savor.hrpos.heartland.us Open in urlscan Pro
52.200.124.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://savor.hrpos.heartland.us/
Effective URL:
https://savor.hrpos.heartland.us/
Submission: On October 29 via manual (October 29th 2020, 8:37:43 pm UTC) from US

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 7 domains to perform 16 HTTP transactions. The main IP is 52.200.124.34, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is savor.hrpos.heartland.us.
TLS certificate: Issued by Amazon on February 4th 2020. Valid for: a year.

This is the only time savor.hrpos.heartland.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	52.200.124.34 52.200.124.34	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE)
2 2	99.86.2.6 99.86.2.6	16509 (AMAZON-02) (AMAZON-02)
2	65.9.23.225 65.9.23.225	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
1	65.118.49.55 65.118.49.55	16931 (GLOBAL-PA...) (GLOBAL-PAYMENTS-1)
1	52.167.230.32 52.167.230.32	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.201.27 143.204.201.27	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
16	11

2 52.200.124.34 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-124-34.compute-1.amazonaws.com

savor.hrpos.heartland.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.2.6 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-6.fra6.r.cloudfront.net

assets.hrpos.heartland.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.23.225 (Seattle, United States)

ASN16509 (AMAZON-02, US)

d3bsq3k61902i2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.118.49.55 (Prescott, United States)

ASN16931 (GLOBAL-PAYMENTS-1, US)

api2.heartlandportico.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.167.230.32 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

token.monetary.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.27 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-27.fra53.r.cloudfront.net

online.hrpos.heartland.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	googleapis.com fonts.googleapis.com maps.googleapis.com	127 KB
5	heartland.us 3 redirects savor.hrpos.heartland.us assets.hrpos.heartland.us online.hrpos.heartland.us	3 KB
2	google.com apis.google.com	108 KB
2	cloudfront.net d3bsq3k61902i2.cloudfront.net	1022 KB
1	gstatic.com fonts.gstatic.com	9 KB
1	monetary.co token.monetary.co	2 KB
1	heartlandportico.com api2.heartlandportico.com	32 KB
16	7

	Domain	Requested by
4	maps.googleapis.com	savor.hrpos.heartland.us maps.googleapis.com
2	apis.google.com	savor.hrpos.heartland.us apis.google.com
2	d3bsq3k61902i2.cloudfront.net	savor.hrpos.heartland.us
2	assets.hrpos.heartland.us	2 redirects
2	fonts.googleapis.com	savor.hrpos.heartland.us
2	savor.hrpos.heartland.us	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	online.hrpos.heartland.us	assets.hrpos.heartland.us
1	token.monetary.co	savor.hrpos.heartland.us
1	api2.heartlandportico.com	savor.hrpos.heartland.us
16	10

This site contains no links.

Subject Issuer	Validity	Valid
*.gpr.globalpaymentsinc.ca Amazon	`2020-02-04` - `2021-03-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.apis.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
api2.heartlandportico.com Entrust Certification Authority - L1M	`2019-05-14` - `2021-07-31`	2 years	crt.sh
*.monetary.co Go Daddy Secure Certificate Authority - G2	`2019-07-02` - `2021-07-02`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://savor.hrpos.heartland.us/
Frame ID: 7EABAD640E1DE378E955E4696AAEDF01
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://savor.hrpos.heartland.us/ HTTP 301
https://savor.hrpos.heartland.us/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

script /\/\/maps\.googleapis\.com\/maps\/api\/js/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

16
Requests

94 %
HTTPS

45 %
IPv6

7
Domains

10
Subdomains

11
IPs

2
Countries

1302 kB
Transfer

5150 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://savor.hrpos.heartland.us/ HTTP 301
https://savor.hrpos.heartland.us/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://assets.hrpos.heartland.us/online/style.css HTTP 303
https://d3bsq3k61902i2.cloudfront.net/apps/online-ordering/dist/assets/style.d46f90a8.css.gz

Request Chain 7

https://assets.hrpos.heartland.us/online/bundle.js HTTP 303
https://d3bsq3k61902i2.cloudfront.net/apps/online-ordering/dist/assets/bundle.ac048c32.js.gz

