ebiz.payroll.org Open in urlscan Pro
2606:4700:20::681a:5e1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://community.payroll.org/profile?UserKey=61990060-8982-40d5-a942-018681daaf4e
Effective URL:
https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Submission: On May 04 via api (May 4th 2023, 6:09:56 pm UTC) from US — Scanned from DE

Summary HTTP 126 Redirects Links 139 Behaviour Indicators

Summary

This website contacted 43 IPs in 5 countries across 30 domains to perform 126 HTTP transactions. The main IP is 2606:4700:20::681a:5e1, located in United States and belongs to CLOUDFLARENET, US. The main domain is ebiz.payroll.org.
TLS certificate: Issued by GTS CA 1P5 on March 12th 2023. Valid for: 3 months.

This is the only time ebiz.payroll.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	34.193.4.92 34.193.4.92	14618 (AMAZON-AES) (AMAZON-AES)
1 23	2606:4700:20:... 2606:4700:20::681a:5e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	2606:4700:20:... 2606:4700:20::681a:a59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	52.223.62.122 52.223.62.122	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
17	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:873b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:a9c0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1 7	2600:9000:225... 2600:9000:225e:f400:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.95.45 65.9.95.45	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:212... 2600:9000:2127:5c00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	65.9.95.91 65.9.95.91	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:75be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:836e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:88ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:18c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:d2f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6812:f0f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:b7a:cdcb:b18e:304c	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f028:16:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
126	43

2 34.193.4.92 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-4-92.compute-1.amazonaws.com

community.payroll.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:20::681a:5e1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ebiz.payroll.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.payroll.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:a59 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

www.americanpayroll.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.62.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: a55e6c97d227a2720.awsglobalaccelerator.com

dev.hawksearch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

no-cache.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:873b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a9c0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscta.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f8f884deab4593c7d7d0d26a286f0418.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:225e:f400:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-45.prg50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2127:5c00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-91.prg50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:75be (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:836e (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:88ce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:18c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:d2f3 (United States)

ASN13335 (CLOUDFLARENET, US)

perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:f0f (United States)

ASN13335 (CLOUDFLARENET, US)

516067.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:b7a:cdcb:b18e:304c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f028:16:face:b00c:0:3 (Sofia, Bulgaria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	payroll.org 2 redirects community.payroll.org — Cisco Umbrella Rank: 640448 ebiz.payroll.org www.payroll.org	333 KB
20	hubspot.com no-cache.hubspot.com — Cisco Umbrella Rank: 10680 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 9650 track.hubspot.com — Cisco Umbrella Rank: 2158 forms.hubspot.com — Cisco Umbrella Rank: 4222	243 KB
12	googlesyndication.com f8f884deab4593c7d7d0d26a286f0418.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 137 pagead2.googlesyndication.com — Cisco Umbrella Rank: 94	183 KB
8	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 2409 d.adroll.com — Cisco Umbrella Rank: 1194	84 KB
8	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 stats.g.doubleclick.net — Cisco Umbrella Rank: 74 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	173 KB
5	hubspotusercontent-na1.net 516067.fs1.hubspotusercontent-na1.net — Cisco Umbrella Rank: 466171	114 KB
5	americanpayroll.org 5 redirects www.americanpayroll.org — Cisco Umbrella Rank: 326663	2 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 347 www.linkedin.com — Cisco Umbrella Rank: 594 px4.ads.linkedin.com — Cisco Umbrella Rank: 6148	3 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	282 KB
4	hawksearch.net dev.hawksearch.net — Cisco Umbrella Rank: 572239	21 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 150	156 KB
3	hsforms.com perf.hsforms.com — Cisco Umbrella Rank: 11177	1 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 9108 www.google.de — Cisco Umbrella Rank: 6386	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2587	21 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 ajax.googleapis.com — Cisco Umbrella Rank: 328	31 KB
3	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 4764 use.fontawesome.com — Cisco Umbrella Rank: 850	538 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	216 B
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 830	757 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 638 script.hotjar.com — Cisco Umbrella Rank: 870	73 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	74 KB
2	gstatic.com fonts.gstatic.com	31 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3292	1 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2039	64 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2027	21 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4056	87 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 2986	3 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 736	5 KB
1	hscta.net js.hscta.net — Cisco Umbrella Rank: 18880	7 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2253	1 KB
126	30

