Report - txt.so/lxK7YZ

Report Overview

Submitted URL

txt.so/lxK7YZ
IP

209.104.192.225

ASN

#22418 COLOG
Submitted

2023-11-21T07:15:45Z

Access

public
Website Title

Online Ordering by Heartland | Restaurant
Final URL

pizzacodavison.hrpos.heartland.us/
Tags

microsoft phishing
urlquery detections

Phishing - Microsoft

Detections

urlquery

1
Network Intrusion Detection

0
Threat Detection Systems

0

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.e2m02.amazontrust.com (2)	unknown	2022-12-07 11:11:00	2023-11-20 03:06:01	680	1498	143.204.53.97
events.launchdarkly.com (2)	1653	2016-02-06 08:13:26	2023-11-20 02:10:23	1311	993	54.175.249.243
fonts.googleapis.com (3)	8877	2013-06-10 22:14:26	2023-11-21 06:47:28	1388	22269	142.250.74.106
apis.google.com (2)	105	2013-05-06 22:20:21	2023-11-21 05:10:25	988	119650	172.217.21.174
d3bsq3k61902i2.cloudfront.net (3)	unknown	2016-01-15 17:23:36	2023-08-03 13:44:14	1462	1963924	143.204.42.150
fonts.gstatic.com (1)	unknown	2014-09-09 02:40:21	2023-11-21 07:51:56	562	49265	216.58.207.227
token.monetary.co (1)	256593	2017-06-18 15:06:11	2023-08-03 13:43:45	421	1538	52.167.230.32
ocsp.entrust.net (1)	1208	2014-01-10 03:18:45	2023-11-21 05:15:04	330	1957	23.38.202.187
online.hrpos.heartland.us (1)	288501	2020-09-16 17:06:56	2023-08-03 13:43:48	570	545	143.204.55.70
clientstream.launchdarkly.com (1)	1222	2017-04-20 16:50:17	2023-11-20 01:53:08	601	549	0.0.0.0
pizzacodavison.hrpos.heartland.us (1)	unknown	2022-12-23 18:04:57	2023-05-24 19:16:39	492	3065	34.236.29.126
txt.so (1)	832932	2020-07-23 07:01:18	2023-11-20 06:12:48	469	280	209.104.192.225
maps.googleapis.com (4)	33876	2019-10-17 17:56:16	2023-11-21 06:27:50	1927	182338	142.250.74.106
ocsp.r2m03.amazontrust.com (2)	unknown	2023-02-21 01:06:24	2023-11-21 07:45:07	680	1726	143.204.53.97
app.launchdarkly.com (4)	1861	2015-06-15 07:36:08	2023-11-20 05:39:31	2624	5938	151.101.2.217
assets.hrpos.heartland.us (2)	251620	2020-09-16 17:06:53	2023-08-03 13:43:45	884	1218	143.204.55.106
api2.heartlandportico.com (1)	63269	2017-02-23 08:55:09	2023-11-13 11:47:54	468	32509	65.118.49.55

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

Pretty

URL

pizzacodavison.hrpos.heartland.us/
IP

34.236.29.126:443
ASN

#14618 AMAZON-AES

Introduced by

scriptElement
Inline HTML

true

Observations

First Seen2023-03-07 01:01:59

Last Seen2023-11-28 14:35:17

Times Seen31883476
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Pretty

URL

maps.googleapis.com/maps/api/js?key=AIzaSyD__vJySms9a5ZBHfIE_lBEFNQo_JjHEaI&libraries=places,geometry
IP

142.250.74.106:443
ASN

#15169 GOOGLE

Introduced by

scriptElement
Inline HTML

false

Observations

First Seen2023-11-21 08:15:49

Last Seen2023-11-21 08:15:50

Times Seen2
Hash

5740aa096e3ea6a74ca31e98d6856b0b

b426ef05637285e59bce590b126ab17294538198

fa1e26c01b6a145ce8a1fc0fe9177b4333a572517a7f37ffb796e7cc58dcffd4

Pretty

URL

token.monetary.co/v1/client
IP

52.167.230.32:443
ASN

#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Introduced by

scriptElement
Inline HTML

false

Observations

First Seen2023-11-21 08:15:49

Last Seen2023-11-21 08:15:50

Times Seen2
Hash

fecea4e46100947b5a6b81098ba403f5

db4379b2313f391cebce5b99949217a63492fa3d

8cd608d79ea0cadfb332df16ec714357fead20201fbd0ed67fd6be1f74bca17f

Pretty

URL

maps.googleapis.com/maps-api-v3/api/js/55/1/common.js
IP

142.250.74.106:443
ASN

#15169 GOOGLE

Introduced by

scriptElement
Inline HTML

false

Observations

First Seen2023-11-15 21:18:37

Last Seen2023-11-21 20:05:59

Times Seen1317
Hash

057bc607dd53dfac4696ca68febbddee

7fe64004565fe92c2f13e9ba35c0ebcf15f1213a

e8ea928121a40d22f6739ed2ad8509c4b710104483bddae0d5021fcdebb76295

Pretty

URL

apis.google.com/js/api:client.js
IP

172.217.21.174:443
ASN

#15169 GOOGLE

Introduced by

scriptElement
Inline HTML

false

Observations

First Seen2023-10-12 21:57:24

Last Seen2023-11-28 10:18:18

Times Seen183
Hash

fae9a4c8f89afe0734f8c33f1f5d27ff

6927bc0d1c23d683493778bea3aaa8f0e45a4867

ce98b1f7068fe4eb5d2cb975d6c80893bd441d13cbb25b28bf4ae4af1c6da73a

Pretty

URL

api2.heartlandportico.com/SecureSubmit.v1/token/gp-1.3.0/globalpayments.js
IP

65.118.49.55:443
ASN

#16931 GLOBAL-PAYMENTS-1

Introduced by

scriptElement
Inline HTML

false

Observations

First Seen2023-11-21 08:15:49

Last Seen2023-11-21 08:15:50

Times Seen2
Hash

b1dcb2a17633c2e7eaab04e7d9e4f5b3

0e6133dc8deaa321c0a9e70579488db6f1e3a177

d9b81aa1fe82bf0b92980bfe359117e9a4c2cb5958fdc5b719c59c58bb1bceba

Pretty

URL

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs
IP

172.217.21.174:443
ASN

#15169 GOOGLE

Introduced by

scriptElement
Inline HTML

false

Observations

First Seen2023-10-12 21:57:24

Last Seen2023-11-28 10:18:18

Times Seen973
Hash

74e2ed30b18badb8e2821b62f0dc86db

a44add961324d8d399de79e45524ffa019ffcd73

3253ebd8d1a3c41f020b8e18e84bf61b96b0c1bba646b047fa90d87e72438371

Pretty

URL

assets.hrpos.heartland.us/online/bundle.js
IP

143.204.55.106:443
ASN

#16509 AMAZON-02

Introduced by

scriptElement
Inline HTML

false

Observations

First Seen2023-11-21 08:15:50

Last Seen2023-11-21 08:15:50

Times Seen2
Hash

16ff1262fb3d94c4175d6537c3588bc9

29deeb39947eba2efde441d9706756ef4583763b

de02eff05cf060e015876da24db83a66d17e0a40ca9f9dddc8ff9cd44853c354

Pretty

URL

maps.googleapis.com/maps-api-v3/api/js/55/1/util.js
IP

142.250.74.106:443
ASN

#15169 GOOGLE

Introduced by

scriptElement
Inline HTML

false

Observations

First Seen2023-11-15 21:18:37

Last Seen2023-11-21 20:06:00

Times Seen1325
Hash

4cf2bc2c81e11c62e82c708960c6aef8

7d8d66d88af80e050ae18d87b0876ab59f490dd9

740297dd144b71eedd45ab264a5a59e84096632d0870f0cf304d673e7bead73f

HTTP Transactions (32)

	URL	IP	Response	Size
	txt.so/lxK7YZ	209.104.192.225	301 Moved Permanently	0
Search urlquery URL txt.so/lxK7YZ DOMAIN txt.so FQDN txt.so IP 209.104.192.225 Hash d41d8cd98f00b204e9800998ecf8427e External sources Mnemonic PDNS FQDN txt.so DOMAIN txt.so IP 209.104.192.225 VirusTotal HASH da39a3ee5e6b4b0d3255bfef95601890afd80709 FQDN txt.so DOMAIN txt.so IP 209.104.192.225 crt.sh FQDN txt.so DOMAIN txt.so Fingerprint 4A:8A:58:B8:AA:27:FA:27:F7:9B:DD:B1:11:FA:23:EE:AA:A7:A7:92 URL User Request GET HTTP/1.1 txt.so/lxK7YZ IP 209.104.192.225:443 ASN #22418 COLOG Certificate IssuerSectigo Limited Subjecttxt.ac Fingerprint4A:8A:58:B8:AA:27:FA:27:F7:9B:DD:B1:11:FA:23:EE:AA:A7:A7:92 ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 21 Sep 2024 23:59:59 GMT Magic Size 0 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /lxK7YZ HTTP/1.1 Host: txt.so User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 301 Moved Permanently Server: nginx/1.20.1 Date: Tue, 21 Nov 2023 07:15:24 GMT Content-Length: 0 Connection: keep-alive Location: https://pizzacodavison.hrpos.heartland.us Strict-Transport-Security: max-age=31536000 X-Request-ID: ba88898b4fb61736d17c944edcdfb067`

