hrhero.blr.com Open in urlscan Pro
64.207.100.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://links.e.ap.blr-direct.mkt8064.com/ctt?kn=3&ms=MTcwMDAzNTkS1&r=MTg2ODM1NTk4Njk5S0&b=0&j=MTgyMTUyMTk3OAS2&mt=1&rt=0
Effective URL:
https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=...
Submission: On February 26 via manual (February 26th 2020, 3:09:32 pm UTC) from US

Summary HTTP 74 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 32 IPs in 7 countries across 28 domains to perform 74 HTTP transactions. The main IP is 64.207.100.80, located in United States and belongs to RECOL-CT, US. The main domain is hrhero.blr.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 2nd 2018. Valid for: 2 years.

This is the only time hrhero.blr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	74.112.69.44 74.112.69.44	19795 (SILVERPOP...) (SILVERPOP-ATL)
27	64.207.100.80 64.207.100.80	11598 (RECOL-CT) (RECOL-CT)
2	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE)
2	143.204.202.100 143.204.202.100	16509 (AMAZON-02) (AMAZON-02)
2 3	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
1	64.207.100.87 64.207.100.87	11598 (RECOL-CT) (RECOL-CT)
1	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
8	2606:4700:20:... 2606:4700:20::681a:216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.112.69.162 74.112.69.162	19795 (SILVERPOP...) (SILVERPOP-ATL)
1	2a00:1450:400... 2a00:1450:4001:821::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1	23.21.91.243 23.21.91.243	14618 (AMAZON-AES) (AMAZON-AES)
1	35.227.192.113 35.227.192.113	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2010	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	74.112.69.43 74.112.69.43	19795 (SILVERPOP...) (SILVERPOP-ATL)
1 5	23.210.248.216 23.210.248.216	16625 (AKAMAI-AS) (AKAMAI-AS)
15 18	52.210.116.206 52.210.116.206	16509 (AMAZON-02) (AMAZON-02)
2 2	52.59.74.203 52.59.74.203	16509 (AMAZON-02) (AMAZON-02)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 2	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
1	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY)
1 2	52.57.79.171 52.57.79.171	16509 (AMAZON-02) (AMAZON-02)
1 2	35.157.239.183 35.157.239.183	16509 (AMAZON-02) (AMAZON-02)
1	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.190.72.21 35.190.72.21	15169 (GOOGLE) (GOOGLE)
1 2	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
74	32

1 74.112.69.44 (United States) 1 redirects

ASN19795 (SILVERPOP-ATL, US)
PTR: recp.rm02.net

links.e.ap.blr-direct.mkt8064.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 64.207.100.80 (United States)

ASN11598 (RECOL-CT, US)

hrhero.blr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.202.100 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-100.fra53.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.22.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.207.100.87 (United States)

ASN11598 (RECOL-CT, US)
PTR: www.blr.com

www.blr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:216 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.112.69.162 (United States)

ASN19795 (SILVERPOP-ATL, US)
PTR: mta2162.silverpop.net

www.sc.pages02.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.91.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-91-243.compute-1.amazonaws.com

sample-api-v2.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.192.113 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 113.192.227.35.bc.googleusercontent.com

api.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.112.69.43 (United States)

ASN19795 (SILVERPOP-ATL, US)
PTR: pages02.net

www.pages02.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.210.248.216 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-216.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.210.116.206 (Dublin, Ireland) 15 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-116-206.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.74.203 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.164 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.31 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::2000 (United Kingdom) 1 redirects

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.79.171 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-79-171.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.239.183 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-239-183.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.250 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 21.72.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	blr.com hrhero.blr.com www.blr.com	627 KB
22	adroll.com 15 redirects s.adroll.com d.adroll.com	24 KB
9	lytics.io c.lytics.io api.lytics.io	38 KB
4	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	2 KB
3	yahoo.com 2 redirects ups.analytics.yahoo.com ads.yahoo.com	2 KB
3	gstatic.com fonts.gstatic.com	27 KB
2	openx.net 1 redirects us-u.openx.net	499 B
2	bidswitch.net 1 redirects x.bidswitch.net	910 B
2	3lift.com 1 redirects eb2.3lift.com	739 B
2	outbrain.com 1 redirects sync.outbrain.com	807 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com	816 B
2	google-analytics.com 1 redirects ssl.google-analytics.com	17 KB
2	pages02.net www.sc.pages02.net www.pages02.net	6 KB
2	crazyegg.com script.crazyegg.com sample-api-v2.crazyegg.com	45 KB
2	googleapis.com fonts.googleapis.com storage.googleapis.com	7 KB
2	driftt.com js.driftt.com	45 KB
2	googletagmanager.com www.googletagmanager.com	49 KB
1	rlcdn.com idsync.rlcdn.com	62 B
1	adnxs.com ib.adnxs.com	881 B
1	taboola.com trc.taboola.com	280 B
1	pubmatic.com simage2.pubmatic.com	1010 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	136 B
1	google.de www.google.de	110 B
1	google.com www.google.com	122 B
1	googleadservices.com www.googleadservices.com	10 KB
1	mkt8064.com 1 redirects links.e.ap.blr-direct.mkt8064.com	307 B
74	28

	Domain	Requested by
27	hrhero.blr.com	hrhero.blr.com
17	d.adroll.com	14 redirects
8	c.lytics.io	www.googletagmanager.com c.lytics.io hrhero.blr.com
5	s.adroll.com	1 redirects hrhero.blr.com s.adroll.com
3	fonts.gstatic.com	hrhero.blr.com
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects
2	x.bidswitch.net	1 redirects
2	eb2.3lift.com	1 redirects
2	sync.outbrain.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	pixel.advertising.com	2 redirects
2	ssl.google-analytics.com	1 redirects www.blr.com
2	js.driftt.com	hrhero.blr.com js.driftt.com
2	www.googletagmanager.com	hrhero.blr.com
1	idsync.rlcdn.com
1	ib.adnxs.com
1	trc.taboola.com
1	ads.yahoo.com	1 redirects
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	d.adroll.mgr.consensu.org	1 redirects
1	www.pages02.net
1	stats.g.doubleclick.net	hrhero.blr.com
1	storage.googleapis.com	c.lytics.io
1	api.lytics.io	c.lytics.io
1	sample-api-v2.crazyegg.com	script.crazyegg.com
1	www.google.de	hrhero.blr.com
1	www.google.com	hrhero.blr.com
1	www.sc.pages02.net	www.googletagmanager.com
1	script.crazyegg.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.blr.com	hrhero.blr.com
1	fonts.googleapis.com	hrhero.blr.com
1	www.googleadservices.com	www.googletagmanager.com
1	links.e.ap.blr-direct.mkt8064.com	1 redirects
74	37

This site contains links to these domains. Also see Links.

Domain
www.blr.com
hero.blr.com
handbookbuilder.blr.com
flsa.smarthrmanager.com
www.hrhero.com
webinarpassports.blr.com
freetrial.blr.com
interactive.blr.com
www.simplifycompliance.com

Subject Issuer	Validity	Valid
*.blr.com Go Daddy Secure Certificate Authority - G2	`2018-05-02` - `2020-05-17`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
drift.com Amazon	`2019-10-03` - `2020-11-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-10` - `2020-10-09`	a year	crt.sh
ssl945600.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-28` - `2020-08-05`	6 months	crt.sh
*.silverpop.com DigiCert SHA2 Secure Server CA	`2017-08-02` - `2020-08-06`	3 years	crt.sh
www.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2018-06-08` - `2020-08-05`	2 years	crt.sh
*.lytics.io DigiCert ECC Secure Server CA	`2019-10-22` - `2020-10-26`	a year	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2019-11-06` - `2020-12-06`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-02-13` - `2020-08-11`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-02-14` - `2020-07-25`	5 months	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2019-04-17` - `2020-05-04`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh

This page contains 2 frames:

Primary Page: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Frame ID: 4A2A0FB750DE6DCAD5980D377E0E9DE1
Requests: 73 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: 7D15029FEEFA51A87C73E63601E207B3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://links.e.ap.blr-direct.mkt8064.com/ctt?kn=3&ms=MTcwMDAzNTkS1&r=MTg2ODM1NTk4Njk5S0&b=0&j=MTgyMTUyMTk3OAS2&mt=1&rt=0 HTTP 302
https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

