urlscan.io logo urlscan.io
SecurityTrails logo

aha.youearnedit.com Open in urlscan Pro
35.199.32.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app.highground.com/?emailLink=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vP2VtYWlsTGluaz1hSFIwY0hNNkx5OWhjSEF1YUdsbmFHZHliM...
Effective URL: https://aha.youearnedit.com/users/sign_in?&redirectTo=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vIy9Qcm9maWxlL0ZlZWRiYWNrL1NlbGZFdm...
Submission: On April 28 via manual from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 10 HTTP transactions. The main IP is 35.199.32.36, located in Washington, United States and belongs to GOOGLE, US. The main domain is aha.youearnedit.com.
TLS certificate: Issued by R3 on March 11th 2021. Valid for: 3 months.
This is the only time aha.youearnedit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 5 35.199.32.36 15169 (GOOGLE)
4 2600:9000:211... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.114.110 54113 (FASTLY)
2 162.247.243.147 13335 (CLOUDFLAR...)
10 5
5    35.199.32.36 (Washington, United States)

ASN15169 (GOOGLE, US)
PTR: 36.32.199.35.bc.googleusercontent.com
app.highground.com
aha.youearnedit.com
4    2600:9000:211e:b200:5:54af:3940:21 (United States)

ASN16509 (AMAZON-02, US)
d2y682l68cpwit.cloudfront.net
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
Domain Requested by
4 d2y682l68cpwit.cloudfront.net aha.youearnedit.com
d2y682l68cpwit.cloudfront.net
3 app.highground.com 3 redirects
2 bam-cell.nr-data.net js-agent.newrelic.com
2 www.googletagmanager.com aha.youearnedit.com
www.googletagmanager.com
2 aha.youearnedit.com 1 redirects
1 js-agent.newrelic.com aha.youearnedit.com
10 6

This site contains links to these domains. Also see Links.

Domain
kazoohr.com
Subject Issuer Validity Valid
*.youearnedit.com
R3		 2021-03-11 -
2021-06-09		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-04-26 -
2022-04-10		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://aha.youearnedit.com/users/sign_in?&redirectTo=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vIy9Qcm9maWxlL0ZlZWRiYWNrL1NlbGZFdmFsU3RhcnQvMTg2YjNlNTAtOWUxNy0xMWViLTliNzEtMzc5ZTYzOGEyYjc5P2dpZD0xNWE5NTI0MC0yZDk0LTExZWItOTE1ZS1jN2U1MWY2OGEyODQ%3D
Frame ID: 6E7A3BE9519761EE8C618834EEB6700A
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://app.highground.com/?emailLink=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vP2VtYWlsTGluaz1hSFIwY0hNNkx5O... HTTP 302
    https://app.highground.com/?emailLink=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vP2VtYWlsTGluaz1hSFIwY0hNNkx5O... HTTP 302
    https://app.highground.com/?emailLink=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vIy9Qcm9maWxlL0ZlZWRiYWNrL1Nlb... HTTP 302
    http://aha.youearnedit.com/users/sign_in?&redirectTo=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vIy9Qcm9maWxlL0... HTTP 308
    https://aha.youearnedit.com/users/sign_in?&redirectTo=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vIy9Qcm9maWxlL0... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