	Domain	Requested by
18	ebiz.payroll.org	1 redirects ebiz.payroll.org
8	track.hubspot.com
7	s.adroll.com	1 redirects www.googletagmanager.com s.adroll.com ebiz.payroll.org
6	cta-service-cms2.hubspot.com	js.hscta.net
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	securepubads.g.doubleclick.net	ebiz.payroll.org securepubads.g.doubleclick.net community.payroll.org www.googletagservices.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	516067.fs1.hubspotusercontent-na1.net	ebiz.payroll.org
5	no-cache.hubspot.com	ebiz.payroll.org
5	www.payroll.org	ebiz.payroll.org
5	www.americanpayroll.org	5 redirects
4	www.googletagmanager.com	ebiz.payroll.org www.googletagmanager.com js.hsadspixel.net
4	dev.hawksearch.net	ebiz.payroll.org dev.hawksearch.net
3	connect.facebook.net	js.hsadspixel.net connect.facebook.net
3	perf.hsforms.com	ebiz.payroll.org
3	www.google.com	ebiz.payroll.org tpc.googlesyndication.com
2	www.facebook.com
2	www.google.de	ebiz.payroll.org
2	px.ads.linkedin.com	2 redirects
2	cdn.linkedin.oribi.io	snap.licdn.com
2	www.googletagservices.com	www.americanpayroll.org securepubads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	ebiz.payroll.org www.google-analytics.com
2	fonts.googleapis.com	ebiz.payroll.org
2	pro.fontawesome.com	ebiz.payroll.org pro.fontawesome.com
2	community.payroll.org	1 redirects
1	forms.hubspot.com	js.hsleadflows.net
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	api.hubapi.com	js.hsadspixel.net
1	d.adroll.com	s.adroll.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	script.hotjar.com	static.hotjar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	px4.ads.linkedin.com	ebiz.payroll.org
1	www.linkedin.com	1 redirects
1	static.hotjar.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	snap.licdn.com	ebiz.payroll.org
1	f8f884deab4593c7d7d0d26a286f0418.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ajax.googleapis.com	www.americanpayroll.org
1	js.hscta.net	ebiz.payroll.org
1	js.hs-scripts.com	ebiz.payroll.org
1	use.fontawesome.com	ebiz.payroll.org
126	48

This site contains links to these domains. Also see Links.

Domain
www.americanpayroll.org
payroll.org
bookshelf.americanpayroll.org
ebiz.americanpayroll.org
pages.americanpayroll.org
vc.learnpayroll.com
www.gpminstitute.com
www.nationalpayrollweek.com
www.apacongress.com
www.youtube.com
twitter.com
www.linkedin.com
www.facebook.com

Subject Issuer	Validity	Valid
community.payroll.org R3	`2023-04-01` - `2023-06-30`	3 months	crt.sh
*.payroll.org GTS CA 1P5	`2023-03-12` - `2023-06-10`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
hawksearch.net Amazon RSA 2048 M01	`2023-02-21` - `2023-12-23`	10 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2023-02-24` - `2023-08-01`	5 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-11` - `2023-05-12`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Frame ID: FFBE639950ACE973F289E8B7D7CA19EC
Requests: 113 HTTP requests in this frame

Frame: https://f8f884deab4593c7d7d0d26a286f0418.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1B2C3EDF7C63AAFDDE24C82AF35E931C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0rlg08xIRpQG_ra4j7lAEaXGE2VEjsuDTroS9W5JsgpqM98B1CllcTpA6IlmrFke9m8nbw9GTVZcVLhbPak3cVOEfBNDbVyCOjIEAlN9ik_fCvg2hlC_btAmte69lOqBDPPE4z66oJ9hEGzu9w-qxK-wfLNAFecolQI2adz6NHtscEzBfYx4ZO1cs0TCUxe1x-z_iE0sLMCaZ53RihrNRkANJt0MPj6ryDmIU_-OFRzP4g0ewqiRul7Blu38CdyfGVJkSeFJ1RneqUp3Y8ZIrveL_hvcPNnDisWpSdCZ5J7bOwXfFS6GxEoTgS6990R56&sai=AMfl-YRu4GODvrmeH0fd1VularRQJ_fdRNaj9RHMJx9UZ_rDB518aXhuHwrkLGhX-fDnZ5U0ZJ8QBuLEkS3BcLpbdx57ZC9FD8e2u5GgamxR3Pe8CQYZJBsAf-GevV-nDK151qUpdGPoojx6j6oFBpvf&sig=Cg0ArKJSzHanjEM8g9QyEAE&uach_m=[UACH]&adurl=
Frame ID: 54EC84848CACE3DA2F31B4057CBB58DF
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 98BF6ADCB5EB990B34C80C68500CE611
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DBE8E50CF94A1F84669BD5798A232F95
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login youtubefacebooktwitterlinkedinsearchlockarrowclosearrow-rightarrow_backlockunlockcart