	apis.google.com/js/api:client.js	172.217.21.174	200 OK	7118
Search urlquery URL apis.google.com/js/api:client.js DOMAIN google.com FQDN apis.google.com IP 172.217.21.174 Hash fae9a4c8f89afe0734f8c33f1f5d27ff External sources Mnemonic PDNS FQDN apis.google.com DOMAIN google.com IP 172.217.21.174 VirusTotal HASH 6927bc0d1c23d683493778bea3aaa8f0e45a4867 FQDN apis.google.com DOMAIN google.com IP 172.217.21.174 crt.sh FQDN apis.google.com DOMAIN google.com Fingerprint 06:87:C0:63:02:21:98:02:BD:FC:A0:11:93:E9:3A:9F:51:21:06:D8 URL GET HTTP/2 apis.google.com/js/api:client.js IP 172.217.21.174:443 ASN #15169 GOOGLE Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerGoogle Trust Services LLC Subject.apis.google.com Fingerprint06:87:C0:63:02:21:98:02:BD:FC:A0:11:93:E9:3A:9F:51:21:06:D8 ValidityMon, 23 Oct 2023 11:25:10 GMT - Mon, 15 Jan 2024 11:25:09 GMT Magic ASCII text, with very long lines (2056) Size 7118 Hash fae9a4c8f89afe0734f8c33f1f5d27ff 6927bc0d1c23d683493778bea3aaa8f0e45a4867 ce98b1f7068fe4eb5d2cb975d6c80893bd441d13cbb25b28bf4ae4af1c6da73a HTTP Headers `GET /js/api:client.js HTTP/1.1 Host: apis.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pizzacodavison.hrpos.heartland.us/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip content-type: text/javascript access-control-allow-origin: * content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="gapi-team" report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} timing-allow-origin: * p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." content-length: 7118 date: Tue, 21 Nov 2023 07:15:24 GMT expires: Tue, 21 Nov 2023 07:15:24 GMT cache-control: private, max-age=1800, stale-while-revalidate=1800 etag: "5eec3cbcf8fad04f" x-content-type-options: nosniff server: sffe x-xss-protection: 0 set-cookie: NID=511=k1KHwVTKE6XTrVsks4SXw5LJSOwsfq8RClB02aS0N5-ai42P3__Rz2Ai1uu1sirzUKZF5bJNEitRZl6Z76aMdCitfjrAOBSm6dxolkSmCOikSb8pyxmyGQB3AVwExFqbaxFw1WUEeca2UkSGnZWvOocQNMtVpcplFsw_A0FXDQs; expires=Wed, 22-May-2024 07:15:24 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	maps.googleapis.com/maps/api/js?key=AIzaSyD__vJySms9a5ZBHfIE_lBEFNQo_JjHEaI&libraries=places,geometry	142.250.74.106	200 OK	67667
Search urlquery URL maps.googleapis.com/maps/api/js?key=AIzaSyD__vJySms9a5ZBHfIE_lBEFNQo_JjHEaI&libraries=places,geometry DOMAIN maps.googleapis.com FQDN maps.googleapis.com IP 142.250.74.106 Hash 5740aa096e3ea6a74ca31e98d6856b0b External sources Mnemonic PDNS FQDN maps.googleapis.com DOMAIN maps.googleapis.com IP 142.250.74.106 VirusTotal HASH b426ef05637285e59bce590b126ab17294538198 FQDN maps.googleapis.com DOMAIN maps.googleapis.com IP 142.250.74.106 crt.sh FQDN maps.googleapis.com DOMAIN maps.googleapis.com Fingerprint CC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 URL GET HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyD__vJySms9a5ZBHfIE_lBEFNQo_JjHEaI&libraries=places,geometry IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT Magic ASCII text, with very long lines (2928) Size 67667 Hash 5740aa096e3ea6a74ca31e98d6856b0b b426ef05637285e59bce590b126ab17294538198 fa1e26c01b6a145ce8a1fc0fe9177b4333a572517a7f37ffb796e7cc58dcffd4 HTTP Headers `GET /maps/api/js?key=AIzaSyD__vJySms9a5ZBHfIE_lBEFNQo_JjHEaI&libraries=places,geometry HTTP/1.1 Host: maps.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pizzacodavison.hrpos.heartland.us/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 cross-origin-resource-policy: cross-origin cache-control: public, max-age=1800 vary: Accept-Language, Origin, X-Origin, Referer timing-allow-origin: * content-encoding: gzip date: Tue, 21 Nov 2023 07:15:25 GMT server: scaffolding on HTTPServer2 content-length: 67667 x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	ocsp.r2m03.amazontrust.com/	143.204.53.97		471
Search urlquery URL ocsp.r2m03.amazontrust.com/ DOMAIN amazontrust.com FQDN ocsp.r2m03.amazontrust.com IP 143.204.53.97 Hash d7ca4caa9215e736f3a1137d94a2748f External sources Mnemonic PDNS FQDN ocsp.r2m03.amazontrust.com DOMAIN amazontrust.com IP 143.204.53.97 VirusTotal HASH 72491374c84bbf20377fa3dddaab77241d39bfe5 FQDN ocsp.r2m03.amazontrust.com DOMAIN amazontrust.com IP 143.204.53.97 crt.sh FQDN ocsp.r2m03.amazontrust.com DOMAIN amazontrust.com URL ocsp.r2m03.amazontrust.com/ IP 143.204.53.97:0 ASN #16509 AMAZON-02 Magic data Size 471 Hash d7ca4caa9215e736f3a1137d94a2748f 72491374c84bbf20377fa3dddaab77241d39bfe5 a9ec434d621e34ee01f4aec4cdac8faff185e086a2528db381e4caf8a772a36f HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m03.amazontrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Cache-Control: max-age=7200 Date: Tue, 21 Nov 2023 07:15:25 GMT Server: ECAcc (amb/6AE8) X-Cache: Miss from cloudfront Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: CK6f6LwcV9PgLyvyQftFaNi5duGQdo6shKtf4aqZNmLdYqyueqMyQg==`

	token.monetary.co/v1/client	52.167.230.32	200 OK	1218
Search urlquery URL token.monetary.co/v1/client DOMAIN monetary.co FQDN token.monetary.co IP 52.167.230.32 Hash fecea4e46100947b5a6b81098ba403f5 External sources Mnemonic PDNS FQDN token.monetary.co DOMAIN monetary.co IP 52.167.230.32 VirusTotal HASH db4379b2313f391cebce5b99949217a63492fa3d FQDN token.monetary.co DOMAIN monetary.co IP 52.167.230.32 crt.sh FQDN token.monetary.co DOMAIN monetary.co Fingerprint A5:15:E8:1E:67:BB:91:9A:25:B8:93:1E:A3:3B:8F:96:CC:4F:14:87 URL GET HTTP/1.1 token.monetary.co/v1/client IP 52.167.230.32:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerGoDaddy.com, Inc. Subject.monetary.co FingerprintA5:15:E8:1E:67:BB:91:9A:25:B8:93:1E:A3:3B:8F:96:CC:4F:14:87 ValidityTue, 16 May 2023 07:00:46 GMT - Mon, 03 Jun 2024 17:27:32 GMT Magic ASCII text, with very long lines (2137), with no line terminators Size 1218 Hash fecea4e46100947b5a6b81098ba403f5 db4379b2313f391cebce5b99949217a63492fa3d 8cd608d79ea0cadfb332df16ec714357fead20201fbd0ed67fd6be1f74bca17f HTTP Headers `GET /v1/client HTTP/1.1 Host: token.monetary.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pizzacodavison.hrpos.heartland.us/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Cache-Control: no-store, must-revalidate, no-cache, max-age=0 Content-Type: application/javascript Content-Encoding: gzip Vary: Accept-Encoding Server: Microsoft-IIS/10.0 Request-Context: appId=cid-v1:6a90fbb4-274a-4ae1-adf2-e60a198542f2 Date: Tue, 21 Nov 2023 07:15:25 GMT Content-Length: 1218`

	ocsp.entrust.net/	23.38.202.187		1588
Search urlquery URL ocsp.entrust.net/ DOMAIN entrust.net FQDN ocsp.entrust.net IP 23.38.202.187 Hash d7c986b0d1d2500d7a46510917152b79 External sources Mnemonic PDNS FQDN ocsp.entrust.net DOMAIN entrust.net IP 23.38.202.187 VirusTotal HASH d7229f244ce5269a5a271b3f781f02a918b45295 FQDN ocsp.entrust.net DOMAIN entrust.net IP 23.38.202.187 crt.sh FQDN ocsp.entrust.net DOMAIN entrust.net URL ocsp.entrust.net/ IP 23.38.202.187:0 ASN #16625 AKAMAI-AS Magic data Size 1588 Hash d7c986b0d1d2500d7a46510917152b79 d7229f244ce5269a5a271b3f781f02a918b45295 df1c7e20b252ebf76f77ec497a9262be8923ac596bf6560edcb7639cf933bdaf HTTP Headers `POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "DF1C7E20B252EBF76F77EC497A9262BE8923AC596BF6560EDCB7639CF933BDAF" Last-Modified: Tue, 21 Nov 2023 01:00:00 UTC Content-Length: 1588 Cache-Control: public, no-transform, must-revalidate, max-age=3585 Expires: Tue, 21 Nov 2023 08:15:10 GMT Date: Tue, 21 Nov 2023 07:15:25 GMT Connection: keep-alive`