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
savor.hrpos.heartland.us/
Redirect Chain

http://savor.hrpos.heartland.us/
https://savor.hrpos.heartland.us/

2 KB
2 KB

336ms
121ms

Document
text/html

52.200.124.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://savor.hrpos.heartland.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.124.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-124-34.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 7c22aa4808e6323a23abed0085c3a4a9a8949feefe037c618d98c7a124837002

Request headers

:method: GET
:authority: savor.hrpos.heartland.us
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 29 Oct 2020 20:37:25 GMT
content-type: text/html; charset=UTF-8
content-length: 1993
set-cookie: AWSALB=juZ1YiOxtzGg4BHwJ9U4g4YGj8m9jnJZb2BWLANnkkhNXyLJ9i0CAi5sdUU6zxk6n2EMN68ka+baUF0DsAEjV4eVqQwxlCXkvZaFYjO+I4/OChbu2h7P/h4uu2LE; Expires=Thu, 05 Nov 2020 20:37:25 GMT; Path=/ AWSALBCORS=juZ1YiOxtzGg4BHwJ9U4g4YGj8m9jnJZb2BWLANnkkhNXyLJ9i0CAi5sdUU6zxk6n2EMN68ka+baUF0DsAEjV4eVqQwxlCXkvZaFYjO+I4/OChbu2h7P/h4uu2LE; Expires=Thu, 05 Nov 2020 20:37:25 GMT; Path=/; SameSite=None; Secure
server: Apache
cache-control: max-age=0
expires: Thu, 29 Oct 2020 20:37:25 GMT

Redirect headers

Server: awselb/2.0
Date: Thu, 29 Oct 2020 20:37:25 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://savor.hrpos.heartland.us:443/

GET
H2 200 icon
fonts.googleapis.com/ 574 B
465 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: savor.hrpos.heartland.us
URL: https://savor.hrpos.heartland.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f43ed67b5dbe01a3b359d5af3077afe6543a88bc32088c322171335e09b39e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://savor.hrpos.heartland.us/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 20:37:25 GMT
server: ESF
date: Thu, 29 Oct 2020 20:37:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Oct 2020 20:37:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
869 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Host: savor.hrpos.heartland.us
URL: https://savor.hrpos.heartland.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35901d308b760b474f8f7682022c55ef5ad97a8cf7cee503eefcb422023b705a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://savor.hrpos.heartland.us/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 20:15:09 GMT
server: ESF
date: Thu, 29 Oct 2020 20:37:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Oct 2020 20:37:25 GMT

GET
H/1.1

200
OK

style.d46f90a8.css.gz
d3bsq3k61902i2.cloudfront.net/apps/online-ordering/dist/assets/
Redirect Chain

https://assets.hrpos.heartland.us/online/style.css
https://d3bsq3k61902i2.cloudfront.net/apps/online-ordering/dist/assets/style.d46f90a8.css.gz

88 KB
14 KB

155ms
49ms

Stylesheet
text/css

65.9.23.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bsq3k61902i2.cloudfront.net/apps/online-ordering/dist/assets/style.d46f90a8.css.gz
Requested by: Host: savor.hrpos.heartland.us
URL: https://savor.hrpos.heartland.us/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.23.225 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8677105fdc391a3167302efb484b34401065d8f644b8b818deb82e8f5a30ada7

Request headers

Referer: https://savor.hrpos.heartland.us/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 13 Oct 2020 15:19:28 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 09 Oct 2020 17:44:30 GMT
Server: AmazonS3
Age: 1401479
ETag: "0e35423f8b2ba768cbffedfc5f0570d1"
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 9616c9d248a84b00a499563db915c53b.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
X-Amz-Cf-Pop: ZAG50-C1
Accept-Ranges: bytes
Content-Length: 13949
X-Amz-Cf-Id: dmnvDMItO2jyx-P4BL5oAi44BULbNEzJVUwXqSjS_V_Z2UNPpZZzNQ==

