number| xajaxDefinedPost function| xajax_window_save_position function| xajax_suggest function| xajax_window_open function| xajax_window_submit function| xajax_json_post function| xajax_no_auth_json_post object| _da_ string| DecibelInsight function| decibelInsight object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill boolean| easyxdm_ready object| xajax_socket object| iuxWebWebackJsonP object| intuit object| ius_bu_offering_mapping string| IUX_PLUGIN_HOST string| IUX_PROJECT_VERSION boolean| iuxIsBundled object| intlTelInputGlobals function| Inputmask object| ius_default_options object| iuxwa string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in number| s_giq function| iuxTrack function| iuxTrackPage function| s_gi function| s_giqf function| setABTestProps function| s_doPlugins undefined| uuid object| iuxCoreWeb boolean| iuxErrorEventListenerInitialized object| identityConfiguration boolean| identityConfigSuccess object| _di_max_id object| _da_crcTable number| __JSS_VERSION_COUNTER__ object| jss object| common number| 2f1acc6c3a606b082e5eef5e54414ffb string| GoogleAnalyticsObject function| ga object| oii function| onIdentityConfigurationSuccess function| onIdentityConfigurationFail object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager object| google_optimize boolean| decibelInsight_initiated function| jsonp_1625591046217_87633 function| jsonp_1625591048812_92674 string| url string| s_objectID object| s_i_0_intuitinc

10 Cookies

Domain/Path Name / Value
.intuit.com/ Name: _gid
Value: GA1.2.639445125.1625591046
.intuit.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.intuit.com/ Name: ivid_b
Value: 25f5832f-ebe2-4996-9592-a0e4b98de055
.intuit.com/ Name: ius_session
Value: 03CCE676B38D42E9AC81FEB4F476F9E8
pf.intuit.com/ Name: thx_guid
Value: 019d7d8f5fbb4307aaae3b68ea601fbe
.intuit.com/ Name: websdk_swiper_flags
Value: first_sc_hit%2Cwait_for_sc
.tsheets.intuit.com/ Name: csrfv2
Value: l33vBiHXwuvT.2LDQACh3JEHN.1625594643
.intuit.com/ Name: ivid
Value: 901ad6b3-00ab-4c41-a029-fe595a1530d5
.intuit.com/ Name: _ga
Value: GA1.2.278640807.1625591046
.tsheets.intuit.com/ Name: SESSION_ID
Value: S%3A0%3AMC%24%24e502e2c1917df349ebdd8f7bd3f70ae5