10
Requests

100 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

252 kB
Transfer

705 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.highground.com/?emailLink=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vP2VtYWlsTGluaz1hSFIwY0hNNkx5OWhjSEF1YUdsbmFHZHliM1Z1WkM1amIyMHZQMlZ0WVdsc1RHbHVhejFoU0ZJd1kwaE5Oa3g1T1doalNFRjFZVWRzYm1GSFpIbGlNMVoxV2tNMWFtSXlNSFpKZVRsUlkyMDViV0ZYZUd4TU1GcHNXbGRTYVZsWFRuSk1NVTVzWWtkYVJtUnRSbk5WTTFKb1kyNVJkazFVWnpKWmFrNXNUbFJCZEU5WFZYaE9lVEI0VFZkV2FVeFViR2xPZWtWMFRYcGpOVnBVV1hwUFIwVjVXV3BqTlZBeVpIQmFSREI0VGxkRk5VNVVTVEJOUXpCNVdrUnJNRXhVUlhoYVYwbDBUMVJGTVZwVE1XcE9NbFV4VFZkWk1rOUhSWGxQUkZFOQ== HTTP 302
    https://app.highground.com/?emailLink=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vP2VtYWlsTGluaz1hSFIwY0hNNkx5OWhjSEF1YUdsbmFHZHliM1Z1WkM1amIyMHZJeTlRY205bWFXeGxMMFpsWldSaVlXTnJMMU5sYkdaRmRtRnNVM1JoY25Rdk1UZzJZak5sTlRBdE9XVXhOeTB4TVdWaUxUbGlOekV0TXpjNVpUWXpPR0V5WWpjNVAyZHBaRDB4TldFNU5USTBNQzB5WkRrMExURXhaV0l0T1RFMVpTMWpOMlUxTVdZMk9HRXlPRFE9 HTTP 302
    https://app.highground.com/?emailLink=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vIy9Qcm9maWxlL0ZlZWRiYWNrL1NlbGZFdmFsU3RhcnQvMTg2YjNlNTAtOWUxNy0xMWViLTliNzEtMzc5ZTYzOGEyYjc5P2dpZD0xNWE5NTI0MC0yZDk0LTExZWItOTE1ZS1jN2U1MWY2OGEyODQ= HTTP 302
    http://aha.youearnedit.com/users/sign_in?&redirectTo=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vIy9Qcm9maWxlL0ZlZWRiYWNrL1NlbGZFdmFsU3RhcnQvMTg2YjNlNTAtOWUxNy0xMWViLTliNzEtMzc5ZTYzOGEyYjc5P2dpZD0xNWE5NTI0MC0yZDk0LTExZWItOTE1ZS1jN2U1MWY2OGEyODQ%3D HTTP 308
    https://aha.youearnedit.com/users/sign_in?&redirectTo=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vIy9Qcm9maWxlL0ZlZWRiYWNrL1NlbGZFdmFsU3RhcnQvMTg2YjNlNTAtOWUxNy0xMWViLTliNzEtMzc5ZTYzOGEyYjc5P2dpZD0xNWE5NTI0MC0yZDk0LTExZWItOTE1ZS1jN2U1MWY2OGEyODQ%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sign_in
aha.youearnedit.com/users/
Redirect Chain
  • https://app.highground.com/?emailLink=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vP2VtYWlsTGluaz1hSFIwY0hNNkx5OWhjSEF1YUdsbmFHZHliM1Z1WkM1amIyMHZQMlZ0WVdsc1RHbHVhejFoU0ZJd1kwaE5Oa3g1T1doalNFRjFZVWRzYm1GSFp...
  • https://app.highground.com/?emailLink=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vP2VtYWlsTGluaz1hSFIwY0hNNkx5OWhjSEF1YUdsbmFHZHliM1Z1WkM1amIyMHZJeTlRY205bWFXeGxMMFpsWldSaVlXTnJMMU5sYkdaRmRtRnNVM1JoY25Rdk1...
  • https://app.highground.com/?emailLink=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vIy9Qcm9maWxlL0ZlZWRiYWNrL1NlbGZFdmFsU3RhcnQvMTg2YjNlNTAtOWUxNy0xMWViLTliNzEtMzc5ZTYzOGEyYjc5P2dpZD0xNWE5NTI0MC0yZDk0LTExZWI...
  • http://aha.youearnedit.com/users/sign_in?&redirectTo=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vIy9Qcm9maWxlL0ZlZWRiYWNrL1NlbGZFdmFsU3RhcnQvMTg2YjNlNTAtOWUxNy0xMWViLTliNzEtMzc5ZTYzOGEyYjc5P2dpZD0xNWE5NTI0...
  • https://aha.youearnedit.com/users/sign_in?&redirectTo=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vIy9Qcm9maWxlL0ZlZWRiYWNrL1NlbGZFdmFsU3RhcnQvMTg2YjNlNTAtOWUxNy0xMWViLTliNzEtMzc5ZTYzOGEyYjc5P2dpZD0xNWE5NTI...
12 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aha.youearnedit.com/users/sign_in?&redirectTo=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vIy9Qcm9maWxlL0ZlZWRiYWNrL1NlbGZFdmFsU3RhcnQvMTg2YjNlNTAtOWUxNy0xMWViLTliNzEtMzc5ZTYzOGEyYjc5P2dpZD0xNWE5NTI0MC0yZDk0LTExZWItOTE1ZS1jN2U1MWY2OGEyODQ%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.199.32.36 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
36.32.199.35.bc.googleusercontent.com
Software
openresty/1.15.8.2 /
Resource Hash
7fa5e2104bb36b8154a70a14bffa5ca62d48033f046f44427d9507ad856da372
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://cloud.typography.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
aha.youearnedit.com
:scheme
https
:path
/users/sign_in?&redirectTo=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vIy9Qcm9maWxlL0ZlZWRiYWNrL1NlbGZFdmFsU3RhcnQvMTg2YjNlNTAtOWUxNy0xMWViLTliNzEtMzc5ZTYzOGEyYjc5P2dpZD0xNWE5NTI0MC0yZDk0LTExZWItOTE1ZS1jN2U1MWY2OGEyODQ%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
openresty/1.15.8.2
date
Wed, 28 Apr 2021 11:38:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains max-age=31536000
status
200 OK
cache-control
no-cache, no-store
x-xss-protection
1; mode=block
x-request-id
47fbebb876bf880dec953c905ad881a3
x-runtime
0.028184
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
set-cookie
_session_id=16d92b22f596233f6341f2544f2c5d82; path=/; secure; HttpOnly
content-security-policy
default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://cloud.typography.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
content-encoding
gzip