74
Requests

100 %
HTTPS

34 %
IPv6

28
Domains

37
Subdomains

32
IPs

7
Countries

894 kB
Transfer

1690 kB
Size

18
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blr.com/
Title: BLR

Search URL Search Domain Scan URL

URL: https://hero.blr.com/hr/login
Title: HR Hero Suite

Search URL Search Domain Scan URL

URL: https://handbookbuilder.blr.com/Login.aspx
Title: Employee Handbook Builder

Search URL Search Domain Scan URL

URL: https://hero.blr.com/hr/login/jdm
Title: Job Description Manager

Search URL Search Domain Scan URL

URL: https://hero.blr.com/hr/login/hotline
Title: HR Hotline

Search URL Search Domain Scan URL

URL: https://hero.blr.com/hr/login/slcb
Title: State Law Chart Builder

Search URL Search Domain Scan URL

URL: https://flsa.smarthrmanager.com/Login.aspx?webSyncID=8842e7c1-d7cd-5ded-d0a3-e7770bb1a51c&sessionGUID=be5483a7-c017-0151-d9e2-3a55d951c6b0&spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Title: FLSA Audit Tool

Search URL Search Domain Scan URL

URL: https://www.hrhero.com/login/?test53&webSyncID=8842e7c1-d7cd-5ded-d0a3-e7770bb1a51c&sessionGUID=be5483a7-c017-0151-d9e2-3a55d951c6b0&spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Title: HR Hero Newsletters

Search URL Search Domain Scan URL

URL: https://webinarpassports.blr.com/#/login
Title: Webinar Passports

Search URL Search Domain Scan URL

URL: https://freetrial.blr.com/hrhero/Free-Trial/s1
Title: Free Trial

Search URL Search Domain Scan URL

URL: https://interactive.blr.com/hrhero-demo-request
Title: Request a Demo

Search URL Search Domain Scan URL

URL: http://www.simplifycompliance.com/
Title: Simplify Compliance

Search URL Search Domain Scan URL

URL: https://www.blr.com/About/Legal-Terms
Title: BLR Terms & Conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://links.e.ap.blr-direct.mkt8064.com/ctt?kn=3&ms=MTcwMDAzNTkS1&r=MTg2ODM1NTk4Njk5S0&b=0&j=MTgyMTUyMTk3OAS2&mt=1&rt=0 HTTP 302
https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=685968329&utmhn=hrhero.blr.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=HR%20Hero&utmhid=295313570&utmr=-&utmp=%2FSolutions%2FHR-Tools%2FFLSA-Audit%2FBenefits%3FspMailingID%3D17000359%26spUserID%3DMTg2ODM1NTk4Njk5S0%26spJobID%3D1821521978%26spReportId%3DMTgyMTUyMTk3OAS2&utmht=1582729755839&utmac=UA-42701306-1&utmcc=__utma%3D178666487.846950791.1582729756.1582729756.1582729756.1%3B%2B__utmz%3D178666487.1582729756.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1561115109&utmredir=1&utmu=qxAAAAAAAAAAAAAAAAAAAQAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42701306-1&cid=846950791.1582729756&jid=1561115109&_v=5.7.2&z=685968329

Request Chain 56

https://s.adroll.com/j/exp/DL5HTN5U6BATNMFQ3HCPZ7/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 58

https://d.adroll.mgr.consensu.org/consent/iabcheck/DL5HTN5U6BATNMFQ3HCPZ7?_s=57cae2221033c5911cd028255674782f&_b=2 HTTP 302
https://d.adroll.com/consent/check/DL5HTN5U6BATNMFQ3HCPZ7/?_s=57cae2221033c5911cd028255674782f&_b=2

Request Chain 59

https://d.adroll.com/pixel/DL5HTN5U6BATNMFQ3HCPZ7/PS645T6N2FB2HAY6PYQ7TA?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&pv=27576529566.167652&cookie=&adroll_s_ref=&keyw=&name=lytics_no_users&arrfrr=https%3A%2F%2Fhrhero.blr.com%2FSolutions%2FHR-Tools%2FFLSA-Audit%2FBenefits%3FspMailingID%3D17000359%26spUserID%3DMTg2ODM1NTk4Njk5S0%26spJobID%3D1821521978%26spReportId%3DMTgyMTUyMTk3OAS2 HTTP 302
https://s.adroll.com/pixel/DL5HTN5U6BATNMFQ3HCPZ7/PS645T6N2FB2HAY6PYQ7TA/W4N55GMBMJETZEGC65VJ5F.js

Request Chain 60

https://d.adroll.com/cm/aol/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7 HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPf4de2d4b-58a9-11ea-a94f-0608b7ec45f6 HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPf4de2d4b-58a9-11ea-a94f-0608b7ec45f6&verify=true

Request Chain 61

https://d.adroll.com/cm/index/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&expiration=1614265756 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&expiration=1614265756&C=1

Request Chain 62

https://d.adroll.com/cm/n/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&expires=365

Request Chain 63

https://d.adroll.com/cm/outbrain/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7 HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&rdrctExp=true

Request Chain 64

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 65

https://d.adroll.com/cm/r/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7 HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 66

https://d.adroll.com/cm/taboola/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7 HTTP 302
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg

Request Chain 67

https://d.adroll.com/cm/triplelift/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7 HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

Request Chain 68

https://d.adroll.com/cm/b/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg

Request Chain 69

https://d.adroll.com/cm/x/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7 HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg

Request Chain 70

https://d.adroll.com/cm/l/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7 HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=bc840b5559add7999785421d9b3be638

Request Chain 71

https://d.adroll.com/cm/o/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=bc840b5559add7999785421d9b3be638 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=bc840b5559add7999785421d9b3be638

Request Chain 72

https://d.adroll.com/cm/g/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=vIQLVVmt15mXhUIdmzvmOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=vIQLVVmt15mXhUIdmzvmOA&google_tc= HTTP 302
https://d.adroll.com/cm/g/in

74 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set Benefits Show response
hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/
Redirect Chain

http://links.e.ap.blr-direct.mkt8064.com/ctt?kn=3&ms=MTcwMDAzNTkS1&r=MTg2ODM1NTk4Njk5S0&b=0&j=MTgyMTUyMTk3OAS2&mt=1&rt=0
https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2

23 KB
23 KB

671ms
232ms

Document
text/html

64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to

Full URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 26961875e6634136b6a272d5ffe439b4492eb1e8d96e74faea231a2210564809

Request headers

Host: hrhero.blr.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: SOURCE=WHXX67; domain=blr.com; expires=Sat, 13-Jul-2047 14:09:14 GMT; path=/ EFFORT=A; domain=blr.com; expires=Sat, 13-Jul-2047 14:09:14 GMT; path=/ SRCEFF=WHXX67%2cA; domain=blr.com; expires=Sat, 13-Jul-2047 14:09:14 GMT; path=/
X-Powered-By: ASP.NET
Date: Wed, 26 Feb 2020 15:09:13 GMT
Content-Length: 23444

Redirect headers

Date: Wed, 26 Feb 2020 15:09:13 GMT
Location: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Content-Length: 0
Connection: close
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK DriftScript.js Show response
hrhero.blr.com/Scripts/TrackingCode/ 1 KB
1 KB 108ms
105ms Script
application/javascript 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to

Full URL: https://hrhero.blr.com/Scripts/TrackingCode/DriftScript.js
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b0a787d850fba61d76e23f63fa5c379e4528b5bae0c725bd624498f849b64451

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 15:09:13 GMT
Last-Modified: Fri, 06 Apr 2018 06:05:05 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "6edb4e356dcdd31:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1058

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 20ms
14ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1072088489

Requested by

Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d61c99a67aac1c3de433321f7405ac70fcee3dad20317fc95bd3b3b1b8961ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 15:09:14 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 28493
x-xss-protection: 0
expires: Wed, 26 Feb 2020 15:09:14 GMT

GET
H/1.1 200
OK style.css
hrhero.blr.com/Content/ 38 KB
8 KB 216ms
107ms Stylesheet
text/css 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to

Full URL: https://hrhero.blr.com/Content/style.css
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1ec8fc9bccfa62fa81245d7b97a021d216099d620d9b5f9aef17547c82c8b5ac

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Wed, 26 Feb 2020 15:09:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Jun 2018 12:21:15 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80efae8323ad41:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 8203

GET
H/1.1 200
OK grid-only.css
hrhero.blr.com/Content/ 5 KB
1 KB 311ms
105ms Stylesheet
text/css 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to

Full URL: https://hrhero.blr.com/Content/grid-only.css
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 27cfc082d3c2ad094d4d95307ad8791a403c88a9cceb92f18448c90f3129983b

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2017 09:51:40 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "05e4ffc896ad31:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 981

GET
H/1.1 200
OK jquery.bxslider.css
hrhero.blr.com/Content/ 4 KB
1 KB 319ms
111ms Stylesheet
text/css 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to