3 Console Messages

Source Level URL
Text
console-api log URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js(Line 2)
Message:
localStorage iux_cell_failure
console-api debug URL: https://buildassets.tsheets.com/tsheets-frontend-app-oii/oii-v2.41.0.js(Line 70)
Message:
DEBUG => [TSReactDOM] SUCCESS: component was rendered at DOM id 'data-oii-login-root'.
console-api warning URL: https://cdn.decibelinsight.net/i/13878/264967/di.js(Line 41)
Message:
DecibelInsight: tsheets.intuit.com is not a valid domain for this account.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=300; includeSubDomains
X-Frame-Options Deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.intuit.com
ampcid.google.com
ampcid.google.de
buildassets.tsheets.com
cdn.decibelinsight.net
collection.decibelinsight.net
ghbmnnjooekpmoecnnnilnnbdlolhkhi
h.online-metrix.net
lib.intuitcdn.net
pf.intuit.com
plugin.intuitcdn.net
sci.intuit.com
tsheets.intuit.com
v60nf4ojgozfikjruysq6kvxzf4py63b3zpewwp2393b18bb2672a089am1.e.aa.online-metrix.net
visit.tsheets.com
www.google-analytics.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
104.111.250.17
13.225.87.15
13.36.218.177
167.89.123.54
18.156.152.125
23.39.250.224
23.79.134.81
2600:9000:2156:b400:8:5d53:c240:93a1
2a00:1450:4001:808::200e
2a00:1450:4001:812::200e
2a00:1450:4001:827::200e
2a00:1450:4001:829::200e
35.81.9.204
91.235.132.130
91.235.133.92
91.235.134.131
0d2ab7896bc22a031f1e00b88e6c3980831256606bc1d46801944944e24f4719
0e68a4e49cffc89f8affcd1213dcf5bf379f016599e34465ba81c4bd9ecb43c1
16d3ed349b984e936be3a908f6ac4ae78d70a1f057a6c9bb51c4a263a109361a
1b9d7193ef73e6d9b8724e30b3962afab7277c4fe7bb72c2f20429adf656a00b
1b9eee5ddb201ea4ef89ffb26b836696b04f779ee832fa6cd6c0179b8ce6f673
1be7216236e82280d0e3f4fdf5040971e8307343082d91dc3886e387771f9285
1fc96431d628ef309a88d59ab494875c55c5f3733d08ac37e75623fbc4a337d2
28e36810b0515d41ba609750a7deb44c33c4e9cf5e12dc18c4a51a6f2d0cf6e5
366650bf66f8b1a3f31275e0a093fd3182a4fadcebfe4301c8ba8e8f63369160
36c15fde583b2d92e23437b205233b14f8a3ccaea7c06ec6edf96e21752e4156
39e0c9c782944cb26ff4894ec622713bfc35ab7b54949089258453194f2b5fa2
59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a
5d406ef498045a52244d272e3a87b6fa312483ffa081f3f740bd8754e6a7597b
5ffa3aac51a6269b294f0ad5c8222c274475637e54916ab6e8714ee9f48922cb
60d119357a6569748336a4b86f35eaa287d4b6bc507b6c583425e12a35c3c04a
6250cfb70ff4c463bea4ba23dd7f089b489945e468b5ca91ee9447df0a768a19
6ca5261e218c1c1da066c474ae34a1db2530819badfbd7b79c7e8dfd998e7b20
6cae8a0d2f9d1d465fc38ded4c383dbfdb5ac598b44a5464c933bb79f683cc67
6f8f98e94e62be9caa8b7e6f99fe6dfc95a9409f3fea0a3c35b46c6636d6cf33
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
785b96448e3c19cb9f0015fd3379718159c8fbcc31e8a47c111688c8f52f9f6c
7d8b56c84b1110d18df5f0514be0300330085dc2c4b9257ec1a8423f0ba6736a
7f0c2763b1b34efa49ebb419e3a878339809639fff966b04f8d11eb6292890f3
8c7f7da38738d2d88a2482cdeae481930c15df61a70f66ba460c46ba4192979e
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9b30eaa4a59b9dfbd4a7713a0db892731fe7ba63830ea448835da2ab0ecf476d
9f2baa7e80d21eadaae94a2d6ac66c139b5f93230ee5d559f6ef9520283ec868
a075f1a76af84bb76fd94a195b54d5e7d02fd9a18089a0d837cbdc1896bc2357
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ac20ed6a321d03f2709446eee7e081c5c9dd3844e1f8df595f888283b3185907
ac60a533b77b9c17f5c039ac84326ceb2890a3fe53166a1cb6de7fe7628032f1
b457b7c1a4a75dc8ff285dec03390f728ce41ee54ba4f4736cd61a18785770ee
b919bb5233413acf570b0e5846b40e4c91ec6723ed886332aa0873828785da3d
c550b8ec11638f35123bb8c0d85029aef9043e6577d6bf4f9625d95697f539c4
c780bb4a8c5bae139b5fd19171ceb234e7f25bd6dba6d7afead96cce5fecf2e9
c8278b56794c389919d388951c5fa4dc07a388e16eb7055d675b0b916acc70e5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d251ff14934540b2aa0ec0e0f995d29acf63d933aad3dfd39142ee44974c9633
d263be0a8e7a793360e69d0d799493552b80192f13bbe9edb0021f2732f0f00c
d4fe9aaa99bae15c3c5a8f13ff68bfea4bb63c488962c4a0d4fdff717884553c
d8ef933f6d5e383b20e118da4e7cccd51a03e7b2405d03cf616a9d58a65d18b1
dc1f3b3ac25b2732d747751af350c82bbe5a23506db735befebdebeb3ea64806
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f17cf3404331cf4142f97dedeaabe99a1d8cd894abee2f102cc25e431f826fad
f3cbe724eeaa071cf5a0e197fc9faf9b80a456f92824da12854cd18ce99b5daa
f76664b1313cdfbbf1aeddd340deb2f070ff993bda8bba26395da7a8af6af6fd
fab1f3f5afc35c2d8d2f952a9756a0e8d03801148561e74555bf7d026d5f4cf3
fbc51286b2e25cd77fe6bf4fe18cbc14d68bfd1518fd55d2535357a63818f4d7
ff9e3600a8ffbb66ddd3da50be38f2d87bbdd89e06936a5b5e677c06f57238db