Redirect headers

date: Thu, 29 Oct 2020 20:37:25 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: d2f44f29-0e71-41ab-9f27-e66342c7014b
status: 303
x-cache: Miss from cloudfront
content-type: application/json
location: https://d3bsq3k61902i2.cloudfront.net/apps/online-ordering/dist/assets/style.d46f90a8.css.gz
x-amzn-trace-id: Root=1-5f9b2805-690d978010b4b332393d206e;Sampled=0
x-amz-apigw-id: VMMw7ECqIAMFv3w=
content-length: 0
x-amz-cf-id: 4-sHG3hfPQxjvXQgo8F3PudcoDP6AXmOMyBjddCl6AcrCU5vCf-TSw==

GET
H2 200 api:client.js Show response
apis.google.com/js/ 12 KB
6 KB 51ms
30ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api:client.js

Requested by

Host: savor.hrpos.heartland.us
URL: https://savor.hrpos.heartland.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b55a0438ea324dbc23f44a903b269dee786fd4ea04caa12003c34ce304ba81b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s6br6sNbeI0u/SIwZ4wFVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://savor.hrpos.heartland.us/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 20:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "1c693c2d76e987925393dd67866e565e"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-s6br6sNbeI0u/SIwZ4wFVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 29 Oct 2020 20:37:25 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 133 KB
43 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyD__vJySms9a5ZBHfIE_lBEFNQo_JjHEaI&libraries=places,geometry

Requested by

Host: savor.hrpos.heartland.us
URL: https://savor.hrpos.heartland.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

41f19eb41cc7a1c885b7121a26df586081fcee19cabfd72a8c77774dae6987bf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://savor.hrpos.heartland.us/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 20:37:25 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=27
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44273
x-xss-protection: 0
expires: Thu, 29 Oct 2020 21:07:25 GMT

GET
H/1.1 200
OK globalpayments.js Show response
api2.heartlandportico.com/SecureSubmit.v1/token/gp-1.3.0/ 159 KB
32 KB 513ms
128ms Script
application/javascript 65.118.49.55
GLOBAL-PAYMENTS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.heartlandportico.com/SecureSubmit.v1/token/gp-1.3.0/globalpayments.js

Requested by

Host: savor.hrpos.heartland.us
URL: https://savor.hrpos.heartland.us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

65.118.49.55 Prescott, United States, ASN16931 (GLOBAL-PAYMENTS-1, US),

Reverse DNS

Software

Resource Hash

d9b81aa1fe82bf0b92980bfe359117e9a4c2cb5958fdc5b719c59c58bb1bceba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff

Request headers

Referer: https://savor.hrpos.heartland.us/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 31 Aug 2020 15:59:19 GMT
Server
ETag: "80a53cafaf7fd61:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Date: Thu, 29 Oct 2020 20:37:25 GMT
Accept-Ranges: bytes
Content-Length: 32144

GET
H/1.1 200
OK client Show response
token.monetary.co/v1/ 2 KB
2 KB 482ms
107ms Script
application/javascript 52.167.230.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://token.monetary.co/v1/client
Requested by: Host: savor.hrpos.heartland.us
URL: https://savor.hrpos.heartland.us/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.230.32 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8cd608d79ea0cadfb332df16ec714357fead20201fbd0ed67fd6be1f74bca17f

Request headers

Referer: https://savor.hrpos.heartland.us/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 29 Oct 2020 20:37:25 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-store, must-revalidate, no-cache, max-age=0
Content-Length: 1218
Request-Context: appId=cid-v1:6a90fbb4-274a-4ae1-adf2-e60a198542f2

GET
H/1.1

200
OK

bundle.ac048c32.js.gz Show response
d3bsq3k61902i2.cloudfront.net/apps/online-ordering/dist/assets/
Redirect Chain

https://assets.hrpos.heartland.us/online/bundle.js
https://d3bsq3k61902i2.cloudfront.net/apps/online-ordering/dist/assets/bundle.ac048c32.js.gz