	ocsp.r2m03.amazontrust.com/	143.204.53.97		471
Search urlquery URL ocsp.r2m03.amazontrust.com/ DOMAIN amazontrust.com FQDN ocsp.r2m03.amazontrust.com IP 143.204.53.97 Hash d7ca4caa9215e736f3a1137d94a2748f External sources Mnemonic PDNS FQDN ocsp.r2m03.amazontrust.com DOMAIN amazontrust.com IP 143.204.53.97 VirusTotal HASH 72491374c84bbf20377fa3dddaab77241d39bfe5 FQDN ocsp.r2m03.amazontrust.com DOMAIN amazontrust.com IP 143.204.53.97 crt.sh FQDN ocsp.r2m03.amazontrust.com DOMAIN amazontrust.com URL ocsp.r2m03.amazontrust.com/ IP 143.204.53.97:0 ASN #16509 AMAZON-02 Magic data Size 471 Hash d7ca4caa9215e736f3a1137d94a2748f 72491374c84bbf20377fa3dddaab77241d39bfe5 a9ec434d621e34ee01f4aec4cdac8faff185e086a2528db381e4caf8a772a36f HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m03.amazontrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Cache-Control: max-age=7200 Date: Tue, 21 Nov 2023 07:15:25 GMT Server: ECAcc (amb/6B43) X-Cache: Miss from cloudfront Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: rUuAI4EqJwlXwT3fS1kbiVM4dvgBmYwDc6OdPe1oE3rE5EaO8II1eg==`

	assets.hrpos.heartland.us/online/bundle.js	143.204.55.106	303 See Other	0
Search urlquery URL assets.hrpos.heartland.us/online/bundle.js DOMAIN heartland.us FQDN assets.hrpos.heartland.us IP 143.204.55.106 Hash d41d8cd98f00b204e9800998ecf8427e External sources Mnemonic PDNS FQDN assets.hrpos.heartland.us DOMAIN heartland.us IP 143.204.55.106 VirusTotal HASH da39a3ee5e6b4b0d3255bfef95601890afd80709 FQDN assets.hrpos.heartland.us DOMAIN heartland.us IP 143.204.55.106 crt.sh FQDN assets.hrpos.heartland.us DOMAIN heartland.us Fingerprint 3F:3C:CE:CC:EF:43:86:0C:F6:89:C9:26:2E:1D:E0:E1:DB:08:03:C4 URL GET HTTP/2 assets.hrpos.heartland.us/online/bundle.js IP 143.204.55.106:443 ASN #16509 AMAZON-02 Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerAmazon Subject.hrpos.heartland.us Fingerprint3F:3C:CE:CC:EF:43:86:0C:F6:89:C9:26:2E:1D:E0:E1:DB:08:03:C4 ValidityTue, 26 Sep 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT Magic Size 0 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /online/bundle.js HTTP/1.1 Host: assets.hrpos.heartland.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pizzacodavison.hrpos.heartland.us/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 303 See Other content-type: application/json content-length: 0 location: https://d3bsq3k61902i2.cloudfront.net/apps/online-ordering/dist/assets/bundle.16ff1262.js.gz date: Tue, 21 Nov 2023 07:15:25 GMT x-amzn-requestid: 7b4e4047-6084-40f8-bdb7-10b2d7b7aa45 x-amz-apigw-id: OvLaJE-poAMEOBw= x-amzn-trace-id: Root=1-655c590d-02b6b82f403444d74426379f;Sampled=0;lineage=d13d887c:0 x-cache: Miss from cloudfront via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: MpPY18bt4UOKr57qxpV87Qu9wZwU1zqtpyAfUnzH999LSaIkayemUg== X-Firefox-Spdy: h2

	api2.heartlandportico.com/SecureSubmit.v1/token/gp-1.3.0/globalpayments.js	65.118.49.55	200 OK	32144
Search urlquery URL api2.heartlandportico.com/SecureSubmit.v1/token/gp-1.3.0/globalpayments.js DOMAIN heartlandportico.com FQDN api2.heartlandportico.com IP 65.118.49.55 Hash b1dcb2a17633c2e7eaab04e7d9e4f5b3 External sources Mnemonic PDNS FQDN api2.heartlandportico.com DOMAIN heartlandportico.com IP 65.118.49.55 VirusTotal HASH 0e6133dc8deaa321c0a9e70579488db6f1e3a177 FQDN api2.heartlandportico.com DOMAIN heartlandportico.com IP 65.118.49.55 crt.sh FQDN api2.heartlandportico.com DOMAIN heartlandportico.com Fingerprint C4:C7:39:AB:E9:24:83:B0:07:2C:98:81:56:A8:D4:9A:29:40:C0:F3 URL GET HTTP/1.1 api2.heartlandportico.com/SecureSubmit.v1/token/gp-1.3.0/globalpayments.js IP 65.118.49.55:443 ASN #16931 GLOBAL-PAYMENTS-1 Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerEntrust, Inc. Subjectapi2.heartlandportico.com FingerprintC4:C7:39:AB:E9:24:83:B0:07:2C:98:81:56:A8:D4:9A:29:40:C0:F3 ValidityWed, 28 Jun 2023 12:56:47 GMT - Sun, 28 Jul 2024 12:56:46 GMT Magic ASCII text, with CRLF, LF line terminators Size 32144 Hash b1dcb2a17633c2e7eaab04e7d9e4f5b3 0e6133dc8deaa321c0a9e70579488db6f1e3a177 d9b81aa1fe82bf0b92980bfe359117e9a4c2cb5958fdc5b719c59c58bb1bceba HTTP Headers `GET /SecureSubmit.v1/token/gp-1.3.0/globalpayments.js HTTP/1.1 Host: api2.heartlandportico.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pizzacodavison.hrpos.heartland.us/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/javascript Content-Encoding: gzip Last-Modified: Mon, 31 Aug 2020 15:59:19 GMT Accept-Ranges: bytes ETag: "80a53cafaf7fd61:0" Vary: Accept-Encoding Server: X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000; includeSubDomains; Date: Tue, 21 Nov 2023 07:15:25 GMT Content-Length: 32144`

	assets.hrpos.heartland.us/online/style.css	143.204.55.106	303 See Other	0
Search urlquery URL assets.hrpos.heartland.us/online/style.css DOMAIN heartland.us FQDN assets.hrpos.heartland.us IP 143.204.55.106 Hash d41d8cd98f00b204e9800998ecf8427e External sources Mnemonic PDNS FQDN assets.hrpos.heartland.us DOMAIN heartland.us IP 143.204.55.106 VirusTotal HASH da39a3ee5e6b4b0d3255bfef95601890afd80709 FQDN assets.hrpos.heartland.us DOMAIN heartland.us IP 143.204.55.106 crt.sh FQDN assets.hrpos.heartland.us DOMAIN heartland.us Fingerprint 3F:3C:CE:CC:EF:43:86:0C:F6:89:C9:26:2E:1D:E0:E1:DB:08:03:C4 URL GET HTTP/2 assets.hrpos.heartland.us/online/style.css IP 143.204.55.106:443 ASN #16509 AMAZON-02 Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerAmazon Subject.hrpos.heartland.us Fingerprint3F:3C:CE:CC:EF:43:86:0C:F6:89:C9:26:2E:1D:E0:E1:DB:08:03:C4 ValidityTue, 26 Sep 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT Magic Size 0 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /online/style.css HTTP/1.1 Host: assets.hrpos.heartland.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pizzacodavison.hrpos.heartland.us/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 303 See Other content-type: application/json content-length: 0 location: https://d3bsq3k61902i2.cloudfront.net/apps/online-ordering/dist/assets/style.fafd4e69.css.gz date: Tue, 21 Nov 2023 07:15:25 GMT x-amzn-requestid: 3faa6e40-9c81-4885-ac92-649ee25d1f21 x-amz-apigw-id: OvLaMF9eoAMEDwg= x-amzn-trace-id: Root=1-655c590d-346fc8c236740898135e1b74;Sampled=0;lineage=d13d887c:0 x-cache: Miss from cloudfront via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 5tECPt9GviTs9M4407k7IB1UfYWJSUi58OAM5_x1IKcUkKmd9JCtEQ== X-Firefox-Spdy: h2