Page URL History Show full URLs

https://community.payroll.org/profile?UserKey=61990060-8982-40d5-a942-018681daaf4e HTTP 302
https://community.payroll.org/HigherLogic/Security/SAML/localSAMLLoginService.aspx?ReturnUrl=https%3a%2f%2... Page URL
https://ebiz.payroll.org/ebusiness/SAML/SSOService.aspx?saml=2&url=https%3a%2f%2fcommunity.payroll.or... HTTP 302
https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys= Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

126
Requests

93 %
HTTPS

89 %
IPv6

30
Domains

48
Subdomains

43
IPs

5
Countries

2545 kB
Transfer

7418 kB
Size

31
Cookies

139 Outgoing links

These are links going to different origins than the main page.

URL: https://www.americanpayroll.org/home?__hstc=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&__hssc=251592985.1.1683223791899&__hsfp=609496040

Search URL Search Domain Scan URL

URL: https://payroll.org/membership/career-advancement
Title: Careers

Search URL Search Domain Scan URL

URL: https://payroll.org/chapters
Title: Chapters

Search URL Search Domain Scan URL

URL: https://payroll.org/the-payroll-community
Title: Community

Search URL Search Domain Scan URL

URL: https://payroll.org/compliance/books-products/apa-bookshelf
Title: Bookshelf

Search URL Search Domain Scan URL

URL: https://payroll.org/directory-category
Title: Courses & Products

Search URL Search Domain Scan URL

URL: https://payroll.org/compliance
Title: Compliance

Search URL Search Domain Scan URL

URL: https://payroll.org/compliance/compliance-overview
Title: Overview

Search URL Search Domain Scan URL

URL: https://payroll.org/compliance/compliance-overview/compliance-calendar
Title: Compliance Calendar

Search URL Search Domain Scan URL

URL: https://payroll.org/compliance/compliance-overview/hot-topics
Title: Hot Topics

Search URL Search Domain Scan URL

URL: https://payroll.org/compliance/compliance-overview/compliance-education
Title: Compliance Education

Search URL Search Domain Scan URL

URL: https://payroll.org/compliance/compliance-overview/annual-irs-annoucements
Title: Annual IRS & SSA Announcements

Search URL Search Domain Scan URL

URL: https://payroll.org/compliance/compliance-overview/state-unemployment-wage-bases
Title: State Unemployment Wage Bases

Search URL Search Domain Scan URL

URL: https://payroll.org/compliance/government-relations
Title: Government Relations

Search URL Search Domain Scan URL

URL: https://payroll.org/compliance/government-relations/issues
Title: Issues

Search URL Search Domain Scan URL

URL: https://payroll.org/compliance/government-relations/task-force
Title: Task Force

Search URL Search Domain Scan URL

URL: https://payroll.org/compliance/books-products
Title: Books & Products

Search URL Search Domain Scan URL

URL: http://bookshelf.americanpayroll.org/?__hstc=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&__hssc=251592985.1.1683223791899&__hsfp=609496040
Title: Bookshelf

Search URL Search Domain Scan URL

URL: https://payroll.org/compliance/books-products/the-payroll-source
Title: The Payroll Source

Search URL Search Domain Scan URL

URL: https://payroll.org/compliance/books-products/apa-guide-to-state-payroll-laws
Title: Guide to State Payroll Laws

Search URL Search Domain Scan URL

URL: https://payroll.org/compliance/newsletters
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://payroll.org/compliance/newsletters/payroll-currently-newletter
Title: Payroll Currently Newsletter

Search URL Search Domain Scan URL

URL: https://ebiz.americanpayroll.org/ebusiness/ProductCatalog/Product.aspx?ID=19&__hstc=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&__hssc=251592985.1.1683223791899&__hsfp=609496040
Title: PayState Update Newsletter