4 MB
1008 KB

153ms
50ms

Script
text/javascript

65.9.23.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bsq3k61902i2.cloudfront.net/apps/online-ordering/dist/assets/bundle.ac048c32.js.gz
Requested by: Host: savor.hrpos.heartland.us
URL: https://savor.hrpos.heartland.us/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.23.225 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57cc33cc2fa213b44b0fb74f6d0a34c9af44d69b089fb9d29fd158dc3f264ad7

Request headers

Referer: https://savor.hrpos.heartland.us/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 20 Oct 2020 10:55:55 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 20 Oct 2020 08:12:32 GMT
Server: AmazonS3
Age: 812492
ETag: "73b450f6afd096afe2555d02a670e7a0"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 b63f332297d95bccb0f4e41c4aef0ab1.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
X-Amz-Cf-Pop: ZAG50-C1
Accept-Ranges: bytes
Content-Length: 1031585
X-Amz-Cf-Id: lLyKPd4CgI0rNDIECi4u97BYBKg2WoNnBxmEXvyi-zEyUe5Ohixkew==

Redirect headers

date: Thu, 29 Oct 2020 20:37:25 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: 4c8a0c5d-29e5-4569-8c5a-3c849d2e4bec
status: 303
x-cache: Miss from cloudfront
content-type: application/json
location: https://d3bsq3k61902i2.cloudfront.net/apps/online-ordering/dist/assets/bundle.ac048c32.js.gz
x-amzn-trace-id: Root=1-5f9b2805-321df780137a46ef5f4a8433;Sampled=0
x-amz-apigw-id: VMMw7GFroAMF-UA=
content-length: 0
x-amz-cf-id: LDuUYng1-0LBR4SuufR0pc4SCPz3bnix82nIVdP72nz9oU2j4dEC8g==

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/ 300 KB
103 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api:client.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747cb8bd972894f12b09d183117fa495c82deb4ea0fa911718f83eff199a3f4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://savor.hrpos.heartland.us/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 22:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 17:38:50 GMT
server: sffe
age: 253344
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104737
x-xss-protection: 0
expires: Tue, 26 Oct 2021 22:15:02 GMT

OPTIONS
H2 403 location
online.hrpos.heartland.us/ 0
0 372ms
299ms Other
application/json 143.204.201.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://online.hrpos.heartland.us/location
Protocol: H2
Server: 143.204.201.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-27.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://savor.hrpos.heartland.us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 403
content-type: application/json
content-length: 23
date: Thu, 29 Oct 2020 20:37:26 GMT
x-amzn-requestid: e45dba33-b9b8-4fed-945d-af76992ec07a
access-control-allow-origin: *
access-control-allow-headers: *
x-amzn-errortype: ForbiddenException
x-amz-apigw-id: VMMxFHn4IAMFVzw=
x-cache: Error from cloudfront
via: 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: -twbxQgKS-2i0KFi0INvH6E_9QL7IPFtHnmUnElxqAgeazGydYMNvA==

POST location
online.hrpos.heartland.us/ 0
0

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://savor.hrpos.heartland.us
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 11:20:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 119812
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 28 Oct 2021 11:20:34 GMT

GET
H3-Q050 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/42/9/ 75 KB
28 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/42/9/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD__vJySms9a5ZBHfIE_lBEFNQo_JjHEaI&libraries=places,geometry

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbe862fecc8d22f26c0071a1283d1ee6302d0ee20663afe46caabbe16d11d59e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://savor.hrpos.heartland.us/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 19:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Oct 2020 04:29:25 GMT
server: sffe
age: 264245
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28123
x-xss-protection: 0
expires: Tue, 26 Oct 2021 19:13:26 GMT

GET
H3-Q050 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/42/9/ 147 KB
54 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/42/9/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD__vJySms9a5ZBHfIE_lBEFNQo_JjHEaI&libraries=places,geometry

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f4d404865d30f5860c0ff6e39f0afb1f2a6465fb01b95cf34aaf225d768e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://savor.hrpos.heartland.us/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 18:16:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Oct 2020 04:29:25 GMT
server: sffe
age: 8437
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55295
x-xss-protection: 0
expires: Fri, 29 Oct 2021 18:16:54 GMT