Full URL: https://hrhero.blr.com/Content/jquery.bxslider.css
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5f09d0caafd9a408599d4cb769a30a6ac687020d639e85413e1a688a87b65583

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Jan 2018 10:03:30 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0539c0c395d31:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1048

GET
H/1.1 200
OK modernizr-2.6.2.js Show response
hrhero.blr.com/Scripts/ 50 KB
16 KB 416ms
207ms Script
application/javascript 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to

Full URL: https://hrhero.blr.com/Scripts/modernizr-2.6.2.js
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a06c8a7e392e128a69c6b160cd54d613191a3446f24c8adff3cb93d916fc8fe7

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2017 09:48:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0438681896ad31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 16109

GET
H/1.1 200
OK jquery-1.12.4.js Show response
hrhero.blr.com/Scripts/ 287 KB
86 KB 411ms
203ms Script
application/javascript 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to

Full URL: https://hrhero.blr.com/Scripts/jquery-1.12.4.js
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Jan 2018 06:32:53 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80d8b83ef85d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 87647

GET
H/1.1 200
OK common.js Show response
hrhero.blr.com/Scripts/ 3 KB
1 KB 317ms
108ms Script
application/javascript 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to

Full URL: https://hrhero.blr.com/Scripts/common.js
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 39f042811c8f12b2881c59e844814cc7bc1a84413e13202702b296a08fdf6dca

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 May 2018 09:18:30 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0773ad9adf1d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 918

GET
H/1.1 200
OK jquery.bxslider.js Show response
hrhero.blr.com/Scripts/ 51 KB
12 KB 323ms
108ms Script
application/javascript 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to

Full URL: https://hrhero.blr.com/Scripts/jquery.bxslider.js
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4271465f637a5d87431c2504847d2acce57611e5f0b2f7a8320ce045c13f422c

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Apr 2018 05:27:12 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b8133c68d8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 12009

GET
H/1.1 200
OK respond.js Show response
hrhero.blr.com/Scripts/ 10 KB
4 KB 460ms
151ms Script
application/javascript 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to

Full URL: https://hrhero.blr.com/Scripts/respond.js
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a7feb98d9c090a98afc16e406ce612938fa28e089ddc6a353fefa92c54afd496

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2017 09:48:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0438681896ad31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 4164

GET
H/1.1 200
OK HRHero-Logo-2018-no-tagline-140-80.png
hrhero.blr.com/app_repository/HRHeroMarketing/ 9 KB
9 KB 204ms
203ms Image
image/png 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hrhero.blr.com/app_repository/HRHeroMarketing/HRHero-Logo-2018-no-tagline-140-80.png
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b565adb6baca71e86b6427cee9cf6a0a96e32f8e0fa71ec9b8c2e9702bc2a063

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Last-Modified: Tue, 10 Apr 2018 13:05:25 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "9aa82e97ccd0d31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 9120

GET
H/1.1 200
OK blank.png
hrhero.blr.com/images/ 4 KB
4 KB 230ms
229ms Image
image/png 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hrhero.blr.com/images/blank.png
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 586ae03c677e0c5cf124935474aebf3a2359dd32a652e056fdd92126c9dcb769

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Last-Modified: Thu, 18 Jan 2018 06:47:56 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "14ce75452890d31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3647

GET
H/1.1 200
OK 4e21fda9_fb4f_4c51_9b5b_344bae103781_circle_img10.png
hrhero.blr.com/app_repository/HRHeroMarketing/ 11 KB
11 KB 109ms
109ms Image
image/png 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hrhero.blr.com/app_repository/HRHeroMarketing/4e21fda9_fb4f_4c51_9b5b_344bae103781_circle_img10.png
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0de385dc56b8889a904022c1cd15cf4dd8ec4973ba2305a87344bf891d46219e

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Last-Modified: Fri, 29 Dec 2017 07:26:20 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "7e43e5527680d31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11291

GET
H/1.1 200
OK 30c585bc_3d92_41f7_ab71_2443a431be92_circle_img11.png
hrhero.blr.com/app_repository/HRHeroMarketing/ 9 KB
9 KB 109ms
108ms Image
image/png 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hrhero.blr.com/app_repository/HRHeroMarketing/30c585bc_3d92_41f7_ab71_2443a431be92_circle_img11.png
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 308d924fbc7251159e42c2f022c734ebf94ea41ebcd1f158a3e0d699867d6b79

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Last-Modified: Fri, 29 Dec 2017 07:26:39 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "8632e75d7680d31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 9016

GET
H/1.1 200
OK b3c7de78_9491_4f0c_9331_58c22f198a8b_circle_img5.png
hrhero.blr.com/app_repository/HRHeroMarketing/ 9 KB
10 KB 108ms
108ms Image
image/png 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hrhero.blr.com/app_repository/HRHeroMarketing/b3c7de78_9491_4f0c_9331_58c22f198a8b_circle_img5.png
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5cab6e53740d8ef4d8a248cb8d85f164eef1648897e6b21270048dd523ae5925

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Last-Modified: Fri, 29 Dec 2017 07:27:01 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "d1f5d96a7680d31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 9669

GET
H/1.1 200
OK 446760c8_fb8e_488a_b359_b40e922a7609_circle_img12.png
hrhero.blr.com/app_repository/HRHeroMarketing/ 9 KB
9 KB 112ms
110ms Image
image/png 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hrhero.blr.com/app_repository/HRHeroMarketing/446760c8_fb8e_488a_b359_b40e922a7609_circle_img12.png
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 52268e48db860470d396f61026c56e9f098a0620506f946f062e8edf4ad05871

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Last-Modified: Fri, 29 Dec 2017 07:27:26 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "8f40e3797680d31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 9336

GET
H/1.1 200
OK af2d3de9_eda3_4045_8f23_cc79dee567bd_circle_img2.png
hrhero.blr.com/app_repository/HRHeroMarketing/ 7 KB
8 KB 113ms
111ms Image
image/png 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hrhero.blr.com/app_repository/HRHeroMarketing/af2d3de9_eda3_4045_8f23_cc79dee567bd_circle_img2.png
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: bc69f82bcab57d1afe3f4755dbcf41709c0523fcb1b69d59b807aad09dd3bb18

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Last-Modified: Fri, 29 Dec 2017 07:27:47 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "568e53867680d31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 7567

GET
H/1.1 200
OK 61e4a988_609e_4812_9597_36f12fe2cc09_circle_img13.png
hrhero.blr.com/app_repository/HRHeroMarketing/ 11 KB
11 KB 112ms
110ms Image
image/png 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hrhero.blr.com/app_repository/HRHeroMarketing/61e4a988_609e_4812_9597_36f12fe2cc09_circle_img13.png
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a34e3651756e3ab86987f3575cf94e2e528d22a12286bac0096daa30d3d3f856

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Last-Modified: Fri, 29 Dec 2017 07:28:06 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "9269a917680d31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10850

GET
H/1.1 200
OK 39196-HRHero-Site-BLR-footer-logo_4f49f16a-7ca8-41b3-9b25-cdd044ac6005.svg
hrhero.blr.com/app_repository/HRHeroMarketing/ 9 KB
9 KB 113ms
111ms Image
image/svg+xml 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hrhero.blr.com/app_repository/HRHeroMarketing/39196-HRHero-Site-BLR-footer-logo_4f49f16a-7ca8-41b3-9b25-cdd044ac6005.svg
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0e30f87356d5fb319e3b15be6cb500ab55a3c8356dd8743f8832b2cc7200bab3

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Last-Modified: Wed, 30 Jan 2019 19:16:26 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "af65e04bd0b8d41:0"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 8808

GET
H/1.1 200
OK 39196-HRHero-Site-back-to-top-icon.svg
hrhero.blr.com/images/ 491 B
742 B 104ms
104ms Image
image/svg+xml 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hrhero.blr.com/images/39196-HRHero-Site-back-to-top-icon.svg
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: add9c5e2d3fe699f7cf6439f066ed77fe1d18111a37ad867bc563b05a1e89cb1

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Last-Modified: Fri, 01 Dec 2017 09:52:21 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "bd8cc1148a6ad31:0"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 491

GET
H/1.1 200
OK Adroll.js Show response
hrhero.blr.com/Scripts/TrackingCode/ 1 KB
1 KB 143ms
142ms Script
application/javascript 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to

Full URL: https://hrhero.blr.com/Scripts/TrackingCode/Adroll.js
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a0b2ebb9829ca6a0f3ad0aab8e311effb615508f0ff09c03a7c3c732f6169a71