Redirect headers

Server
openresty/1.15.8.2
Date
Wed, 28 Apr 2021 11:38:44 GMT
Content-Type
text/html
Content-Length
177
Connection
keep-alive
Location
https://aha.youearnedit.com/users/sign_in?&redirectTo=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vIy9Qcm9maWxlL0ZlZWRiYWNrL1NlbGZFdmFsU3RhcnQvMTg2YjNlNTAtOWUxNy0xMWViLTliNzEtMzc5ZTYzOGEyYjc5P2dpZD0xNWE5NTI0MC0yZDk0LTExZWItOTE1ZS1jN2U1MWY2OGEyODQ%3D
Content-Security-Policy
default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://cloud.typography.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
login-dadecbe417beb6269dedf1c7dff7b3a6331f3dc5979a06f4468a2157ddb44e44.css
d2y682l68cpwit.cloudfront.net/assets/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2y682l68cpwit.cloudfront.net/assets/login-dadecbe417beb6269dedf1c7dff7b3a6331f3dc5979a06f4468a2157ddb44e44.css
Requested by
Host: aha.youearnedit.com
URL: https://aha.youearnedit.com/users/sign_in?&redirectTo=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vIy9Qcm9maWxlL0ZlZWRiYWNrL1NlbGZFdmFsU3RhcnQvMTg2YjNlNTAtOWUxNy0xMWViLTliNzEtMzc5ZTYzOGEyYjc5P2dpZD0xNWE5NTI0MC0yZDk0LTExZWItOTE1ZS1jN2U1MWY2OGEyODQ%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b200:5:54af:3940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.15.8.2 /
Resource Hash
dadecbe417beb6269dedf1c7dff7b3a6331f3dc5979a06f4468a2157ddb44e44
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://cloud.typography.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://aha.youearnedit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 06:10:51 GMT
content-encoding
gzip
vary
Accept-Encoding
age
19673
x-cache
Hit from cloudfront
access-control-request-method
*
content-length
2944
via
1.1 2e4a0520ad8fe16707823b20e9441e09.cloudfront.net (CloudFront)
last-modified
Fri, 23 Apr 2021 10:04:18 GMT
server
openresty/1.15.8.2
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
content-security-policy
default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://cloud.typography.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
h-FyR56gmsIqFjyXNjbliD0PFs5Lc27jyeob20Zm8xpwsUfY8sMZVQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
login-e0a01f366e4d30d76117ca29f28fce3e522a04b4606c0c97001489a5dc8b978b.js
d2y682l68cpwit.cloudfront.net/assets/ 		427 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2y682l68cpwit.cloudfront.net/assets/login-e0a01f366e4d30d76117ca29f28fce3e522a04b4606c0c97001489a5dc8b978b.js
Requested by
Host: aha.youearnedit.com
URL: https://aha.youearnedit.com/users/sign_in?&redirectTo=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vIy9Qcm9maWxlL0ZlZWRiYWNrL1NlbGZFdmFsU3RhcnQvMTg2YjNlNTAtOWUxNy0xMWViLTliNzEtMzc5ZTYzOGEyYjc5P2dpZD0xNWE5NTI0MC0yZDk0LTExZWItOTE1ZS1jN2U1MWY2OGEyODQ%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b200:5:54af:3940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.15.8.2 /
Resource Hash
e0a01f366e4d30d76117ca29f28fce3e522a04b4606c0c97001489a5dc8b978b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://cloud.typography.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://aha.youearnedit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 01:08:07 GMT
content-encoding
gzip
vary
Accept-Encoding
age
37837
x-cache
Hit from cloudfront
access-control-request-method
*
content-length
146131
via
1.1 2e4a0520ad8fe16707823b20e9441e09.cloudfront.net (CloudFront)
last-modified
Fri, 23 Apr 2021 10:11:12 GMT
server
openresty/1.15.8.2
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
content-security-policy
default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://cloud.typography.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
7FaDyJ9hYq-SHA9MZ46eBKEKCUz8A65q_1MvQPULr2gkggJNSbh_-w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
kazoo-logo.svg
d2y682l68cpwit.cloudfront.net/yei/images/default/layout/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2y682l68cpwit.cloudfront.net/yei/images/default/layout/kazoo-logo.svg
Requested by
Host: aha.youearnedit.com
URL: https://aha.youearnedit.com/users/sign_in?&redirectTo=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vIy9Qcm9maWxlL0ZlZWRiYWNrL1NlbGZFdmFsU3RhcnQvMTg2YjNlNTAtOWUxNy0xMWViLTliNzEtMzc5ZTYzOGEyYjc5P2dpZD0xNWE5NTI0MC0yZDk0LTExZWItOTE1ZS1jN2U1MWY2OGEyODQ%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b200:5:54af:3940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.15.8.2 /
Resource Hash
d8a555283059be8c525cda8b96b6d1d0f435f87d8e65bb80ce3dfab58b920a17
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://cloud.typography.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000