GET
H3-Q050 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
248 B 52ms
51ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fsavor.hrpos.heartland.us%2F&4sAIzaSyD__vJySms9a5ZBHfIE_lBEFNQo_JjHEaI&callback=_xdc_._cl55w3&key=AIzaSyD__vJySms9a5ZBHfIE_lBEFNQo_JjHEaI&token=128361

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/42/9/common.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

de44b6ac5f2615ef97ba00f88f0b6ad4422c33b3a4d47a6e19ce2bc998c028e5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://savor.hrpos.heartland.us/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 20:37:31 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=36
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: online.hrpos.heartland.us
URL: https://online.hrpos.heartland.us/location

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			savor.hrpos.heartland.us/	1970-01-19 13:43:28	Name: AWSALBCORS Value: juZ1YiOxtzGg4BHwJ9U4g4YGj8m9jnJZb2BWLANnkkhNXyLJ9i0CAi5sdUU6zxk6n2EMN68ka+baUF0DsAEjV4eVqQwxlCXkvZaFYjO+I4/OChbu2h7P/h4uu2LE
			savor.hrpos.heartland.us/	1970-01-19 13:43:28	Name: AWSALB Value: juZ1YiOxtzGg4BHwJ9U4g4YGj8m9jnJZb2BWLANnkkhNXyLJ9i0CAi5sdUU6zxk6n2EMN68ka+baUF0DsAEjV4eVqQwxlCXkvZaFYjO+I4/OChbu2h7P/h4uu2LE

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://assets.hrpos.heartland.us/online/bundle.js(Line 2) Message: ALL COOKIES [object Object]
console-api	log	URL: https://assets.hrpos.heartland.us/online/bundle.js(Line 2) Message: refreshTokenFlow: Starting refreshTokenFlow

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.heartlandportico.com
apis.google.com
assets.hrpos.heartland.us
d3bsq3k61902i2.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
online.hrpos.heartland.us
savor.hrpos.heartland.us
token.monetary.co
online.hrpos.heartland.us
143.204.201.27
2a00:1450:4001:801::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:815::2003
2a00:1450:4001:81f::200a
2a00:1450:4001:820::200a
52.167.230.32
52.200.124.34
65.118.49.55
65.9.23.225
99.86.2.6
35901d308b760b474f8f7682022c55ef5ad97a8cf7cee503eefcb422023b705a
3b55a0438ea324dbc23f44a903b269dee786fd4ea04caa12003c34ce304ba81b
41f19eb41cc7a1c885b7121a26df586081fcee19cabfd72a8c77774dae6987bf
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
57cc33cc2fa213b44b0fb74f6d0a34c9af44d69b089fb9d29fd158dc3f264ad7
747cb8bd972894f12b09d183117fa495c82deb4ea0fa911718f83eff199a3f4e
7c22aa4808e6323a23abed0085c3a4a9a8949feefe037c618d98c7a124837002
8677105fdc391a3167302efb484b34401065d8f644b8b818deb82e8f5a30ada7
8cd608d79ea0cadfb332df16ec714357fead20201fbd0ed67fd6be1f74bca17f
a6f4d404865d30f5860c0ff6e39f0afb1f2a6465fb01b95cf34aaf225d768e61
bbe862fecc8d22f26c0071a1283d1ee6302d0ee20663afe46caabbe16d11d59e
d9b81aa1fe82bf0b92980bfe359117e9a4c2cb5958fdc5b719c59c58bb1bceba
de44b6ac5f2615ef97ba00f88f0b6ad4422c33b3a4d47a6e19ce2bc998c028e5
f43ed67b5dbe01a3b359d5af3077afe6543a88bc32088c322171335e09b39e76

savor.hrpos.heartland.us Open in urlscan Pro 52.200.124.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

94 %HTTPS

45 %IPv6

7 Domains

10 Subdomains

11 IPs

2 Countries

1302 kBTransfer

5150 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

savor.hrpos.heartland.us Open in urlscan Pro
52.200.124.34 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

45 %
IPv6

7
Domains

10
Subdomains

11
IPs

2
Countries

1302 kB
Transfer

5150 kB
Size

2
Cookies

16 HTTP transactions
0 data transactions