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Last-Modified: Fri, 06 Apr 2018 06:05:05 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "2ece4b356dcdd31:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1080

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 60 KB
21 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T7Q9W2T

Requested by

Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ded2330a66268d60303a301b785cb47a17b252c3a180a83bdaa43b523480c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 15:09:15 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 21524
x-xss-protection: 0
expires: Wed, 26 Feb 2020 15:09:15 GMT

GET
H2 200 cbgsvmi49bi5.js Show response
js.driftt.com/include/1582729800000/ 136 KB
45 KB 509ms
490ms Script
application/javascript 143.204.202.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1582729800000/cbgsvmi49bi5.js

Requested by

Host: hrhero.blr.com
URL: https://hrhero.blr.com/Scripts/TrackingCode/DriftScript.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.202.100 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-202-100.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

eb1bd595c36a9da5b069834dfccb512a186a280e1a9e4c14bb074d41fcf03707

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 15:09:07 GMT
content-encoding: gzip
age: 8
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
last-modified: Wed, 26 Feb 2020 14:55:52 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NImg6mtr7MMmY_TmmPjGfJlQj7fJ4kVkans2XP6CEtgta7DPoufRKQ==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 18ms
16ms Script
text/javascript 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1072088489

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

e613df9aa843851d019cc12e6184972311e2229c14299d2f6c80f4aadf2d844a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 15:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9931
x-xss-protection: 0
server: cafe
etag: 9478280665056484852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 26 Feb 2020 15:09:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
837 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d00255a582d67e7d1061097b97f939b3d4e4bd48c31e6e0fd1cdf3d2f271ab63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Feb 2020 15:09:14 GMT
server: ESF
date: Wed, 26 Feb 2020 15:09:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Feb 2020 15:09:14 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: hrhero.blr.com
URL: https://hrhero.blr.com/Scripts/modernizr-2.6.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Origin: https://hrhero.blr.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 04:10:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
age: 2285932
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9180
x-xss-protection: 0
expires: Sat, 30 Jan 2021 04:10:22 GMT

GET
H/1.1 200
OK 40111_sliders_worry_055a3b34_7ca3_4c0c_be6b_4ceab29c69f6.jpg
hrhero.blr.com/app_repository/HRHeroMarketing/ 39 KB
39 KB 130ms
110ms Image
image/jpeg 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hrhero.blr.com/app_repository/HRHeroMarketing/40111_sliders_worry_055a3b34_7ca3_4c0c_be6b_4ceab29c69f6.jpg
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3ac786e449101a4a0bf73f13056c778b55ce9e2bb14483b83e44ba15520055f

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Last-Modified: Sat, 24 Feb 2018 13:28:02 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "1bb59b4b73add31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 39465

GET
H/1.1 200
OK 40111_sliders_risk_dca84147_e989_4313_aa2e_5083a696662d.jpg
hrhero.blr.com/app_repository/HRHeroMarketing/ 39 KB
39 KB 191ms
111ms Image
image/jpeg 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hrhero.blr.com/app_repository/HRHeroMarketing/40111_sliders_risk_dca84147_e989_4313_aa2e_5083a696662d.jpg
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 69acc892084052d24e7ae88bdc4653f9bce55b21cff15020fde183993cebdba1

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Last-Modified: Sat, 24 Feb 2018 13:27:53 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "671734673add31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 39831

GET
H/1.1 200
OK Slider3_FLSAAT_1920-no-button_276.png
hrhero.blr.com/app_repository/HRHeroMarketing/ 303 KB
303 KB 218ms
119ms Image
image/png 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hrhero.blr.com/app_repository/HRHeroMarketing/Slider3_FLSAAT_1920-no-button_276.png
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8a011616be05144ad65f487743cb5484267e6ad190e002651e50773a3ad817df

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Last-Modified: Thu, 16 Aug 2018 17:55:11 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "f6e915478a35d41:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 310118

GET
H/1.1 200
OK text_check_img.png
hrhero.blr.com/images/ 1 KB
1 KB 131ms
130ms Image
image/png 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hrhero.blr.com/images/text_check_img.png
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7a538349a6487ff8a14ee87c50184fb305a7f9b0dd8a2842b5c6043082a1e348

Request headers

Referer: https://hrhero.blr.com/Content/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Last-Modified: Fri, 01 Dec 2017 09:52:21 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "a3293158a6ad31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1097

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Origin: https://hrhero.blr.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 01 Feb 2020 19:32:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 2144181
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9080
x-xss-protection: 0
expires: Sun, 31 Jan 2021 19:32:54 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Origin: https://hrhero.blr.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 30 Jan 2020 02:11:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 2379438
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Fri, 29 Jan 2021 02:11:57 GMT

GET
H/1.1 200
OK gas-1.10.1.min.js Show response
www.blr.com/js/ 16 KB
6 KB 534ms
102ms Script
application/javascript 64.207.100.87
RECOL-CT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blr.com/js/gas-1.10.1.min.js
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.87 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS: www.blr.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a8b596c45d5ca3966a960397e387573fdf418c19b863a6cc3474a916282ca24a

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 15:09:15 GMT
Content-Encoding: gzip
ETag: "8068a4453264d11:0"
Last-Modified: Wed, 10 Feb 2016 18:38:45 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5614

GET
H/1.1 200
OK left-arrow.svg
hrhero.blr.com/images/ 929 B
1 KB 184ms
105ms Image
image/svg+xml 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hrhero.blr.com/images/left-arrow.svg
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Scripts/jquery-1.12.4.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7324671b54b5f316fae2cfa8861cd6bd7f1670619eb709b77dff3dba77328f04

Request headers

Referer: https://hrhero.blr.com/Content/jquery.bxslider.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Last-Modified: Fri, 01 Dec 2017 09:52:21 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "21daf0148a6ad31:0"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 929

GET
H/1.1 200
OK right-arrow.svg
hrhero.blr.com/images/ 931 B
1 KB 185ms
106ms Image
image/svg+xml 64.207.100.80
RECOL-CT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hrhero.blr.com/images/right-arrow.svg
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Scripts/jquery-1.12.4.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 64.207.100.80 , United States, ASN11598 (RECOL-CT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 02b241c7659734bf808f105da18b7ff6eecdf94221625d0c0dc236452f5e23b4

Request headers

Referer: https://hrhero.blr.com/Content/jquery.bxslider.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 15:09:14 GMT
Last-Modified: Fri, 01 Dec 2017 09:52:21 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "8288fb148a6ad31:0"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 931

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072088489/ 2 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072088489/?random=1582729755319&cv=9&fst=1582729755319&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2c0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhrhero.blr.com%2FSolutions%2FHR-Tools%2FFLSA-Audit%2FBenefits%3FspMailingID%3D17000359%26spUserID%3DMTg2ODM1NTk4Njk5S0%26spJobID%3D1821521978%26spReportId%3DMTgyMTUyMTk3OAS2&tiba=HR%20Hero&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8f1d27119c0bdd833d5d301179da883288e98a83fbc85c5c793dde5110fbc72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Wed, 26 Feb 2020 15:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1120
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lio.js Show response
c.lytics.io/api/tag/5b487d7344896314cb844385751b12e4/ 45 KB
11 KB 14ms
14ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/api/tag/5b487d7344896314cb844385751b12e4/lio.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7Q9W2T
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a29160e83c6e2d3b45fba15ee59ee4483a019009761e77b92367ca9119c6ed84

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 15:09:15 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 629
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
content-encoding: br
cache-control: max-age=7200
cf-ray: 56b2d6cadc5d178e-FRA
access-control-allow-origin: *

GET
H2 200 8274.js Show response
script.crazyegg.com/pages/scripts/0085/ 148 KB
45 KB 14ms
13ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0085/8274.js?439647
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7Q9W2T
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25a533df8eb572b34a2e52b480fcdec9d4e89c97011b185ea323038bca8a2c1e

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 15:09:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 21 Feb 2020 18:30:15 GMT
server: cloudflare
age: 419676
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 56b2d6cade09d6c1-FRA
access-control-allow-origin: *
content-length: 45575

GET
H/1.1 200
OK iMAWebCookie.js Show response
www.sc.pages02.net/lp/static/js/ 14 KB
5 KB 448ms
112ms Script
text/javascript 74.112.69.162
SILVERPOP-ATL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sc.pages02.net/lp/static/js/iMAWebCookie.js?5bff7538-1533f3c6bcd-3f3d5eceea4051b7c82d96ba93c1b04e&h=www.pages02.net
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7Q9W2T
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.112.69.162 , United States, ASN19795 (SILVERPOP-ATL, US),
Reverse DNS: mta2162.silverpop.net
Software: Apache /
Resource Hash: 27a1e80167055f562f0ddda38620ec1f5a354c5ab795c75da16874f4095520f3