Request headers

Referer
https://aha.youearnedit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
content-encoding
gzip
last-modified
Fri, 23 Apr 2021 10:04:19 GMT
server
openresty/1.15.8.2
x-amz-cf-pop
FRA56-C2
etag
W/"60829ba3-11f7"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
via
1.1 2e4a0520ad8fe16707823b20e9441e09.cloudfront.net (CloudFront)
date
Wed, 28 Apr 2021 11:38:45 GMT
content-security-policy
default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://cloud.typography.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
x-amz-cf-id
HRSR907lr2esmeWkiPk1QceXPU3JqyADgXxTlXh_02oR-28CA5T9xw==
gtm.js
www.googletagmanager.com/ 		96 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=G-MHGX8N9D52
Requested by
Host: aha.youearnedit.com
URL: https://aha.youearnedit.com/users/sign_in?&redirectTo=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vIy9Qcm9maWxlL0ZlZWRiYWNrL1NlbGZFdmFsU3RhcnQvMTg2YjNlNTAtOWUxNy0xMWViLTliNzEtMzc5ZTYzOGEyYjc5P2dpZD0xNWE5NTI0MC0yZDk0LTExZWItOTE1ZS1jN2U1MWY2OGEyODQ%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8c05e993da3b8c1b5b72547358e7fe834b0231992db348b696beb53f6facd99b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://aha.youearnedit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 11:38:44 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37380
x-xss-protection
0
expires
Wed, 28 Apr 2021 11:38:44 GMT
kazoo-login-pattern.svg
d2y682l68cpwit.cloudfront.net/yei/images/default/layout/ 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2y682l68cpwit.cloudfront.net/yei/images/default/layout/kazoo-login-pattern.svg
Requested by
Host: d2y682l68cpwit.cloudfront.net
URL: https://d2y682l68cpwit.cloudfront.net/assets/login-dadecbe417beb6269dedf1c7dff7b3a6331f3dc5979a06f4468a2157ddb44e44.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b200:5:54af:3940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.15.8.2 /
Resource Hash
7739af94eaf7fceeeaf2467222d3d5a4211ec3a820ee54f02a490a5347e0021e
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://cloud.typography.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000