Search URL Search Domain Scan URL

URL: https://payroll.org/compliance/newsletters/pay-news-now
Title: Pay News Now

Search URL Search Domain Scan URL

URL: https://payroll.org/compliance/compliance-updates
Title: Compliance Updates

Search URL Search Domain Scan URL

URL: https://pages.americanpayroll.org/cs/c/?cta_guid=785e56c9-e7b0-4fc6-98c9-b02acf6361e9&signature=AAH58kFGGYm3l_Cz_QGOETRhwR7VwoWT6Q&placement_guid=77b349d1-25d1-4d9a-9c4b-7dcb46b388f7&click=62acbaf4-2b6b-48fd-af17-8d6b7c97cb76&hsutk=7f98886cb11004084e9932fda99d74a2&canon=https%3A%2F%2Flocalhost%2Febusiness%2Flogin.aspx&portal_id=516067&redirect_url=APefjpGpEZoLYzuhHS5hp2A3KNPC6sHGTotNMOyjSRsaROkLgefdqcsxWc0GVFlAt6PiKIVvp2__JQt96ipA_fzCxiCcdEYbQdixhZ3nti1Yk6rrDvrMT94gXuC-S-gpH_fMMHNMe8h1fGmSBIOK-G6ujpm4c9B0aa8RO0c0eOjuL_snhMdDv_NfVZuJ_2D8dJZ_Kqk0O1QctvIi3950IBNvZSB8VSMEp6okIWuqkxgEiO4xZPY97JZsV56jTpt74rWkAAOutQEVepVK4oPovIx52Yi9ur2_9g&__hstc=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&__hssc=251592985.1.1683223791899&__hsfp=609496040

Search URL Search Domain Scan URL

URL: https://payroll.org/membership
Title: Membership

Search URL Search Domain Scan URL

URL: https://payroll.org/membership/about-apa
Title: About Us

Search URL Search Domain Scan URL

URL: https://payroll.org/membership/about-apa/apa-hall-of-fame
Title: Hall of Fame

Search URL Search Domain Scan URL

URL: https://payroll.org/membership/about-apa/committees
Title: Committees

Search URL Search Domain Scan URL

URL: https://payroll.org/membership/all-member-benefits
Title: All Member Benefits

Search URL Search Domain Scan URL

URL: https://payroll.org/membership/member-directory
Title: Member Directory

Search URL Search Domain Scan URL

URL: https://payroll.org/membership/free-ebooks
Title: Free eBooks

Search URL Search Domain Scan URL

URL: https://payroll.org/membership/free-webinars
Title: Free Webinars

Search URL Search Domain Scan URL

URL: https://payroll.org/membership/ask-an-expert
Title: Ask an Expert

Search URL Search Domain Scan URL

URL: https://payroll.org/membership/paytech-magazine-e-issues
Title: PAYTECH Magazine

Search URL Search Domain Scan URL

URL: https://payroll.org/membership/payroll-currently-newsletter
Title: Payroll Currently Newsletter

Search URL Search Domain Scan URL

URL: https://payroll.org/membership/join-a-committee
Title: Join a Committee

Search URL Search Domain Scan URL

URL: https://payroll.org/membership/job-board
Title: Job Board

Search URL Search Domain Scan URL

URL: https://payroll.org/membership/my-account
Title: My Account

Search URL Search Domain Scan URL

URL: https://payroll.org/membership/my-apa-emails
Title: My Emails

Search URL Search Domain Scan URL

URL: https://payroll.org/membership/education-grants
Title: Education Grants

Search URL Search Domain Scan URL

URL: https://payroll.org/membership/faq
Title: Membership FAQ

Search URL Search Domain Scan URL

URL: https://pages.americanpayroll.org/cs/c/?cta_guid=91fa72b8-0545-401a-9d38-2c9d957eab61&signature=AAH58kGvjChv-chVZLB4ytwYrhxLGxuCiA&placement_guid=f4dae295-7514-4a75-bbe1-e651f9653545&click=c3aa03fe-d0b6-4da2-b47a-18ec7494ba93&hsutk=7f98886cb11004084e9932fda99d74a2&canon=https%3A%2F%2Flocalhost%2Febusiness%2Flogin.aspx&portal_id=516067&redirect_url=APefjpEhwMZenAAJseiy4W9Q4ZVcPfAbtPjeVaQtXPKhnQDPGi9bwhafh2uyTKSbRXLQ1-pFJCCN8z-t2pRAkVg6R0H8bHrWtnICzyICPeP6l4FrgqnEtekdLr5tIRYZNj2YcsM8a3kOv6awTZDxfhaC8vIbm-FLFe0hRvL6x3q28yTWjSx_laQkhdNv_t-ciGR5nUA11RnJxYe4oGU5JhmWhUg-rk4lwK3tkKNBq0XZ7Fd3nlWP5bVI4Shs0j8WzWL92tSRrSXH&__hstc=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&__hssc=251592985.1.1683223791899&__hsfp=609496040

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification
Title: Education & Certification

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/education
Title: Education

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/education/overview
Title: Overview

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/education/schedule
Title: Schedule

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/education/learning-paths
Title: Learning Paths

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/courses-seminars
Title: Courses & Seminars

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/courses-seminars/payroll-education
Title: Payroll Education

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/courses-seminars/compliance-education
Title: Compliance Education

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/courses-seminars/preparing-for-year-end
Title: Preparing for Year-End