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 15:09:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Feb 2020 03:53:44 GMT
Server: Apache
ETag: "5c3d9fe-3772-59f728d0a91e1"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 5138

GET
H2 200 /
www.google.com/pagead/1p-user-list/1072088489/ 42 B
122 B 20ms
19ms Image
image/gif 2a00:1450:4001:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1072088489/?random=1582729755319&cv=9&fst=1582729200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhrhero.blr.com%2FSolutions%2FHR-Tools%2FFLSA-Audit%2FBenefits%3FspMailingID%3D17000359%26spUserID%3DMTg2ODM1NTk4Njk5S0%26spJobID%3D1821521978%26spReportId%3DMTgyMTUyMTk3OAS2&tiba=HR%20Hero&async=1&fmt=3&is_vtc=1&random=2931579641&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 26 Feb 2020 15:09:15 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1072088489/ 42 B
110 B 22ms
22ms Image
image/gif 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1072088489/?random=1582729755319&cv=9&fst=1582729200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhrhero.blr.com%2FSolutions%2FHR-Tools%2FFLSA-Audit%2FBenefits%3FspMailingID%3D17000359%26spUserID%3DMTg2ODM1NTk4Njk5S0%26spJobID%3D1821521978%26spReportId%3DMTgyMTUyMTk3OAS2&tiba=HR%20Hero&async=1&fmt=3&is_vtc=1&random=2931579641&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 26 Feb 2020 15:09:15 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 io.min.js Show response
c.lytics.io/static/v2/ 13 KB
6 KB 17ms
17ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/v2/io.min.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/5b487d7344896314cb844385751b12e4/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c0e0ca6ba3ee267ba14d39184efb68c958717fc6e58b528b700502c0aea5170

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 15:09:15 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 03 Dec 2019 23:11:46 GMT
server: cloudflare
age: 4003
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
content-encoding: br
cache-control: max-age=7200
cf-ray: 56b2d6cafcd9178e-FRA

GET
H/1.1 200
OK all Show response
sample-api-v2.crazyegg.com/n/858274/ 62 B
589 B 422ms
108ms XHR
text/html 23.21.91.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sample-api-v2.crazyegg.com/n/858274/all?v=7&user_script_version=1582309811

Requested by

Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0085/8274.js?439647

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.21.91.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-21-91-243.compute-1.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

31dbe8107188a4024e008ead881927d2a68d69845837fecc72b75dd445a337aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Origin: https://hrhero.blr.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 26 Feb 2020 15:09:15 GMT
X-Content-Type-Options: nosniff
Server: nginx/1.12.1
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Origin: *
Cache-control: no-cache="set-cookie"
Connection: keep-alive
Content-Length: 62
X-XSS-Protection: 1; mode=block

GET
H2 200 109027.59631035903 Show response
api.lytics.io/api/me/5b487d7344896314cb844385751b12e4/_uid/ 208 B
413 B 203ms
132ms Script
application/json 35.227.192.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.lytics.io/api/me/5b487d7344896314cb844385751b12e4/_uid/109027.59631035903?segments=true&mergestate=true&callback=window.lio.segmentscb&state=%7B%220%22%3A%22config%22%2C%221%22%3A%22AW-1072088489%22%2C%22gtm.start%22%3A1582729754565%2C%22event%22%3A%22gtm.js%22%2C%22gtm.uniqueEventId%22%3A4%2C%22_ts%22%3A1582729755378%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22hrhero.blr.com%2FSolutions%2FHR-Tools%2FFLSA-Audit%2FBenefits%3FspMailingID%3D17000359%26spUserID%3DMTg2ODM1NTk4Njk5S0%26spJobID%3D1821521978%26spReportId%3DMTgyMTUyMTk3OAS2%22%2C%22_uid%22%3A%22109027.59631035903%22%2C%22_v%22%3A%222.0.0%22%2C%22_e%22%3A%22pv%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A1%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_ca%22%3A%22jstag1%22%7D&ts=1582729755382
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/5b487d7344896314cb844385751b12e4/lio.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 35.227.192.113 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 113.192.227.35.bc.googleusercontent.com
Software: lytics.io 99ab7ce99ae3b2b6425decb53cc8c927d92891f6 /
Resource Hash: 91d83564971fc43aa6c0724780f7f45563a4d6b71f0710683ab767e60b0012bb

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 15:09:15 GMT
content-encoding: gzip
alt-svc: clear
server: lytics.io 99ab7ce99ae3b2b6425decb53cc8c927d92891f6
access-control-allow-origin
access-control-allow-methods: GET
content-type: application/json
status: 200
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
content-length: 170
via: 1.1 google

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 100 KB
20 KB 16ms
15ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/pathfora.min.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/5b487d7344896314cb844385751b12e4/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e659c400c6d55212aaa69a21d2fdc1cd0cab643bdd8af9370e1b935ff64b7b3

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 15:09:15 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 06 Dec 2019 22:40:59 GMT
server: cloudflare
age: 4803
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
content-encoding: br
cache-control: max-age=7200
cf-ray: 56b2d6cc798b178e-FRA

GET
H2 200 5b487d7344896314cb844385751b12e4
c.lytics.io/c/ 35 B
96 B 124ms
123ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/5b487d7344896314cb844385751b12e4?_ts=1582729755587&_nmob=t&_device=desktop&url=hrhero.blr.com%2FSolutions%2FHR-Tools%2FFLSA-Audit%2FBenefits%3FspMailingID%3D17000359%26spUserID%3DMTg2ODM1NTk4Njk5S0%26spJobID%3D1821521978%26spReportId%3DMTgyMTUyMTk3OAS2&_uid=109027.59631035903&_v=2.0.0&_e=pv&_sesstart=1&_tz=1&_ul=en-US&_sz=1600x1200&_ca=jstag1
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 26 Feb 2020 15:09:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 56b2d6cc798d178e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/5b487d7344896314cb844385751b12e4/ 35 B
96 B 121ms
120ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/5b487d7344896314cb844385751b12e4/default?gtm.start=1582729754565&event=gtm.js&gtm.uniqueEventId=4&_ts=1582729755590&_nmob=t&_device=desktop&url=hrhero.blr.com%2FSolutions%2FHR-Tools%2FFLSA-Audit%2FBenefits%3FspMailingID%3D17000359%26spUserID%3DMTg2ODM1NTk4Njk5S0%26spJobID%3D1821521978%26spReportId%3DMTgyMTUyMTk3OAS2&_uid=109027.59631035903&_v=2.0.0&_ca=jstag1
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 26 Feb 2020 15:09:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 56b2d6cc7992178e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/5b487d7344896314cb844385751b12e4/ 35 B
96 B 123ms
122ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/5b487d7344896314cb844385751b12e4/default?0=js&1=Wed%20Feb%2026%202020%2016%3A09%3A14%20GMT%2B0100%20(Central%20European%20Standard%20Time)&_ts=1582729755590&_nmob=t&_device=desktop&url=hrhero.blr.com%2FSolutions%2FHR-Tools%2FFLSA-Audit%2FBenefits%3FspMailingID%3D17000359%26spUserID%3DMTg2ODM1NTk4Njk5S0%26spJobID%3D1821521978%26spReportId%3DMTgyMTUyMTk3OAS2&_uid=109027.59631035903&_v=2.0.0&_ca=jstag1
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 26 Feb 2020 15:09:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 56b2d6cc7993178e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/5b487d7344896314cb844385751b12e4/ 35 B
164 B 121ms
120ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/5b487d7344896314cb844385751b12e4/default?0=config&1=AW-1072088489&_ts=1582729755591&_nmob=t&_device=desktop&url=hrhero.blr.com%2FSolutions%2FHR-Tools%2FFLSA-Audit%2FBenefits%3FspMailingID%3D17000359%26spUserID%3DMTg2ODM1NTk4Njk5S0%26spJobID%3D1821521978%26spReportId%3DMTgyMTUyMTk3OAS2&_uid=109027.59631035903&_v=2.0.0&_ca=jstag1
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 26 Feb 2020 15:09:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 56b2d6cc7994178e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 pfa_overrides.css
storage.googleapis.com/lioservices/2606-blr-workforce/ 5 KB
6 KB 26ms
7ms Stylesheet
text/css 2a00:1450:4001:81d::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/lioservices/2606-blr-workforce/pfa_overrides.css
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/5b487d7344896314cb844385751b12e4/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f7060c72bdf7b14037505582fe710e1457b48805a4e1c0ee603426d58c61430f