Request headers

Referer
https://d2y682l68cpwit.cloudfront.net/assets/login-dadecbe417beb6269dedf1c7dff7b3a6331f3dc5979a06f4468a2157ddb44e44.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
content-encoding
gzip
last-modified
Fri, 23 Apr 2021 10:04:19 GMT
server
openresty/1.15.8.2
x-amz-cf-pop
FRA56-C2
etag
W/"60829ba3-1ada"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
via
1.1 2e4a0520ad8fe16707823b20e9441e09.cloudfront.net (CloudFront)
date
Wed, 28 Apr 2021 11:38:45 GMT
content-security-policy
default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://cloud.typography.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
x-amz-cf-id
Xq1pn8kCsV6fz_0D-qFImc3pPnwCdRrKwnlSxvbxCAm9dSWtu0Oh5w==
nr-1208.min.js
js-agent.newrelic.com/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1208.min.js
Requested by
Host: aha.youearnedit.com
URL: https://aha.youearnedit.com/users/sign_in?&redirectTo=aHR0cHM6Ly9hcHAuaGlnaGdyb3VuZC5jb20vIy9Qcm9maWxlL0ZlZWRiYWNrL1NlbGZFdmFsU3RhcnQvMTg2YjNlNTAtOWUxNy0xMWViLTliNzEtMzc5ZTYzOGEyYjc5P2dpZD0xNWE5NTI0MC0yZDk0LTExZWItOTE1ZS1jN2U1MWY2OGEyODQ%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f

Request headers

Referer
https://aha.youearnedit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
RGJXhnJ2IqU3nLrOoxetOoKLCG4kx4sX
content-encoding
gzip
etag
"1a71e4208296f97b465116492f59124d"
x-amz-request-id
GFCX84XM118VT8VB
x-cache
HIT
content-length
11777
x-amz-id-2
0I6HKjtYUwUGM7rXwEsdtxplelcduIoMZugBIgQyyc+jv9E44vPitgTVQTJGMEdiiAo0wBheaf4=
x-served-by
cache-hhn4025-HHN
last-modified
Wed, 10 Mar 2021 16:24:28 GMT
server
AmazonS3
x-timer
S1619609925.170346,VS0,VE1
date
Wed, 28 Apr 2021 11:38:45 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
19547
js
www.googletagmanager.com/gtag/ 		117 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MHGX8N9D52&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=G-MHGX8N9D52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f9412937e4812b405b035bcf0b5be8b4188a2aaf502b55fdd7eaaf0cb5d045db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://aha.youearnedit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 11:38:45 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46160
x-xss-protection
0
expires
Wed, 28 Apr 2021 11:38:45 GMT
f2f9e9e31a
bam-cell.nr-data.net/1/ 		57 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/f2f9e9e31a?a=206838229&v=1208.49599aa&to=JVtXEUpbWw5cQUxAVhVHUApWRxgMXEQ%3D&rst=2236&ck=1&ref=https://aha.youearnedit.com/users/sign_in&ap=19&be=1620&fe=2176&dc=1775&perf=%7B%22timing%22:%7B%22of%22:1619609922969,%22n%22:0,%22f%22:1190,%22dn%22:1190,%22dne%22:1190,%22c%22:1190,%22s%22:1215,%22ce%22:1450,%22rq%22:1450,%22rp%22:1611,%22rpe%22:1682,%22dl%22:1614,%22di%22:1775,%22ds%22:1775,%22de%22:1782,%22dc%22:2175,%22l%22:2175,%22le%22:2177%7D,%22navigation%22:%7B%7D%7D&fp=1780&fcp=1780&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer
https://aha.youearnedit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 11:38:45 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
CF-Ray
64700190b8e50c85-AMS
cf-request-id
09b9df4e6e00000c85a803d000000001
Expires
Thu, 01 Jan 1970 00:00:00 GMT
f2f9e9e31a
bam-cell.nr-data.net/events/1/ 		24 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/events/1/f2f9e9e31a?a=206838229&v=1208.49599aa&to=JVtXEUpbWw5cQUxAVhVHUApWRxgMXEQ%3D&rst=12236&ck=1&ref=https://aha.youearnedit.com/users/sign_in
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://aha.youearnedit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 28 Apr 2021 11:38:55 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://aha.youearnedit.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
CF-Ray
647001cf3a660c85-AMS
Content-Length
24
cf-request-id
09b9df758000000c853e25c000000001

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require function| $ function| jQuery object| jQuery112405206653349597112 function| webpackJsonp object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| React object| jQuery111102859468465177497 function| _ function| underscore object| yei object| dataLayer object| google_tag_manager function| onYouTubeIframeAPIReady

1 Cookies

Domain/Path Name / Value
aha.youearnedit.com/ Name: _session_id
Value: 16d92b22f596233f6341f2544f2c5d82

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://cloud.typography.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block