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/courses-seminars/global-payroll
Title: Global Payroll

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/courses-seminars/in-house-education
Title: In-House Education

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/certification
Title: Certification

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/certification/overview
Title: Overview & Links

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/certification/fundamental-payroll-certification-(fpc)
Title: Fundamental Payroll Certification (FPC)

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/certification/certified-payroll-professional-(cpp)
Title: Certified Payroll Professional (CPP)

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/certification/get-college-credits
Title: Get College Credits

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/certification/certification-faq
Title: Certification FAQ

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/certification/onvue
Title: Online Testing FAQ

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/recertification
Title: Recertification

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/recertification/overview
Title: Overview

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/recertification/approved-provider-program
Title: Approved Provider Program

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/recertification/chapter-rchs
Title: Chapter RCHs

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/recertification/overview/recertification-guidelines
Title: Guidelines

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/recertification/recertification-log
Title: Recertification Log

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/certification/digital-badges
Title: Digital Badging

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/prepare-for-certification-exams
Title: Prepare for Certification Exams

Search URL Search Domain Scan URL

URL: https://payroll.org/product-finder/?it=product&topics=Fundamental-Payroll-Certification&delivery_methods=Classroom,Online-Self-Study,Publication,Virtual-Classroom,Webinar,Webinar-On-Demand
Title: Fundamental Payroll Certification (FPC)

Search URL Search Domain Scan URL

URL: https://payroll.org/product-finder/?it=product&topics=Certified-Payroll-Professional&delivery_methods=Books,Classroom,Online-Guided-Study,Publication,Virtual-Classroom,Webinar
Title: Certified Payroll Professional (CPP)

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/study-tools
Title: Study Tools

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/study-tools/the-payroll-source
Title: The Payroll Source

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/study-tools/payroll-practice-fundamentals
Title: Payroll Practice Fundamentals

Search URL Search Domain Scan URL

URL: http://vc.learnpayroll.com/paytrain/
Title: PayTrain eLearning

Search URL Search Domain Scan URL

URL: https://payroll.org/product-finder
Title: Product Finder

Search URL Search Domain Scan URL

URL: https://payroll.org/education-certification/educational-toolkit
Title: Courses & Products

Search URL Search Domain Scan URL

URL: https://pages.americanpayroll.org/cs/c/?cta_guid=6f508493-c525-419e-b7e2-20e64a92eaf4&signature=AAH58kF6_ztrvbSXvg2jeyxElc6ynzbwyQ&placement_guid=caa08eff-a7cd-41da-a22d-03989a05e86c&click=00102b56-27bd-434d-99d6-e23f7109bfd9&hsutk=7f98886cb11004084e9932fda99d74a2&canon=https%3A%2F%2Flocalhost%2Febusiness%2Flogin.aspx&portal_id=516067&redirect_url=APefjpEjb4UHRzVAMZXvyr71Z9E1Sg6qjUWMTgUC9F5IcRj2MpA5WJi_nctv1a2d3zbJ1YhHx9KB7vbiWhhnCjfoIsHkdzL3bD-Rfm_H9mQnRWf1TRFTBXvorQxY4nPj1urtXs114rOIq2Wr_IhfquC9VU4BCPzVSfTaMWUvn9Nyhm3sRWJC7IHJG1PGivxYiItY-IdqKmMXR5ntv4RepE9ZRBKdVvYedn9h2S7U2kXKOiLSHaBQd1lp78DcFm7ErjXzYlZ3u0wrfQmcugcsl870P8HIPLy0lm0IemwDqddrTsB2NNjFo6U&__hstc=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&__hssc=251592985.1.1683223791899&__hsfp=609496040

Search URL Search Domain Scan URL

URL: https://payroll.org/conferences
Title: Conferences

Search URL Search Domain Scan URL

URL: https://payroll.org/conferences/congress
Title: Payroll Congress

Search URL Search Domain Scan URL

URL: https://payroll.org/conferences/congress/registration
Title: Registration

Search URL Search Domain Scan URL

URL: https://ebiz.americanpayroll.org/ebusiness/conferences/capital-summit/Session-Timeline?cID=7339&__hstc=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&__hssc=251592985.1.1683223791899&__hsfp=609496040
Title: Workshops

Search URL Search Domain Scan URL

URL: https://ebiz.americanpayroll.org/ebusiness/Education/ViewCourse.aspx?CourseID=4&__hstc=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&__hssc=251592985.1.1683223791899&__hsfp=609496040
Title: Educational Institutions Payroll Conference