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 14:22:12 GMT
age: 2823
status: 200
x-guploader-uploadid: AEnB2UquTA3kmD1cTepiAirmm6lXo_LADs-lPcHuOdjWxYwLbUcMOcUW417UNuuyCOIetsBDSgQdGnleJNTyl7o8IAX7863vYQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5498
last-modified: Tue, 10 Sep 2019 15:15:30 GMT
server: UploadServer
etag: "14f1cb25eaaf907bdd769f29a1522788"
x-goog-hash: crc32c=z2ZO3g==, md5=FPHLJeqvkHvddp8poVIniA==
x-goog-generation: 1568128530453237
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5498
accept-ranges: bytes
content-type: text/css
expires: Wed, 26 Feb 2020 15:22:12 GMT

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/5b487d7344896314cb844385751b12e4/ 327 B
253 B 22ms
22ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/api/program/campaign/config/5b487d7344896314cb844385751b12e4/config.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/5b487d7344896314cb844385751b12e4/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b898de17f81ccfb5c25edb0cc1181213a542b312e5de7e6c4b217b49a4df6ede

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 15:09:15 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 625
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
content-encoding: br
cache-control: max-age=7200
cf-ray: 56b2d6ccaa1c178e-FRA
access-control-allow-origin: *

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.blr.com
URL: https://www.blr.com/js/gas-1.10.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3606
date: Wed, 26 Feb 2020 14:09:09 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17168
expires: Wed, 26 Feb 2020 16:09:09 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=685968329&utmhn=hrhero.blr.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=HR%20H...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42701306-1&cid=846950791.1582729756&jid=1561115109&_v=5.7.2&z=685968329

35 B
102 B

18ms
16ms

Image
image/gif

2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42701306-1&cid=846950791.1582729756&jid=1561115109&_v=5.7.2&z=685968329

Requested by

Host: hrhero.blr.com
URL: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Wed, 26 Feb 2020 15:09:15 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Feb 2020 15:09:15 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42701306-1&cid=846950791.1582729756&jid=1561115109&_v=5.7.2&z=685968329
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 369
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK event.jpeg
www.pages02.net/WTS/ 0
294 B 467ms
134ms Image
image/jpeg 74.112.69.43
SILVERPOP-ATL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pages02.net/WTS/event.jpeg?accesskey=5bff7538-1533f3c6bcd-3f3d5eceea4051b7c82d96ba93c1b04e&v=1.31&isNewSession=1&type=pageview&isNewVisitor=1&sessionGUID=be5483a7-c017-0151-d9e2-3a55d951c6b0&webSyncID=8842e7c1-d7cd-5ded-d0a3-e7770bb1a51c&url=https%3A%2F%2Fhrhero.blr.com%2FSolutions%2FHR-Tools%2FFLSA-Audit%2FBenefits%3FspMailingID%3D17000359%26spUserID%3DMTg2ODM1NTk4Njk5S0%26spJobID%3D1821521978%26spReportId%3DMTgyMTUyMTk3OAS2&newSiteVisit=1&hostname=hrhero.blr.com&pathname=%2FSolutions%2FHR-Tools%2FFLSA-Audit%2FBenefits&spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2&newPageVisit=1&eventKey=6acddc0a-7e07-20b9-b539-e0d99047396d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.112.69.43 , United States, ASN19795 (SILVERPOP-ATL, US),
Reverse DNS: pages02.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Wed, 26 Feb 2020 15:09:16 GMT
p3p: CP="CAO PSA OUR"
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
Connection: close
Content-Type: image/jpeg
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 index.html
js.driftt.com/deploy/assets/ Frame 7D15 0
0 42ms
42ms Document
text/html 143.204.202.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/index.html

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1582729800000/cbgsvmi49bi5.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.202.100 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-202-100.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /deploy/assets/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 894
server: nginx
last-modified: Wed, 26 Feb 2020 14:55:52 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 26 Feb 2020 15:09:16 GMT
etag: "c0ebf962ca63aeb3333a1e5b297bd2ca"
cache-control: max-age=10
x-cache: Hit from cloudfront
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: cklHbNXXu7GIsbdXOlf4P5jX5uxlmTPGP0WFLL7xcmtOnVXsC9bRrg==

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 34 KB
11 KB 24ms
7ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: hrhero.blr.com
URL: https://hrhero.blr.com/Scripts/TrackingCode/Adroll.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d468e0fa78d4289b15f6fe03d1a22f98203afce6e09d425a0c29441d431eb853

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: Y8FvrmiUrb79ZxwHFnBxKc9Udz4XzaTU
Content-Encoding: gzip
x-amz-request-id: 6B33D6C7A9C0DA0A
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Wed, 26 Feb 2020 15:09:16 GMT
Connection: keep-alive
Content-Length: 10739
x-amz-id-2: iqv6JPL9Z9R+29UIVEPsLMXFMum/FOBDEmcQEPBy+d9Ha4AaYTCI6L14mCK9xyiSlL4FZosRkqw=
Last-Modified: Wed, 19 Feb 2020 22:07:29 GMT
Server: AmazonS3
ETag: "c91ce4add98fc2605b9dfa3090440619"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/DL5HTN5U6BATNMFQ3HCPZ7/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

7ms
6ms

Script
application/javascript

23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: FcaZ9fQuufI0j2Jlie4e0Qn7iovsdj20
Content-Encoding: gzip
x-amz-request-id: 542B649F8C2045B8
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Wed, 26 Feb 2020 15:09:16 GMT
Connection: keep-alive
Content-Length: 48
x-amz-id-2: DOsr0QsmEs8inv5xEbtEM99LkzZmxHReydDBEYgZgMrqXcmRtZRZrRkYhwMOKl9cQcRMfOeMSqY=
Last-Modified: Fri, 21 Feb 2020 18:14:11 GMT
Server: AmazonS3
ETag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Wed, 26 Feb 2020 15:09:16 GMT
Server: AkamaiGHost
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/DL5HTN5U6BATNMFQ3HCPZ7/PS645T6N2FB2HAY6PYQ7TA/ 0
773 B 23ms
11ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/DL5HTN5U6BATNMFQ3HCPZ7/PS645T6N2FB2HAY6PYQ7TA/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: B85Iif2U37ubJZP7ocabiXFOzJTvJY4t
Content-Encoding: gzip
x-amz-request-id: B55A1FE216F184CF
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Wed, 26 Feb 2020 15:09:16 GMT
Connection: keep-alive
Content-Length: 20
x-amz-id-2: v5ml8tpn2d1dfDRFsvcSDqJr8tE5SI1cbiLJmvwe8bmF4cVysTZUdhreO42fKI/pHZlQo00ku9E=
Last-Modified: Wed, 26 Feb 2020 05:49:02 GMT
Server: AmazonS3
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/DL5HTN5U6BATNMFQ3HCPZ7/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/DL5HTN5U6BATNMFQ3HCPZ7?_s=57cae2221033c5911cd028255674782f&_b=2
https://d.adroll.com/consent/check/DL5HTN5U6BATNMFQ3HCPZ7/?_s=57cae2221033c5911cd028255674782f&_b=2

115 B
584 B

31ms
30ms

Script
application/javascript

52.210.116.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/DL5HTN5U6BATNMFQ3HCPZ7/?_s=57cae2221033c5911cd028255674782f&_b=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.116.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-116-206.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 9a39a748b4301cfbdcccd2bc67e3f2754ee19067e7b92cf7f43d81476bcd415d

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Feb 2020 15:09:16 GMT
server: nginx/1.16.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: application/javascript
content-length: 115

Redirect headers

status: 302
date: Wed, 26 Feb 2020 15:09:16 GMT
server: nginx/1.16.1
content-length: 105
location: https://d.adroll.com/consent/check/DL5HTN5U6BATNMFQ3HCPZ7/?_s=57cae2221033c5911cd028255674782f&_b=2

GET
H/1.1

200
OK

W4N55GMBMJETZEGC65VJ5F.js Show response
s.adroll.com/pixel/DL5HTN5U6BATNMFQ3HCPZ7/PS645T6N2FB2HAY6PYQ7TA/
Redirect Chain

https://d.adroll.com/pixel/DL5HTN5U6BATNMFQ3HCPZ7/PS645T6N2FB2HAY6PYQ7TA?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&pv=27576529566.167652&cookie=&adroll_s_ref=&keyw=&name=ly...
https://s.adroll.com/pixel/DL5HTN5U6BATNMFQ3HCPZ7/PS645T6N2FB2HAY6PYQ7TA/W4N55GMBMJETZEGC65VJ5F.js