	d3bsq3k61902i2.cloudfront.net/apps/online-ordering/dist/assets/style.fafd4e69.css.gz	143.204.42.150	200 OK	14837
Search urlquery URL d3bsq3k61902i2.cloudfront.net/apps/online-ordering/dist/assets/style.fafd4e69.css.gz DOMAIN d3bsq3k61902i2.cloudfront.net FQDN d3bsq3k61902i2.cloudfront.net IP 143.204.42.150 Hash fafd4e691d05275829118916fd09ef6e External sources Mnemonic PDNS FQDN d3bsq3k61902i2.cloudfront.net DOMAIN d3bsq3k61902i2.cloudfront.net IP 143.204.42.150 VirusTotal HASH 468a33a6947fb85b6382f93c794c0c0b5e0085f0 FQDN d3bsq3k61902i2.cloudfront.net DOMAIN d3bsq3k61902i2.cloudfront.net IP 143.204.42.150 crt.sh FQDN d3bsq3k61902i2.cloudfront.net DOMAIN d3bsq3k61902i2.cloudfront.net Fingerprint FA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 URL GET HTTP/1.1 d3bsq3k61902i2.cloudfront.net/apps/online-ordering/dist/assets/style.fafd4e69.css.gz IP 143.204.42.150:443 ASN #16509 AMAZON-02 Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT Magic ASCII text, with very long lines (65536), with no line terminators Size 14837 Hash fafd4e691d05275829118916fd09ef6e 468a33a6947fb85b6382f93c794c0c0b5e0085f0 e750591007aa392d2d2d2afb5eaa3f6916fa4964c7287399c6686f8fb13134b6 HTTP Headers `GET /apps/online-ordering/dist/assets/style.fafd4e69.css.gz HTTP/1.1 Host: d3bsq3k61902i2.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://pizzacodavison.hrpos.heartland.us/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: text/css Content-Length: 14837 Connection: keep-alive Date: Mon, 06 Nov 2023 14:50:52 GMT Last-Modified: Fri, 03 Nov 2023 17:33:38 GMT ETag: "c105e5dff77badbee393ceeb851815f8" x-amz-server-side-encryption: AES256 Cache-Control: max-age=2419200 Content-Encoding: gzip Accept-Ranges: bytes Server: AmazonS3 X-Cache: Hit from cloudfront Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: Bhps60HROiVxMBMtCRKrGMooDYtGXKSHKosPC7vlVuqDivI6H0bRHQ== Age: 1268674

	fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2	216.58.207.227	200 OK	48432
Search urlquery URL fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 DOMAIN gstatic.com FQDN fonts.gstatic.com IP 216.58.207.227 Hash e2d74c5e631bc53a7240bbfe4be99c8f External sources Mnemonic PDNS FQDN fonts.gstatic.com DOMAIN gstatic.com IP 216.58.207.227 VirusTotal HASH eb513857bb01cc4f7249067fc7e969bef415fc90 FQDN fonts.gstatic.com DOMAIN gstatic.com IP 216.58.207.227 crt.sh FQDN fonts.gstatic.com DOMAIN gstatic.com Fingerprint E5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT Magic Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data Size 48432 Hash e2d74c5e631bc53a7240bbfe4be99c8f eb513857bb01cc4f7249067fc7e969bef415fc90 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5 HTTP Headers GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://pizzacodavison.hrpos.heartland.us DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 48432 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 16 Nov 2023 05:00:58 GMT expires: Fri, 15 Nov 2024 05:00:58 GMT cache-control: public, max-age=31536000 last-modified: Thu, 14 Sep 2023 00:40:31 GMT content-type: font/woff2 age: 440067 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	d3bsq3k61902i2.cloudfront.net/apps/online-ordering/dist/assets/bundle.16ff1262.js.gz	143.204.42.120	200 OK	1945484
Search urlquery URL d3bsq3k61902i2.cloudfront.net/apps/online-ordering/dist/assets/bundle.16ff1262.js.gz DOMAIN d3bsq3k61902i2.cloudfront.net FQDN d3bsq3k61902i2.cloudfront.net IP 143.204.42.120 Hash 16ff1262fb3d94c4175d6537c3588bc9 External sources Mnemonic PDNS FQDN d3bsq3k61902i2.cloudfront.net DOMAIN d3bsq3k61902i2.cloudfront.net IP 143.204.42.120 VirusTotal HASH 29deeb39947eba2efde441d9706756ef4583763b FQDN d3bsq3k61902i2.cloudfront.net DOMAIN d3bsq3k61902i2.cloudfront.net IP 143.204.42.120 crt.sh FQDN d3bsq3k61902i2.cloudfront.net DOMAIN d3bsq3k61902i2.cloudfront.net Fingerprint FA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 URL GET HTTP/1.1 d3bsq3k61902i2.cloudfront.net/apps/online-ordering/dist/assets/bundle.16ff1262.js.gz IP 143.204.42.120:443 ASN #16509 AMAZON-02 Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT Magic Unicode text, UTF-8 text, with very long lines (57338) Size 1945484 Hash 16ff1262fb3d94c4175d6537c3588bc9 29deeb39947eba2efde441d9706756ef4583763b de02eff05cf060e015876da24db83a66d17e0a40ca9f9dddc8ff9cd44853c354 HTTP Headers `GET /apps/online-ordering/dist/assets/bundle.16ff1262.js.gz HTTP/1.1 Host: d3bsq3k61902i2.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://pizzacodavison.hrpos.heartland.us/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: text/javascript Content-Length: 1945484 Connection: keep-alive Date: Tue, 21 Nov 2023 07:15:26 GMT Last-Modified: Tue, 21 Nov 2023 07:14:11 GMT ETag: "4a250e8c7b5d93eb696a391231914e37" x-amz-server-side-encryption: AES256 Cache-Control: max-age=2419200 Content-Encoding: gzip Accept-Ranges: bytes Server: AmazonS3 X-Cache: Miss from cloudfront Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: 1CJhbjjGvSN00Q7DOUtgNYj-xqhz7iP_zzqX1UkWznEuh9Vl6I60qg==

	d3bsq3k61902i2.cloudfront.net/apps/online-ordering/dist/img/hrpos/favicon.ico	143.204.42.120	200 OK	1995
Search urlquery URL d3bsq3k61902i2.cloudfront.net/apps/online-ordering/dist/img/hrpos/favicon.ico DOMAIN d3bsq3k61902i2.cloudfront.net FQDN d3bsq3k61902i2.cloudfront.net IP 143.204.42.120 Hash 5cd95ccbfa35e882ce37757a8041ad21 External sources Mnemonic PDNS FQDN d3bsq3k61902i2.cloudfront.net DOMAIN d3bsq3k61902i2.cloudfront.net IP 143.204.42.120 VirusTotal HASH 3f08f429ec94a46f42ffb805fd938ca841dea1d7 FQDN d3bsq3k61902i2.cloudfront.net DOMAIN d3bsq3k61902i2.cloudfront.net IP 143.204.42.120 crt.sh FQDN d3bsq3k61902i2.cloudfront.net DOMAIN d3bsq3k61902i2.cloudfront.net Fingerprint FA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 URL GET HTTP/1.1 d3bsq3k61902i2.cloudfront.net/apps/online-ordering/dist/img/hrpos/favicon.ico IP 143.204.42.120:443 ASN #16509 AMAZON-02 Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT Magic PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size 1995 Hash 5cd95ccbfa35e882ce37757a8041ad21 3f08f429ec94a46f42ffb805fd938ca841dea1d7 e822028f8dfa5313eff4bcd7a04da29671cd57c4d0430bc2f4beb33308085306 HTTP Headers `GET /apps/online-ordering/dist/img/hrpos/favicon.ico HTTP/1.1 Host: d3bsq3k61902i2.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pizzacodavison.hrpos.heartland.us/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: image/x-icon Content-Length: 1995 Connection: keep-alive Date: Wed, 25 Oct 2023 10:58:20 GMT Last-Modified: Mon, 06 Apr 2020 18:27:33 GMT ETag: "5cd95ccbfa35e882ce37757a8041ad21" Cache-Control: max-age=2419200 Accept-Ranges: bytes Server: AmazonS3 X-Cache: Hit from cloudfront Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: dvwzahaC9d83yCuqwZq2nK7Xwj1QLikYrJDn-EqnjqwbRNxVebcZgg== Age: 2319428`