Search URL Search Domain Scan URL

URL: https://payroll.org/conferences/eipc/registration
Title: Registration

Search URL Search Domain Scan URL

URL: https://ebiz.americanpayroll.org/ebusiness/Education/ViewCourse.aspx?CourseID=2&__hstc=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&__hssc=251592985.1.1683223791899&__hsfp=609496040
Title: Capital Summit

Search URL Search Domain Scan URL

URL: https://payroll.org/conferences/capital-summit/registration
Title: Registration

Search URL Search Domain Scan URL

URL: https://payroll.org/conferences/capital-summit/workshops
Title: Workshops

Search URL Search Domain Scan URL

URL: https://ebiz.americanpayroll.org/ebusiness/Education/ViewCourse.aspx?CourseID=87&__hstc=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&__hssc=251592985.1.1683223791899&__hsfp=609496040
Title: Payroll Leaders Conference

Search URL Search Domain Scan URL

URL: https://ebiz.americanpayroll.org/ebusiness/Education/ViewCourse.aspx?CourseID=87&View=Schedule&__hstc=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&__hssc=251592985.1.1683223791899&__hsfp=609496040
Title: Registration

Search URL Search Domain Scan URL

URL: https://payroll.org/conferences/virtual-congress
Title: Virtual Congress

Search URL Search Domain Scan URL

URL: https://payroll.org/conferences/virtual-congress/register
Title: Registration

Search URL Search Domain Scan URL

URL: https://payroll.org/conferences/payroll-solutions-showcase
Title: Payroll Solutions Showcase

Search URL Search Domain Scan URL

URL: https://payroll.org/conferences/payroll-solutions-showcase/registration
Title: Registration

Search URL Search Domain Scan URL

URL: https://pages.americanpayroll.org/cs/c/?cta_guid=40249a50-1ddd-47c1-aacc-872d2b371d38&signature=AAH58kH5Gh3vjCb0jiH6sNVInkaloMnJOA&placement_guid=38c05ffd-6bca-4b9e-ac2b-ff854f9c37fe&click=c5da1d75-a456-4589-9bf7-2c919ccd8e93&hsutk=7f98886cb11004084e9932fda99d74a2&canon=https%3A%2F%2Flocalhost%2Febusiness%2Flogin.aspx&portal_id=516067&redirect_url=APefjpHMiVKUrCF-blOTOEidGRgOUuhLUFjAhH7KmeFaZgtMpTfiPX9-B42SbqU3KYutNoqK_61anZFoBwNPhsJHdTtxglfTlcemMME0vpmtBkjHIXJ6fTXE0qOlIC05gAv-YRcLZX1awbMVkZkX9qHWW5CCLXkljuhnqb3AeJvdkwX29vgu8oxoxKCEMOYq0lA4Aya23ZJ7xjTnFBOUSwlgSVKQdqhqgdH-hvZulZ6iKySoJ2zGSGY&__hstc=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&__hssc=251592985.1.1683223791899&__hsfp=609496040

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources
Title: News & Resources

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/apa-news
Title: APA News

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/apa-news/chapter-news
Title: Chapter News

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/apa-news/federal-news
Title: Federal News

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/apa-news/inside-apa
Title: Inside APA

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/apa-news/state-local-news
Title: State & Local News

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/apa-news/industry-news
Title: Industry News

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/career-advancement
Title: Career Advancement

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/job-board
Title: Job Board

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/resource-library
Title: Resource Library

Search URL Search Domain Scan URL

URL: http://www.gpminstitute.com/
Title: Global Payroll Management Institute

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/visa-paycard-portal
Title: Paycard Portal

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/books-products
Title: Books & Products

Search URL Search Domain Scan URL

URL: https://bookshelf.americanpayroll.org/?__hstc=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&__hssc=251592985.1.1683223791899&__hsfp=609496040
Title: Bookshelf

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/books-products/the-payroll-source
Title: The Payroll Source

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/books-products/apa-guide-to-state-payroll-laws
Title: Guide to State Payroll Laws

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/newsletters
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/newsletters/payroll-currently-newsletter
Title: Payroll Currently Newsletter

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/newsletters/pay-news-now
Title: Pay News Now

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/advertising-sponsorships
Title: Advertising & Sponsorships

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/vendor-resources/buyers-guides
Title: Buyer's Guides and Listings

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/vendor-resources/annual-vendor-listings
Title: Vendor Directory

Search URL Search Domain Scan URL

URL: http://www.nationalpayrollweek.com/
Title: National Payroll Week

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/compliance-tv
Title: Compliance TV

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/paytalk
Title: PayTalk Podcast