3 KB
2 KB

197ms
196ms

Script
text/javascript

23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/DL5HTN5U6BATNMFQ3HCPZ7/PS645T6N2FB2HAY6PYQ7TA/W4N55GMBMJETZEGC65VJ5F.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 01221d1717e66346afa60e138e8b528f0929d6ffed4ccd976c7ab9930c832f96

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: NfjVCQSOJTREyXMXzCn_kd4hBV7Eq7Pu
Content-Encoding: gzip
x-amz-request-id: 6BD64656E50FE049
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Wed, 26 Feb 2020 15:09:16 GMT
Connection: keep-alive
Content-Length: 1034
x-amz-id-2: WStPm2t2ME94/k2khhnIhVjmfioWT9mscgvdCYDDrq/9HiNJKtO43x4k+q+dYNtx2DjscJUCSNY=
Last-Modified: Tue, 04 Feb 2020 01:47:27 GMT
Server: AmazonS3
ETag: "9d3d52b57519883571a703190640d666"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

date: Wed, 26 Feb 2020 15:09:16 GMT
x-segment-display-name: Home Page Visits
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
content-length: 0
pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.16.1
x-rule: *hrhero.blr.com/*
x-segment-eid: W4N55GMBMJETZEGC65VJ5F
location: https://s.adroll.com/pixel/DL5HTN5U6BATNMFQ3HCPZ7/PS645T6N2FB2HAY6PYQ7TA/W4N55GMBMJETZEGC65VJ5F.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: PS645T6N2FB2HAY6PYQ7TA
x-segment-name: ba5391f7
x-advertisable-eid: DL5HTN5U6BATNMFQ3HCPZ7
x-conversion-currency

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/aol/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7
https://pixel.advertising.com/ups/55980/sync?uid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://pixel.advertising.com/ups/55980/sync?uid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
https://ups.analytics.yahoo.com/ups/55980/sync?uid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPf4de2d4b-58a9-11ea-a94f-06...
https://ups.analytics.yahoo.com/ups/55980/sync?uid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPf4de2d4b-58a9-11ea-a94f-06...

0
977 B

17ms
14ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?uid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPf4de2d4b-58a9-11ea-a94f-0608b7ec45f6&verify=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.102 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 26 Feb 2020 15:09:17 GMT
Server: ATS/7.1.2.102
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Wed, 26 Feb 2020 15:09:17 GMT
Server: ATS/7.1.2.102
Age: 1
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55980/sync?uid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPf4de2d4b-58a9-11ea-a94f-0608b7ec45f6&verify=true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&expiration=1614265756
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&expiration=1614265756&C=1

43 B
1003 B

22ms
17ms

Image
image/gif

23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&expiration=1614265756&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Feb 2020 15:09:17 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 26 Feb 2020 15:09:17 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Feb 2020 15:09:17 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&expiration=1614265756&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Wed, 26 Feb 2020 15:09:17 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&expires=365

0
239 B

62ms
24ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Feb 2020 15:09:16 GMT
server: nginx/1.16.1
location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&expires=365
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 124

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&rdrctExp=true

0
452 B

96ms
90ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&rdrctExp=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-TraceId: a5a089ca36611302b6beb2b98e5b83be
Date: Wed, 26 Feb 2020 15:09:17 GMT
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&rdrctExp=true
Date: Wed, 26 Feb 2020 15:09:17 GMT
X-TraceId: 3754b5daa5965d621bc4f1482f97bc57
Content-Length: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
1010 B

92ms
20ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Feb 2020 15:09:16 GMT
X-lat: Pug23012:0:270
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Cache-Control: no-store, no-cache, private
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection: close
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Wed, 26 Feb 2020 15:09:16 GMT
server: nginx/1.16.1
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 220

GET
H2

200

in
d.adroll.com/cm/r/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

42 B
501 B

31ms
30ms

Image
image/gif

52.210.116.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.116.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-116-206.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Feb 2020 15:09:17 GMT
server: nginx/1.16.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42

Redirect headers

date: Wed, 26 Feb 2020 15:09:16 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
location: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
status: 302
x-content-type-options: nosniff
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

204

/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg

0
280 B

33ms
17ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Wed, 26 Feb 2020 15:09:17 GMT
via: 1.1 varnish
server: nginx
x-timer: S1582729757.999441,VS0,VE9
x-served-by: cache-fra19122-FRA
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Feb 2020 15:09:16 GMT
server: nginx/1.16.1
location: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 111

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7
https://eb2.3lift.com/xuid?mid=4714&xuid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

13ms
10ms

Image
image/gif

52.57.79.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.79.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-79-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 26 Feb 2020 15:09:17 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 37
content-type: image/gif

Redirect headers

status: 302
date: Wed, 26 Feb 2020 15:09:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: /xuid?ld=1&mid=4714&xuid=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7
https://x.bidswitch.net/sync?dsp_id=44&user_id=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg

43 B
380 B

10ms
9ms

Image
image/gif

35.157.239.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.239.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-239-183.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 26 Feb 2020 15:09:17 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

status: 302
date: Wed, 26 Feb 2020 15:09:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7
https://ib.adnxs.com/setuid?entity=172&code=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg

43 B
881 B

29ms
10ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=172&code=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Feb 2020 15:09:19 GMT
AN-X-Request-Uuid: 5b1f618d-f38e-4e46-adc9-05f590e1d238
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 83.97.23.5; 83.97.23.5; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.28:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Feb 2020 15:09:17 GMT
server: nginx/1.16.1
location: https://ib.adnxs.com/setuid?entity=172&code=YmM4NDBiNTU1OWFkZDc5OTk3ODU0MjFkOWIzYmU2Mzg
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 93

GET
H2

204

377928.gif
idsync.rlcdn.com/
Redirect Chain

https://d.adroll.com/cm/l/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7
https://idsync.rlcdn.com/377928.gif?partner_uid=bc840b5559add7999785421d9b3be638

0
62 B

222ms
206ms

Image
text/plain

35.190.72.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=bc840b5559add7999785421d9b3be638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 21.72.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Wed, 26 Feb 2020 15:09:17 GMT
via: 1.1 google
alt-svc: clear

Redirect headers

pragma: no-cache
date: Wed, 26 Feb 2020 15:09:17 GMT
server: nginx/1.16.1
location: https://idsync.rlcdn.com/377928.gif?partner_uid=bc840b5559add7999785421d9b3be638
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 86

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7
https://us-u.openx.net/w/1.0/sd?id=537103138&val=bc840b5559add7999785421d9b3be638
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=bc840b5559add7999785421d9b3be638

43 B
183 B

17ms
17ms

Image
image/gif

34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=bc840b5559add7999785421d9b3be638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Feb 2020 15:09:17 GMT
via: 1.1 google
server: OXGW/16.176.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Wed, 26 Feb 2020 15:09:17 GMT
via: 1.1 google
server: OXGW/16.176.1
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=bc840b5559add7999785421d9b3be638
p3p: CP="CUR ADM OUR NOR STA NID"
status: 302
alt-svc: clear
content-length: 0

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=962957ce6ea6377544b633dafd6f33ff-1582729756573&xid_ch=f&advertisable=DL5HTN5U6BATNMFQ3HCPZ7&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=vIQLVVmt15mXhUIdmzvmOA
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=vIQLVVmt15mXhUIdmzvmOA&google_tc=
https://d.adroll.com/cm/g/in