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs	172.217.21.174	200 OK	110396
Search urlquery URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs DOMAIN google.com FQDN apis.google.com IP 172.217.21.174 Hash 74e2ed30b18badb8e2821b62f0dc86db External sources Mnemonic PDNS FQDN apis.google.com DOMAIN google.com IP 172.217.21.174 VirusTotal HASH a44add961324d8d399de79e45524ffa019ffcd73 FQDN apis.google.com DOMAIN google.com IP 172.217.21.174 crt.sh FQDN apis.google.com DOMAIN google.com Fingerprint 4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95 URL GET HTTP/3 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs IP 172.217.21.174:443 ASN #15169 GOOGLE Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95 ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT Magic ASCII text, with very long lines (1505) Size 110396 Hash 74e2ed30b18badb8e2821b62f0dc86db a44add961324d8d399de79e45524ffa019ffcd73 3253ebd8d1a3c41f020b8e18e84bf61b96b0c1bba646b047fa90d87e72438371 HTTP Headers GET /_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs HTTP/1.1 Host: apis.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pizzacodavison.hrpos.heartland.us/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access" report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-length: 110396 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 14 Nov 2023 21:36:54 GMT expires: Wed, 13 Nov 2024 21:36:54 GMT cache-control: public, max-age=31536000 last-modified: Tue, 03 Oct 2023 15:22:58 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding age: 553113 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true	216.58.207.202	200 OK	23
Search urlquery URL maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true DOMAIN maps.googleapis.com FQDN maps.googleapis.com IP 216.58.207.202 Hash 8a80554c91d9fca8acb82f023de02f11 External sources Mnemonic PDNS FQDN maps.googleapis.com DOMAIN maps.googleapis.com IP 216.58.207.202 VirusTotal HASH 5f36b2ea290645ee34d943220a14b54ee5ea5be5 FQDN maps.googleapis.com DOMAIN maps.googleapis.com IP 216.58.207.202 crt.sh FQDN maps.googleapis.com DOMAIN maps.googleapis.com Fingerprint CC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 URL GET HTTP/3 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true IP 216.58.207.202:443 ASN #15169 GOOGLE Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT Magic JSON data\012- , ASCII text Size 23 Hash 8a80554c91d9fca8acb82f023de02f11 5f36b2ea290645ee34d943220a14b54ee5ea5be5 ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 HTTP Headers `GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1 Host: maps.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://pizzacodavison.hrpos.heartland.us DNT: 1 Connection: keep-alive Referer: https://pizzacodavison.hrpos.heartland.us/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: application/json; charset=UTF-8 vary: Origin, X-Origin, Referer content-encoding: gzip date: Tue, 21 Nov 2023 07:15:27 GMT server: scaffolding on HTTPServer2 cache-control: private content-length: 23 x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff access-control-allow-origin: https://pizzacodavison.hrpos.heartland.us access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	app.launchdarkly.com/sdk/goals/603e4b7ef4f58a0e5f2bffb4	151.101.2.217	200 OK	23
Search urlquery URL app.launchdarkly.com/sdk/goals/603e4b7ef4f58a0e5f2bffb4 DOMAIN launchdarkly.com FQDN app.launchdarkly.com IP 151.101.2.217 Hash f0d79988b7772c003d04a28bd7417a62 External sources Mnemonic PDNS FQDN app.launchdarkly.com DOMAIN launchdarkly.com IP 151.101.2.217 VirusTotal HASH 58423a999eec2997bcfffb247e9ecd3dfd0abf44 FQDN app.launchdarkly.com DOMAIN launchdarkly.com IP 151.101.2.217 crt.sh FQDN app.launchdarkly.com DOMAIN launchdarkly.com Fingerprint 74:95:C3:69:77:9B:7F:46:5E:6C:F1:40:8A:FA:87:01:3B:0B:54:38 URL OPTIONS HTTP/2 app.launchdarkly.com/sdk/goals/603e4b7ef4f58a0e5f2bffb4 IP 151.101.2.217:443 ASN #54113 FASTLY Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerGlobalSign nv-sa Subjectapp.launchdarkly.com Fingerprint74:95:C3:69:77:9B:7F:46:5E:6C:F1:40:8A:FA:87:01:3B:0B:54:38 ValiditySun, 02 Jul 2023 00:48:57 GMT - Fri, 02 Aug 2024 00:48:56 GMT Magic gzip compressed data\012- data Size 23 Hash f0d79988b7772c003d04a28bd7417a62 58423a999eec2997bcfffb247e9ecd3dfd0abf44 30e6fa98fb48c2b132824d1ac5e2243c0be9e9082ff32598d34d7687ca7f6c7f HTTP Headers OPTIONS /sdk/goals/603e4b7ef4f58a0e5f2bffb4 HTTP/1.1 Host: app.launchdarkly.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: GET Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper Referer: https://pizzacodavison.hrpos.heartland.us/ Origin: https://pizzacodavison.hrpos.heartland.us DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags access-control-allow-methods: GET, OPTIONS, HEAD access-control-allow-origin: * access-control-max-age: 3600 allow: GET, OPTIONS, HEAD content-encoding: gzip ld-region: us-east-1 strict-transport-security: max-age=31536000 accept-ranges: bytes date: Tue, 21 Nov 2023 07:15:28 GMT via: 1.1 varnish x-served-by: cache-bma1682-BMA x-cache: MISS x-cache-hits: 0 x-timer: S1700550928.340142,VS0,VE102 vary: Accept-Encoding age: 0 content-length: 23 X-Firefox-Spdy: h2

	app.launchdarkly.com/sdk/evalx/603e4b7ef4f58a0e5f2bffb4/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImMwYTY3MGUwLTg4M2QtMTFlZS1hMWZhLTIxOWU0YmEwMmFiNCJ9	151.101.2.217	200 OK	23
Search urlquery URL app.launchdarkly.com/sdk/evalx/603e4b7ef4f58a0e5f2bffb4/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImMwYTY3MGUwLTg4M2QtMTFlZS1hMWZhLTIxOWU0YmEwMmFiNCJ9 DOMAIN launchdarkly.com FQDN app.launchdarkly.com IP 151.101.2.217 Hash f0d79988b7772c003d04a28bd7417a62 External sources Mnemonic PDNS FQDN app.launchdarkly.com DOMAIN launchdarkly.com IP 151.101.2.217 VirusTotal HASH 58423a999eec2997bcfffb247e9ecd3dfd0abf44 FQDN app.launchdarkly.com DOMAIN launchdarkly.com IP 151.101.2.217 crt.sh FQDN app.launchdarkly.com DOMAIN launchdarkly.com Fingerprint 74:95:C3:69:77:9B:7F:46:5E:6C:F1:40:8A:FA:87:01:3B:0B:54:38 URL GET HTTP/2 app.launchdarkly.com/sdk/evalx/603e4b7ef4f58a0e5f2bffb4/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImMwYTY3MGUwLTg4M2QtMTFlZS1hMWZhLTIxOWU0YmEwMmFiNCJ9 IP 151.101.2.217:443 ASN #54113 FASTLY Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerGlobalSign nv-sa Subjectapp.launchdarkly.com Fingerprint74:95:C3:69:77:9B:7F:46:5E:6C:F1:40:8A:FA:87:01:3B:0B:54:38 ValiditySun, 02 Jul 2023 00:48:57 GMT - Fri, 02 Aug 2024 00:48:56 GMT Magic gzip compressed data\012- data Size 23 Hash f0d79988b7772c003d04a28bd7417a62 58423a999eec2997bcfffb247e9ecd3dfd0abf44 30e6fa98fb48c2b132824d1ac5e2243c0be9e9082ff32598d34d7687ca7f6c7f HTTP Headers OPTIONS /sdk/evalx/603e4b7ef4f58a0e5f2bffb4/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImMwYTY3MGUwLTg4M2QtMTFlZS1hMWZhLTIxOWU0YmEwMmFiNCJ9 HTTP/1.1 Host: app.launchdarkly.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: GET Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper Referer: https://pizzacodavison.hrpos.heartland.us/ Origin: https://pizzacodavison.hrpos.heartland.us DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags access-control-allow-methods: GET, OPTIONS, HEAD access-control-allow-origin: * access-control-max-age: 3600 allow: GET, OPTIONS, HEAD content-encoding: gzip ld-region: us-east-1 strict-transport-security: max-age=31536000 accept-ranges: bytes date: Tue, 21 Nov 2023 07:15:28 GMT via: 1.1 varnish x-served-by: cache-bma1682-BMA x-cache: MISS x-cache-hits: 0 x-timer: S1700550928.344546,VS0,VE102 vary: Accept-Encoding age: 0 content-length: 23 X-Firefox-Spdy: h2

	app.launchdarkly.com/sdk/goals/603e4b7ef4f58a0e5f2bffb4	151.101.2.217	200 OK	26
Search urlquery URL app.launchdarkly.com/sdk/goals/603e4b7ef4f58a0e5f2bffb4 DOMAIN launchdarkly.com FQDN app.launchdarkly.com IP 151.101.2.217 Hash d751713988987e9331980363e24189ce External sources Mnemonic PDNS FQDN app.launchdarkly.com DOMAIN launchdarkly.com IP 151.101.2.217 VirusTotal HASH 97d170e1550eee4afc0af065b78cda302a97674c FQDN app.launchdarkly.com DOMAIN launchdarkly.com IP 151.101.2.217 crt.sh FQDN app.launchdarkly.com DOMAIN launchdarkly.com Fingerprint 74:95:C3:69:77:9B:7F:46:5E:6C:F1:40:8A:FA:87:01:3B:0B:54:38 URL OPTIONS HTTP/2 app.launchdarkly.com/sdk/goals/603e4b7ef4f58a0e5f2bffb4 IP 151.101.2.217:443 ASN #54113 FASTLY Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerGlobalSign nv-sa Subjectapp.launchdarkly.com Fingerprint74:95:C3:69:77:9B:7F:46:5E:6C:F1:40:8A:FA:87:01:3B:0B:54:38 ValiditySun, 02 Jul 2023 00:48:57 GMT - Fri, 02 Aug 2024 00:48:56 GMT Magic JSON data\012- , ASCII text, with no line terminators Size 26 Hash d751713988987e9331980363e24189ce 97d170e1550eee4afc0af065b78cda302a97674c 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 HTTP Headers GET /sdk/goals/603e4b7ef4f58a0e5f2bffb4 HTTP/1.1 Host: app.launchdarkly.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-LaunchDarkly-User-Agent: JSClient/2.19.0 X-LaunchDarkly-Wrapper: react-client-sdk/2.22.0 Origin: https://pizzacodavison.hrpos.heartland.us DNT: 1 Connection: keep-alive Referer: https://pizzacodavison.hrpos.heartland.us/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK content-type: application/json access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags access-control-allow-methods: GET, OPTIONS, HEAD access-control-allow-origin: * access-control-max-age: 300 cache-control: max-age=0 content-encoding: gzip content-md5: d751713988987e9331980363e24189ce etag: "d751713988987e9331980363e24189ce" ld-region: us-east-1 strict-transport-security: max-age=31536000 accept-ranges: bytes date: Tue, 21 Nov 2023 07:15:28 GMT via: 1.1 varnish x-served-by: cache-bma1682-BMA x-cache: HIT x-cache-hits: 1 x-timer: S1700550928.452675,VS0,VE103 vary: Accept-Encoding age: 0 content-length: 26 X-Firefox-Spdy: h2