Search URL Search Domain Scan URL

URL: https://payroll.org/news-resources/apa-merchandise
Title: Merchandise

Search URL Search Domain Scan URL

URL: https://payroll.org/health-and-safety
Title: Health and Safety

Search URL Search Domain Scan URL

URL: https://pages.americanpayroll.org/cs/c/?cta_guid=a82cdc8b-8338-4740-91e1-32607c006bf7&signature=AAH58kEHKsKxkldETKocOkYjjscT4qzDOQ&placement_guid=a923c94a-43b1-41c2-933c-8029e7918c3d&click=3827e36a-3206-47cc-862e-57db90c2b123&hsutk=7f98886cb11004084e9932fda99d74a2&canon=https%3A%2F%2Flocalhost%2Febusiness%2Flogin.aspx&portal_id=516067&redirect_url=APefjpHtorXT37Ok6uOk58aU--MVZdDgD9RoA_xIPYQs0NPSyzFlQxs_I41B8p9Ts6EfqZAE0ZIhjD0kQc9Td1ZT8yt6zrtapWvGjLTYCb-ybXZFRKbmEIFh5U1AhoZA4JLiVB3q9yu_ASS1r3tx0EcDCJv8X5Zcu4neL3wgoJYmFv86lK3VfZd6R8YObj1zewijKOhzk2_Jh5m_2uHOOgKss-NL6n1tTeOLYiWpT0OhHzY-2amji-Y5m0HCm5rgDHVbSgoQyQe4RMMNKibb4yVjMnnrVpkbog&__hstc=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&__hssc=251592985.1.1683223791899&__hsfp=609496040

Search URL Search Domain Scan URL

URL: https://www.americanpayroll.org/?__hstc=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&__hssc=251592985.1.1683223791899&__hsfp=609496040
Title: Home

Search URL Search Domain Scan URL

URL: https://payroll.org/compliance/faq
Title: Compliance FAQ

Search URL Search Domain Scan URL

URL: https://payroll.org/membership/online-hotline
Title: Hotline Referral Service

Search URL Search Domain Scan URL

URL: https://payroll.org/membership/listserv
Title: ListServ

Search URL Search Domain Scan URL

URL: https://payroll.org/membership/apa-member-logo
Title: APA Member Logo

Search URL Search Domain Scan URL

URL: https://payroll.org/membership/apa-extras
Title: APA Extras

Search URL Search Domain Scan URL

URL: http://www.apacongress.com/
Title: Congress

Search URL Search Domain Scan URL

URL: https://payroll.org/conferences/payroll-leaders-conference
Title: Payroll Leaders Conference

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/PayNewsNetwork

Search URL Search Domain Scan URL

URL: https://twitter.com/PayNews

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/110709/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AmericanPayrollAssociation/

Search URL Search Domain Scan URL

URL: https://payroll.org/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://payroll.org/site-map
Title: Site Map

Search URL Search Domain Scan URL

URL: https://payroll.org/legal
Title: Legal

Search URL Search Domain Scan URL

URL: https://payroll.org/privacy
Title: Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://community.payroll.org/profile?UserKey=61990060-8982-40d5-a942-018681daaf4e HTTP 302
https://community.payroll.org/HigherLogic/Security/SAML/localSAMLLoginService.aspx?ReturnUrl=https%3a%2f%2fcommunity.payroll.org%2fprofile%3fUserKey%3d61990060-8982-40d5-a942-018681daaf4e Page URL
https://ebiz.payroll.org/ebusiness/SAML/SSOService.aspx?saml=2&url=https%3a%2f%2fcommunity.payroll.org%2fhigherlogic%2fsecurity%2fsaml%2flocalassertionconsumerservice.aspx&relaystate=fda030dc-b3cb-489c-b9e2-90f431d0a9d7&binding=urn%3aoasis%3anames%3atc%3aSAML%3a2.0%3abindings%3aHTTP-POST HTTP 302
https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://community.payroll.org/profile?UserKey=61990060-8982-40d5-a942-018681daaf4e HTTP 302
https://community.payroll.org/HigherLogic/Security/SAML/localSAMLLoginService.aspx?ReturnUrl=https%3a%2f%2fcommunity.payroll.org%2fprofile%3fUserKey%3d61990060-8982-40d5-a942-018681daaf4e

Request Chain 2

https://www.americanpayroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearch-init.js?package=Talon HTTP 301
https://www.payroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearch-init.js?package=Talon

Request Chain 3

https://www.americanpayroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearch.js?package=Talon HTTP 301
https://www.payroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearch.js?package=Talon