42 B
538 B

30ms
29ms

Image
image/gif

52.210.116.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.116.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-116-206.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://hrhero.blr.com/Solutions/HR-Tools/FLSA-Audit/Benefits?spMailingID=17000359&spUserID=MTg2ODM1NTk4Njk5S0&spJobID=1821521978&spReportId=MTgyMTUyMTk3OAS2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Feb 2020 15:09:17 GMT
server: nginx/1.16.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Wed, 26 Feb 2020 15:09:17 GMT
server: HTTP server (unknown)
location: https://d.adroll.com/cm/g/in
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.blr.com/	1969-12-31 23:59:59	Name: com.silverpop.iMA.rid Value: MTgyMTUyMTk3OAS2
.blr.com/	1969-12-31 23:59:59	Name: com.silverpop.iMA.uid Value: MTg2ODM1NTk4Njk5S0
.blr.com/	1969-12-31 23:59:59	Name: com.silverpop.iMA.mid Value: 17000359
.blr.com/	1970-01-19 07:38:50	Name: com.silverpop.iMA.session Value: be5483a7-c017-0151-d9e2-3a55d951c6b0
hrhero.blr.com/	1970-01-20 01:11:28	Name: driftt_aid Value: 8764026f-763e-4e34-8afd-7ea4531cde58
hrhero.blr.com/	1970-01-19 08:22:01	Name: ly_segs Value: %7B%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22all_suppress_hrblrcom_actives%22%3A%22all_suppress_hrblrcom_actives%22%2C%22blrcom_unknown_split_b_hr_hero%22%3A%22blrcom_unknown_split_b_hr_hero%22%2C%22no_users%22%3A%22no_users%22%7D
.blr.com/	1970-01-19 07:38:51	Name: __utmb Value: 178666487.1.10.1582729756
.blr.com/	1970-01-19 07:38:50	Name: com.silverpop.iMA.page_visit Value: -41944170:
.blr.com/	1970-01-20 07:38:49	Name: com.silverpop.iMAWebCookie Value: 8842e7c1-d7cd-5ded-d0a3-e7770bb1a51c
.blr.com/	1970-01-19 07:38:50	Name: __utmt Value: 1
.blr.com/	1969-12-31 23:59:59	Name: com.silverpop.iMA.jid Value: 1821521978
.blr.com/	1970-01-19 07:38:51	Name: seerses Value: e
.blr.com/	1970-01-19 12:01:37	Name: __utmz Value: 178666487.1582729756.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.blr.com/	1969-12-31 23:59:59	Name: __utmc Value: 178666487
.blr.com/	1970-01-20 01:10:01	Name: __utma Value: 178666487.846950791.1582729756.1582729756.1582729756.1
.hrhero.blr.com/	1970-01-19 07:38:51	Name: seerses Value: e
.hrhero.blr.com/	1970-01-19 09:48:25	Name: seerid Value: 109027.59631035903
.blr.com/	1970-01-19 09:48:25	Name: seerid Value: 109027.59631035903

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
api.lytics.io
c.lytics.io
cm.g.doubleclick.net
d.adroll.com
d.adroll.mgr.consensu.org
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hrhero.blr.com
ib.adnxs.com
idsync.rlcdn.com
js.driftt.com
links.e.ap.blr-direct.mkt8064.com
pixel.advertising.com
pixel.rubiconproject.com
s.adroll.com
sample-api-v2.crazyegg.com
script.crazyegg.com
simage2.pubmatic.com
ssl.google-analytics.com
stats.g.doubleclick.net
storage.googleapis.com
sync.outbrain.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
www.blr.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.pages02.net
www.sc.pages02.net
x.bidswitch.net
143.204.202.100
151.101.14.2
172.217.22.34
185.64.190.80
23.21.91.243
23.210.248.216
23.210.249.164
2606:4700:20::681a:216
2606:4700::6813:9308
2a00:1288:f03d:1fa::2000
2a00:1450:4001:800::2008
2a00:1450:4001:819::2003
2a00:1450:4001:81a::200a
2a00:1450:4001:81b::2002
2a00:1450:4001:81d::2010
2a00:1450:4001:81e::2003
2a00:1450:4001:821::2004
2a00:1450:4001:825::2008
2a00:1450:400c:c06::9a
3.126.56.137
34.95.120.147
35.157.239.183
35.190.72.21
35.227.192.113
37.252.172.250
52.210.116.206
52.57.79.171
52.59.74.203
64.202.112.31
64.207.100.80
64.207.100.87
69.173.144.139
74.112.69.162
74.112.69.43
74.112.69.44
01221d1717e66346afa60e138e8b528f0929d6ffed4ccd976c7ab9930c832f96
02b241c7659734bf808f105da18b7ff6eecdf94221625d0c0dc236452f5e23b4
0de385dc56b8889a904022c1cd15cf4dd8ec4973ba2305a87344bf891d46219e
0e30f87356d5fb319e3b15be6cb500ab55a3c8356dd8743f8832b2cc7200bab3
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1c0e0ca6ba3ee267ba14d39184efb68c958717fc6e58b528b700502c0aea5170
1ec8fc9bccfa62fa81245d7b97a021d216099d620d9b5f9aef17547c82c8b5ac
25a533df8eb572b34a2e52b480fcdec9d4e89c97011b185ea323038bca8a2c1e
26961875e6634136b6a272d5ffe439b4492eb1e8d96e74faea231a2210564809
27a1e80167055f562f0ddda38620ec1f5a354c5ab795c75da16874f4095520f3
27cfc082d3c2ad094d4d95307ad8791a403c88a9cceb92f18448c90f3129983b
2d61c99a67aac1c3de433321f7405ac70fcee3dad20317fc95bd3b3b1b8961ee
308d924fbc7251159e42c2f022c734ebf94ea41ebcd1f158a3e0d699867d6b79
31dbe8107188a4024e008ead881927d2a68d69845837fecc72b75dd445a337aa
39f042811c8f12b2881c59e844814cc7bc1a84413e13202702b296a08fdf6dca
4271465f637a5d87431c2504847d2acce57611e5f0b2f7a8320ce045c13f422c
430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52268e48db860470d396f61026c56e9f098a0620506f946f062e8edf4ad05871
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
586ae03c677e0c5cf124935474aebf3a2359dd32a652e056fdd92126c9dcb769
5cab6e53740d8ef4d8a248cb8d85f164eef1648897e6b21270048dd523ae5925
5f09d0caafd9a408599d4cb769a30a6ac687020d639e85413e1a688a87b65583
69acc892084052d24e7ae88bdc4653f9bce55b21cff15020fde183993cebdba1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ded2330a66268d60303a301b785cb47a17b252c3a180a83bdaa43b523480c7e
6e659c400c6d55212aaa69a21d2fdc1cd0cab643bdd8af9370e1b935ff64b7b3
7324671b54b5f316fae2cfa8861cd6bd7f1670619eb709b77dff3dba77328f04
7a538349a6487ff8a14ee87c50184fb305a7f9b0dd8a2842b5c6043082a1e348
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a011616be05144ad65f487743cb5484267e6ad190e002651e50773a3ad817df
91d83564971fc43aa6c0724780f7f45563a4d6b71f0710683ab767e60b0012bb
9a39a748b4301cfbdcccd2bc67e3f2754ee19067e7b92cf7f43d81476bcd415d
a06c8a7e392e128a69c6b160cd54d613191a3446f24c8adff3cb93d916fc8fe7
a0b2ebb9829ca6a0f3ad0aab8e311effb615508f0ff09c03a7c3c732f6169a71
a29160e83c6e2d3b45fba15ee59ee4483a019009761e77b92367ca9119c6ed84
a34e3651756e3ab86987f3575cf94e2e528d22a12286bac0096daa30d3d3f856
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a7feb98d9c090a98afc16e406ce612938fa28e089ddc6a353fefa92c54afd496
a8b596c45d5ca3966a960397e387573fdf418c19b863a6cc3474a916282ca24a
add9c5e2d3fe699f7cf6439f066ed77fe1d18111a37ad867bc563b05a1e89cb1
b0a787d850fba61d76e23f63fa5c379e4528b5bae0c725bd624498f849b64451
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b565adb6baca71e86b6427cee9cf6a0a96e32f8e0fa71ec9b8c2e9702bc2a063
b898de17f81ccfb5c25edb0cc1181213a542b312e5de7e6c4b217b49a4df6ede
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc69f82bcab57d1afe3f4755dbcf41709c0523fcb1b69d59b807aad09dd3bb18
d00255a582d67e7d1061097b97f939b3d4e4bd48c31e6e0fd1cdf3d2f271ab63
d468e0fa78d4289b15f6fe03d1a22f98203afce6e09d425a0c29441d431eb853
e3ac786e449101a4a0bf73f13056c778b55ce9e2bb14483b83e44ba15520055f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e613df9aa843851d019cc12e6184972311e2229c14299d2f6c80f4aadf2d844a
e8f1d27119c0bdd833d5d301179da883288e98a83fbc85c5c793dde5110fbc72
eb1bd595c36a9da5b069834dfccb512a186a280e1a9e4c14bb074d41fcf03707
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f7060c72bdf7b14037505582fe710e1457b48805a4e1c0ee603426d58c61430f

hrhero.blr.com Open in urlscan Pro 64.207.100.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

74 Requests

100 %HTTPS

34 %IPv6

28 Domains

37 Subdomains

32 IPs

7 Countries

894 kBTransfer

1690 kBSize

18 Cookies

13 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hrhero.blr.com Open in urlscan Pro
64.207.100.80 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

100 %
HTTPS

34 %
IPv6

28
Domains

37
Subdomains

32
IPs

7
Countries

894 kB
Transfer

1690 kB
Size

18
Cookies

74 HTTP transactions
0 data transactions