	ocsp.e2m02.amazontrust.com/	143.204.53.97		278
Search urlquery URL ocsp.e2m02.amazontrust.com/ DOMAIN amazontrust.com FQDN ocsp.e2m02.amazontrust.com IP 143.204.53.97 Hash d6d850c8e1c5c220fe81c34c55bcd0e0 External sources Mnemonic PDNS FQDN ocsp.e2m02.amazontrust.com DOMAIN amazontrust.com IP 143.204.53.97 VirusTotal HASH 20a0e8052d9fd189f03d1c14014ffb1f0783bcde FQDN ocsp.e2m02.amazontrust.com DOMAIN amazontrust.com IP 143.204.53.97 crt.sh FQDN ocsp.e2m02.amazontrust.com DOMAIN amazontrust.com URL ocsp.e2m02.amazontrust.com/ IP 143.204.53.97:0 ASN #16509 AMAZON-02 Magic data Size 278 Hash d6d850c8e1c5c220fe81c34c55bcd0e0 20a0e8052d9fd189f03d1c14014ffb1f0783bcde 77fae4884d5567291761eca0dbfcc031cb70a4ea89f0a833b22bba7b8551f2a5 HTTP Headers `POST / HTTP/1.1 Host: ocsp.e2m02.amazontrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 278 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=7200 Date: Tue, 21 Nov 2023 07:15:28 GMT Last-Modified: Tue, 21 Nov 2023 05:46:12 GMT Server: ECAcc (ska/F73C) X-Cache: Miss from cloudfront Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: c8OhdjbVRgXYkQqZg3I3MzSjKj18VtuFgENM5nu7BMZx_-3pp9ebXQ== Age: 5356`

	ocsp.e2m02.amazontrust.com/	143.204.53.97		278
Search urlquery URL ocsp.e2m02.amazontrust.com/ DOMAIN amazontrust.com FQDN ocsp.e2m02.amazontrust.com IP 143.204.53.97 Hash d6d850c8e1c5c220fe81c34c55bcd0e0 External sources Mnemonic PDNS FQDN ocsp.e2m02.amazontrust.com DOMAIN amazontrust.com IP 143.204.53.97 VirusTotal HASH 20a0e8052d9fd189f03d1c14014ffb1f0783bcde FQDN ocsp.e2m02.amazontrust.com DOMAIN amazontrust.com IP 143.204.53.97 crt.sh FQDN ocsp.e2m02.amazontrust.com DOMAIN amazontrust.com URL ocsp.e2m02.amazontrust.com/ IP 143.204.53.97:0 ASN #16509 AMAZON-02 Magic data Size 278 Hash d6d850c8e1c5c220fe81c34c55bcd0e0 20a0e8052d9fd189f03d1c14014ffb1f0783bcde 77fae4884d5567291761eca0dbfcc031cb70a4ea89f0a833b22bba7b8551f2a5 HTTP Headers `POST / HTTP/1.1 Host: ocsp.e2m02.amazontrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 278 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=7200 Date: Tue, 21 Nov 2023 07:15:28 GMT Last-Modified: Tue, 21 Nov 2023 05:46:03 GMT Server: ECAcc (ska/F757) X-Cache: Miss from cloudfront Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: hv5jL1Lm_wIzU6J0ljseUXuUFn9pGlXf1gdR8a7gkMiKWZMbYzSBsQ== Age: 5365`

	events.launchdarkly.com/events/diagnostic/603e4b7ef4f58a0e5f2bffb4	54.175.249.243	204 No Content	0
Search urlquery URL events.launchdarkly.com/events/diagnostic/603e4b7ef4f58a0e5f2bffb4 DOMAIN launchdarkly.com FQDN events.launchdarkly.com IP 54.175.249.243 Hash d41d8cd98f00b204e9800998ecf8427e External sources Mnemonic PDNS FQDN events.launchdarkly.com DOMAIN launchdarkly.com IP 54.175.249.243 VirusTotal HASH da39a3ee5e6b4b0d3255bfef95601890afd80709 FQDN events.launchdarkly.com DOMAIN launchdarkly.com IP 54.175.249.243 crt.sh FQDN events.launchdarkly.com DOMAIN launchdarkly.com Fingerprint D6:A9:BF:61:8A:C6:FF:34:00:EB:52:E2:2A:24:55:4D:E5:29:01:CF URL OPTIONS HTTP/2 events.launchdarkly.com/events/diagnostic/603e4b7ef4f58a0e5f2bffb4 IP 54.175.249.243:443 ASN #14618 AMAZON-AES Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerAmazon Subjectevents.launchdarkly.com FingerprintD6:A9:BF:61:8A:C6:FF:34:00:EB:52:E2:2A:24:55:4D:E5:29:01:CF ValidityWed, 21 Jun 2023 00:00:00 GMT - Sat, 20 Jul 2024 23:59:59 GMT Magic Size 0 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /events/diagnostic/603e4b7ef4f58a0e5f2bffb4 HTTP/1.1 Host: events.launchdarkly.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper Referer: https://pizzacodavison.hrpos.heartland.us/ Origin: https://pizzacodavison.hrpos.heartland.us DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 204 No Content date: Tue, 21 Nov 2023 07:15:28 GMT access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags access-control-allow-methods: POST,OPTIONS access-control-allow-origin: * access-control-expose-headers: Date access-control-max-age: 300 strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2`

	events.launchdarkly.com/events/diagnostic/603e4b7ef4f58a0e5f2bffb4	54.175.249.243	204 No Content	0
Search urlquery URL events.launchdarkly.com/events/diagnostic/603e4b7ef4f58a0e5f2bffb4 DOMAIN launchdarkly.com FQDN events.launchdarkly.com IP 54.175.249.243 Hash d41d8cd98f00b204e9800998ecf8427e External sources Mnemonic PDNS FQDN events.launchdarkly.com DOMAIN launchdarkly.com IP 54.175.249.243 VirusTotal HASH da39a3ee5e6b4b0d3255bfef95601890afd80709 FQDN events.launchdarkly.com DOMAIN launchdarkly.com IP 54.175.249.243 crt.sh FQDN events.launchdarkly.com DOMAIN launchdarkly.com Fingerprint D6:A9:BF:61:8A:C6:FF:34:00:EB:52:E2:2A:24:55:4D:E5:29:01:CF URL OPTIONS HTTP/2 events.launchdarkly.com/events/diagnostic/603e4b7ef4f58a0e5f2bffb4 IP 54.175.249.243:443 ASN #14618 AMAZON-AES Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerAmazon Subjectevents.launchdarkly.com FingerprintD6:A9:BF:61:8A:C6:FF:34:00:EB:52:E2:2A:24:55:4D:E5:29:01:CF ValidityWed, 21 Jun 2023 00:00:00 GMT - Sat, 20 Jul 2024 23:59:59 GMT Magic Size 0 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /events/diagnostic/603e4b7ef4f58a0e5f2bffb4 HTTP/1.1 Host: events.launchdarkly.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json X-LaunchDarkly-User-Agent: JSClient/2.19.0 X-LaunchDarkly-Wrapper: react-client-sdk/2.22.0 Content-Length: 831 Origin: https://pizzacodavison.hrpos.heartland.us DNT: 1 Connection: keep-alive Referer: https://pizzacodavison.hrpos.heartland.us/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 202 Accepted date: Tue, 21 Nov 2023 07:15:28 GMT content-type: application/json content-length: 0 access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags access-control-allow-methods: POST,OPTIONS access-control-allow-origin: * access-control-expose-headers: Date access-control-max-age: 300 strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2

	app.launchdarkly.com/sdk/evalx/603e4b7ef4f58a0e5f2bffb4/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImMwYTY3MGUwLTg4M2QtMTFlZS1hMWZhLTIxOWU0YmEwMmFiNCJ9	151.101.2.217	200 OK	2660
Search urlquery URL app.launchdarkly.com/sdk/evalx/603e4b7ef4f58a0e5f2bffb4/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImMwYTY3MGUwLTg4M2QtMTFlZS1hMWZhLTIxOWU0YmEwMmFiNCJ9 DOMAIN launchdarkly.com FQDN app.launchdarkly.com IP 151.101.2.217 Hash 2cf2cd6cb5dd4f509f9bc42f70ed6fa5 External sources Mnemonic PDNS FQDN app.launchdarkly.com DOMAIN launchdarkly.com IP 151.101.2.217 VirusTotal HASH 80750f9468f172b8f085fb64bc267b477ec65e2c FQDN app.launchdarkly.com DOMAIN launchdarkly.com IP 151.101.2.217 crt.sh FQDN app.launchdarkly.com DOMAIN launchdarkly.com Fingerprint 74:95:C3:69:77:9B:7F:46:5E:6C:F1:40:8A:FA:87:01:3B:0B:54:38 URL GET HTTP/2 app.launchdarkly.com/sdk/evalx/603e4b7ef4f58a0e5f2bffb4/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImMwYTY3MGUwLTg4M2QtMTFlZS1hMWZhLTIxOWU0YmEwMmFiNCJ9 IP 151.101.2.217:443 ASN #54113 FASTLY Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerGlobalSign nv-sa Subjectapp.launchdarkly.com Fingerprint74:95:C3:69:77:9B:7F:46:5E:6C:F1:40:8A:FA:87:01:3B:0B:54:38 ValiditySun, 02 Jul 2023 00:48:57 GMT - Fri, 02 Aug 2024 00:48:56 GMT Magic JSON data\012- , ASCII text, with very long lines (19062), with no line terminators Size 2660 Hash 2cf2cd6cb5dd4f509f9bc42f70ed6fa5 80750f9468f172b8f085fb64bc267b477ec65e2c 7a273e247bfd50433804faeb5250d0474bc5c5130108f1baa0850a438bede2b0 HTTP Headers GET /sdk/evalx/603e4b7ef4f58a0e5f2bffb4/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImMwYTY3MGUwLTg4M2QtMTFlZS1hMWZhLTIxOWU0YmEwMmFiNCJ9 HTTP/1.1 Host: app.launchdarkly.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-LaunchDarkly-User-Agent: JSClient/2.19.0 X-LaunchDarkly-Wrapper: react-client-sdk/2.22.0 Origin: https://pizzacodavison.hrpos.heartland.us DNT: 1 Connection: keep-alive Referer: https://pizzacodavison.hrpos.heartland.us/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK content-type: application/json cache-control: max-age=0 etag: "2546dbb" access-control-allow-origin: * access-control-max-age: 3600 access-control-allow-methods: OPTIONS, GET access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version content-encoding: gzip accept-ranges: bytes date: Tue, 21 Nov 2023 07:15:29 GMT via: 1.1 varnish x-served-by: cache-bma1655-BMA, cache-bma1682-BMA x-cache: MISS x-cache-hits: 0 x-timer: S1700550928.484141,VS0,VE521 vary: Authorization, Accept-Encoding age: 0 content-length: 2660 X-Firefox-Spdy: h2

	online.hrpos.heartland.us/location	143.204.55.70	403 Forbidden	23
Search urlquery URL online.hrpos.heartland.us/location DOMAIN heartland.us FQDN online.hrpos.heartland.us IP 143.204.55.70 Hash bc45704aad57d445b6dfa58b101071e3 External sources Mnemonic PDNS FQDN online.hrpos.heartland.us DOMAIN heartland.us IP 143.204.55.70 VirusTotal HASH 6ea226ea9c42e1cc7e668b33bd7c6c0a5c205b0f FQDN online.hrpos.heartland.us DOMAIN heartland.us IP 143.204.55.70 crt.sh FQDN online.hrpos.heartland.us DOMAIN heartland.us Fingerprint 3F:3C:CE:CC:EF:43:86:0C:F6:89:C9:26:2E:1D:E0:E1:DB:08:03:C4 URL OPTIONS HTTP/2 online.hrpos.heartland.us/location IP 143.204.55.70:443 ASN #16509 AMAZON-02 Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerAmazon Subject.hrpos.heartland.us Fingerprint3F:3C:CE:CC:EF:43:86:0C:F6:89:C9:26:2E:1D:E0:E1:DB:08:03:C4 ValidityTue, 26 Sep 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT Magic JSON data\012- , ASCII text, with no line terminators Size 23 Hash bc45704aad57d445b6dfa58b101071e3 6ea226ea9c42e1cc7e668b33bd7c6c0a5c205b0f 12a22880bc2e59f8278b4a5e547567f0aa14d020ea456598267fa00208cfebc5 HTTP Headers OPTIONS /location HTTP/1.1 Host: online.hrpos.heartland.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type,x-locale Referer: https://pizzacodavison.hrpos.heartland.us/ Origin: https://pizzacodavison.hrpos.heartland.us DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/2 403 Forbidden content-type: application/json content-length: 23 date: Tue, 21 Nov 2023 07:15:29 GMT x-amzn-requestid: 07f0c342-7455-49be-a1b6-9e8bd4035a8d access-control-allow-origin: * access-control-allow-headers: * x-amzn-errortype: ForbiddenException x-amz-apigw-id: OvLawFEpoAMEevw= x-cache: Error from cloudfront via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: n_mP6_fEsVeDdbEtH7VdvK7CLzYJjG9ni0-qYtwIokKnb88c9xu1Jw== X-Firefox-Spdy: h2

	maps.googleapis.com/maps-api-v3/api/js/55/1/common.js	142.250.74.106	200 OK	56955
Search urlquery URL maps.googleapis.com/maps-api-v3/api/js/55/1/common.js DOMAIN maps.googleapis.com FQDN maps.googleapis.com IP 142.250.74.106 Hash 057bc607dd53dfac4696ca68febbddee External sources Mnemonic PDNS FQDN maps.googleapis.com DOMAIN maps.googleapis.com IP 142.250.74.106 VirusTotal HASH 7fe64004565fe92c2f13e9ba35c0ebcf15f1213a FQDN maps.googleapis.com DOMAIN maps.googleapis.com IP 142.250.74.106 crt.sh FQDN maps.googleapis.com DOMAIN maps.googleapis.com Fingerprint CC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 URL GET HTTP/3 maps.googleapis.com/maps-api-v3/api/js/55/1/common.js IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT Magic ASCII text, with very long lines (5883) Size 56955 Hash 057bc607dd53dfac4696ca68febbddee 7fe64004565fe92c2f13e9ba35c0ebcf15f1213a e8ea928121a40d22f6739ed2ad8509c4b710104483bddae0d5021fcdebb76295 HTTP Headers `GET /maps-api-v3/api/js/55/1/common.js HTTP/1.1 Host: maps.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pizzacodavison.hrpos.heartland.us/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: br content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="maps-api-js" report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]} content-length: 56955 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 15 Nov 2023 21:48:47 GMT expires: Thu, 14 Nov 2024 21:48:47 GMT cache-control: public, max-age=31536000 last-modified: Tue, 14 Nov 2023 19:21:59 GMT content-type: text/javascript vary: Accept-Encoding, Origin age: 466003 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	maps.googleapis.com/maps-api-v3/api/js/55/1/util.js	142.250.74.106	200 OK	55028
Search urlquery URL maps.googleapis.com/maps-api-v3/api/js/55/1/util.js DOMAIN maps.googleapis.com FQDN maps.googleapis.com IP 142.250.74.106 Hash 4cf2bc2c81e11c62e82c708960c6aef8 External sources Mnemonic PDNS FQDN maps.googleapis.com DOMAIN maps.googleapis.com IP 142.250.74.106 VirusTotal HASH 7d8d66d88af80e050ae18d87b0876ab59f490dd9 FQDN maps.googleapis.com DOMAIN maps.googleapis.com IP 142.250.74.106 crt.sh FQDN maps.googleapis.com DOMAIN maps.googleapis.com Fingerprint CC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 URL GET HTTP/3 maps.googleapis.com/maps-api-v3/api/js/55/1/util.js IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT Magic ASCII text, with very long lines (562) Size 55028 Hash 4cf2bc2c81e11c62e82c708960c6aef8 7d8d66d88af80e050ae18d87b0876ab59f490dd9 740297dd144b71eedd45ab264a5a59e84096632d0870f0cf304d673e7bead73f HTTP Headers `GET /maps-api-v3/api/js/55/1/util.js HTTP/1.1 Host: maps.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pizzacodavison.hrpos.heartland.us/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: br content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="maps-api-js" report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]} content-length: 55028 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 15 Nov 2023 21:48:41 GMT expires: Thu, 14 Nov 2024 21:48:41 GMT cache-control: public, max-age=31536000 last-modified: Tue, 14 Nov 2023 19:21:59 GMT content-type: text/javascript vary: Accept-Encoding, Origin age: 466009 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	fonts.googleapis.com/icon?family=Inter:400,600,700,800	142.250.74.106	200 OK	8800
Search urlquery URL fonts.googleapis.com/icon?family=Inter:400,600,700,800 DOMAIN fonts.googleapis.com FQDN fonts.googleapis.com IP 142.250.74.106 Hash cf5acb2e78ab3841aaf4d9b8ffe079bc External sources Mnemonic PDNS FQDN fonts.googleapis.com DOMAIN fonts.googleapis.com IP 142.250.74.106 VirusTotal HASH 8648c5dc0faed998b5764e17ebe4d49f367a1e1c FQDN fonts.googleapis.com DOMAIN fonts.googleapis.com IP 142.250.74.106 crt.sh FQDN fonts.googleapis.com DOMAIN fonts.googleapis.com Fingerprint CC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 URL GET HTTP/2 fonts.googleapis.com/icon?family=Inter:400,600,700,800 IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT Magic ASCII text, with very long lines (9024), with no line terminators Size 8800 Hash cf5acb2e78ab3841aaf4d9b8ffe079bc 8648c5dc0faed998b5764e17ebe4d49f367a1e1c 61d3c551091eba863ab854fd20874715eda80326857c9329625642dcb76376ec HTTP Headers `GET /icon?family=Inter:400,600,700,800 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pizzacodavison.hrpos.heartland.us/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Tue, 21 Nov 2023 07:15:24 GMT date: Tue, 21 Nov 2023 07:15:24 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.googleapis.com/icon?family=Material+Icons	142.250.74.106	200 OK	565
Search urlquery URL fonts.googleapis.com/icon?family=Material+Icons DOMAIN fonts.googleapis.com FQDN fonts.googleapis.com IP 142.250.74.106 Hash bdcf60bde5544e1017e1f2e60888a9c7 External sources Mnemonic PDNS FQDN fonts.googleapis.com DOMAIN fonts.googleapis.com IP 142.250.74.106 VirusTotal HASH 6fb24309b7ff90c1c99d19c0c7a127a16508840e FQDN fonts.googleapis.com DOMAIN fonts.googleapis.com IP 142.250.74.106 crt.sh FQDN fonts.googleapis.com DOMAIN fonts.googleapis.com Fingerprint CC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 URL GET HTTP/2 fonts.googleapis.com/icon?family=Material+Icons IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT Magic ASCII text, with very long lines (588), with no line terminators Size 565 Hash bdcf60bde5544e1017e1f2e60888a9c7 6fb24309b7ff90c1c99d19c0c7a127a16508840e d701601406acfca6bfc0c58b411446e3e0e96c659f35c143355d3dd72c390952 HTTP Headers `GET /icon?family=Material+Icons HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pizzacodavison.hrpos.heartland.us/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Tue, 21 Nov 2023 07:15:24 GMT date: Tue, 21 Nov 2023 07:15:24 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	clientstream.launchdarkly.com/eval/603e4b7ef4f58a0e5f2bffb4/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImMwYTY3MGUwLTg4M2QtMTFlZS1hMWZhLTIxOWU0YmEwMmFiNCJ9	0.0.0.0		0
Search urlquery URL clientstream.launchdarkly.com/eval/603e4b7ef4f58a0e5f2bffb4/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImMwYTY3MGUwLTg4M2QtMTFlZS1hMWZhLTIxOWU0YmEwMmFiNCJ9 DOMAIN launchdarkly.com FQDN clientstream.launchdarkly.com IP 0.0.0.0 Hash d41d8cd98f00b204e9800998ecf8427e External sources Mnemonic PDNS FQDN clientstream.launchdarkly.com DOMAIN launchdarkly.com IP 0.0.0.0 VirusTotal HASH da39a3ee5e6b4b0d3255bfef95601890afd80709 FQDN clientstream.launchdarkly.com DOMAIN launchdarkly.com IP 0.0.0.0 crt.sh FQDN clientstream.launchdarkly.com DOMAIN launchdarkly.com Fingerprint F2:89:08:7D:7F:36:9E:23:89:08:EA:54:96:96:6A:28:5F:54:7A:8D URL GET clientstream.launchdarkly.com/eval/603e4b7ef4f58a0e5f2bffb4/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImMwYTY3MGUwLTg4M2QtMTFlZS1hMWZhLTIxOWU0YmEwMmFiNCJ9 IP 0.0.0.0:0 ASN #0 Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerAmazon Subjectclientstream.launchdarkly.com FingerprintF2:89:08:7D:7F:36:9E:23:89:08:EA:54:96:96:6A:28:5F:54:7A:8D ValidityWed, 09 Aug 2023 00:00:00 GMT - Thu, 05 Sep 2024 23:59:59 GMT Magic Size 0 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /eval/603e4b7ef4f58a0e5f2bffb4/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImMwYTY3MGUwLTg4M2QtMTFlZS1hMWZhLTIxOWU0YmEwMmFiNCJ9 HTTP/1.1 Host: clientstream.launchdarkly.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/event-stream Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://pizzacodavison.hrpos.heartland.us DNT: 1 Connection: keep-alive Referer: https://pizzacodavison.hrpos.heartland.us/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 21 Nov 2023 07:15:29 GMT content-type: text/event-stream; charset=utf-8 accept-ranges: bytes access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper access-control-allow-methods: GET,OPTIONS access-control-allow-origin: * access-control-max-age: 300 cache-control: no-cache, no-store, must-revalidate ld-region: eu-west-1 strict-transport-security: max-age=31536000 x-content-length: X-Firefox-Spdy: h2

	pizzacodavison.hrpos.heartland.us/	34.236.29.126	200 OK	2022
Search urlquery URL pizzacodavison.hrpos.heartland.us/ DOMAIN heartland.us FQDN pizzacodavison.hrpos.heartland.us IP 34.236.29.126 Hash f4fa18415a8dcb25f8c605de5cc58607 External sources Mnemonic PDNS FQDN pizzacodavison.hrpos.heartland.us DOMAIN heartland.us IP 34.236.29.126 VirusTotal HASH 1f87f93161ccaaf62bb870298bde75af87a5b0c4 FQDN pizzacodavison.hrpos.heartland.us DOMAIN heartland.us IP 34.236.29.126 crt.sh FQDN pizzacodavison.hrpos.heartland.us DOMAIN heartland.us Fingerprint D2:5B:36:74:C2:9F:C1:9C:D0:C0:7B:99:B2:03:35:B7:A1:3E:AC:2C URL User Request GET HTTP/2 pizzacodavison.hrpos.heartland.us/ IP 34.236.29.126:443 ASN #14618 AMAZON-AES Certificate IssuerAmazon Subject.gpr.globalpaymentsinc.ca FingerprintD2:5B:36:74:C2:9F:C1:9C:D0:C0:7B:99:B2:03:35:B7:A1:3E:AC:2C ValidityMon, 02 Oct 2023 00:00:00 GMT - Mon, 28 Oct 2024 23:59:59 GMT Magic HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2256), with no line terminators Size 2022 Hash f4fa18415a8dcb25f8c605de5cc58607 1f87f93161ccaaf62bb870298bde75af87a5b0c4 d9350863a5807e5533e4de5a2467372db59506154b44dbf368b0b4692641edc2 HTTP Headers `GET / HTTP/1.1 Host: pizzacodavison.hrpos.heartland.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 21 Nov 2023 07:15:24 GMT content-type: text/html; charset=UTF-8 server: Apache/2.4.58 () OpenSSL/1.0.2k-fips strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-security-policy: default-src ; script-src 'unsafe-inline' 'unsafe-eval' 'self' d3bsq3k61902i2.cloudfront.net assets.hrpos.heartland.us .googleapis.com apis.google.com .googletagmanager.com .google-analytics.com .monetary.co .dcap.com api2.heartlandportico.com .facebook.net; style-src 'unsafe-inline' 'self' d3bsq3k61902i2.cloudfront.net assets.hrpos.heartland.us .googleapis.com; img-src 'self' d3bsq3k61902i2.cloudfront.net assets.hrpos.heartland.us .amazonaws.com .googleapis.com .gstatic.com .como.com .bcomo.com .google-analytics.com .facebook.com; frame-src 'self' .googletagmanager.com hps.github.io api2.heartlandportico.com .como.com *.comosense.com; font-src 'self' fonts.gstatic.com; object-src 'none' cache-control: max-age=0 expires: Tue, 21 Nov 2023 07:15:24 GMT X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Open+Sans:300,400,600,700	142.250.74.106	200 OK	11008
Search urlquery URL fonts.googleapis.com/css?family=Open+Sans:300,400,600,700 DOMAIN fonts.googleapis.com FQDN fonts.googleapis.com IP 142.250.74.106 Hash 913a405cc0fe7aff9fdf74a52e76d9b5 External sources Mnemonic PDNS FQDN fonts.googleapis.com DOMAIN fonts.googleapis.com IP 142.250.74.106 VirusTotal HASH 15e43177f3e5d516836ff707568651bc09b6319d FQDN fonts.googleapis.com DOMAIN fonts.googleapis.com IP 142.250.74.106 crt.sh FQDN fonts.googleapis.com DOMAIN fonts.googleapis.com Fingerprint CC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,600,700 IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://pizzacodavison.hrpos.heartland.us/ Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT Magic ASCII text Size 11008 Hash 913a405cc0fe7aff9fdf74a52e76d9b5 15e43177f3e5d516836ff707568651bc09b6319d 575bbbf8b2076fd27f1020084ed48b141c1045ad0165c4154643bc1ae0476a65 HTTP Headers `GET /css?family=Open+Sans:300,400,600,700 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pizzacodavison.hrpos.heartland.us/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Tue, 21 Nov 2023 07:15:24 GMT date: Tue, 21 Nov 2023 07:15:24 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

#1 JS:Script (size: 0)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#2 JS:Script (size: 201491)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#3 JS:Script (size: 2137)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#4 JS:Script (size: 260077)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#5 JS:Script (size: 18386)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#6 JS:Script (size: 163140)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#7 JS:Script (size: 323424)

URL

IP

ASN

Introduced by