Request Chain 10

https://www.americanpayroll.org/ScriptResource.axd?d=QALQaLaHh3ndlNJTMY4m2ZeANOhKu5Zsc_RrFXC8_3HfCZbh3mkcPmPJXuev30ecOSmbwMyWVw9mFNx5huPxzBwD2ZKt2gG8JEDBygmhx2QKX7ODhOp_Nlu0PtkgyaY5yEivQ3un1KaGnZZF8FayXRa0tj6QROxcTJXfCD-URiJr2YNIIV4RdMaknGT9Xxcb5C2YomLfcr6SqtbGrL8ImQ2&t=ffffffffec55864a HTTP 301
https://www.payroll.org/ScriptResource.axd?d=QALQaLaHh3ndlNJTMY4m2ZeANOhKu5Zsc_RrFXC8_3HfCZbh3mkcPmPJXuev30ecOSmbwMyWVw9mFNx5huPxzBwD2ZKt2gG8JEDBygmhx2QKX7ODhOp_Nlu0PtkgyaY5yEivQ3un1KaGnZZF8FayXRa0tj6QROxcTJXfCD-URiJr2YNIIV4RdMaknGT9Xxcb5C2YomLfcr6SqtbGrL8ImQ2&t=ffffffffec55864a HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/ScriptResource.axd HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx

Request Chain 11

https://www.americanpayroll.org/ScriptResource.axd?d=YjL_qd4_7_rUU-y2Y9B2SvMq5GdRQYwZ05lSKo9M5FVtsIegpP4fzCs-6FswJr3F-icGyUYQEazDTGtATpMVtrh26OKsX2mqpXoPVFPukJHA9PAI5kdv5nznhxMUQ2qcfpc59eNX4GkO8X6bGBmfZIHzpkaDQfa0ABVpLEe80GrZgm7FT9XDIHh---kwa2q9JJ_50zngIa37uZ3ct0XolQ2&t=ffffffffec55864a HTTP 301
https://www.payroll.org/ScriptResource.axd?d=YjL_qd4_7_rUU-y2Y9B2SvMq5GdRQYwZ05lSKo9M5FVtsIegpP4fzCs-6FswJr3F-icGyUYQEazDTGtATpMVtrh26OKsX2mqpXoPVFPukJHA9PAI5kdv5nznhxMUQ2qcfpc59eNX4GkO8X6bGBmfZIHzpkaDQfa0ABVpLEe80GrZgm7FT9XDIHh---kwa2q9JJ_50zngIa37uZ3ct0XolQ2&t=ffffffffec55864a HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/ScriptResource.axd HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx HTTP 302
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx

Request Chain 32

https://www.americanpayroll.org/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/all.min.js?package=Talon HTTP 301
https://www.payroll.org/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/all.min.js?package=Talon

Request Chain 34

https://www.americanpayroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearch-autosuggest.js?package=Talon HTTP 301
https://www.payroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearch-autosuggest.js?package=Talon

Request Chain 35

https://www.americanpayroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearchbox.js?package=Talon HTTP 301
https://www.payroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearchbox.js?package=Talon

Request Chain 66

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3225460&time=1683223791061&url=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3225460%26time%3D1683223791061%26url%3Dhttps%253A%252F%252Febiz.payroll.org%252Febusiness%252Flogin.aspx%253FReturnURL%253DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%253D%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3225460&time=1683223791061&url=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3225460&time=1683223791061&url=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D&liSync=true&e_ipv6=AQL1jlKxSIyWUQAAAYfn9Mfk6fzY45LM5fzIaUBbMANBQdgLOxSPdVpoBSpi2qBF

Request Chain 73

https://s.adroll.com/j/pre/OBOESQZEFVBTXLEGXYYAEP/KGMO6US5ZRGVTOLE5XFT2G/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

126 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

localSAMLLoginService.aspx Show response
community.payroll.org/HigherLogic/Security/SAML/
Redirect Chain

https://community.payroll.org/profile?UserKey=61990060-8982-40d5-a942-018681daaf4e
https://community.payroll.org/HigherLogic/Security/SAML/localSAMLLoginService.aspx?ReturnUrl=https%3a%2f%2fcommunity.payroll.org%2fprofile%3fUserKey%3d61990060-8982-40d5-a942-018681daaf4e

5 KB
8 KB

188ms
188ms

Document
text/html

34.193.4.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://community.payroll.org/HigherLogic/Security/SAML/localSAMLLoginService.aspx?ReturnUrl=https%3a%2f%2fcommunity.payroll.org%2fprofile%3fUserKey%3d61990060-8982-40d5-a942-018681daaf4e

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.193.4.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-4-92.compute-1.amazonaws.com

Software

Resource Hash

a3ea686ef650ee2a9a7b9ccb29bb86a633d39e94a6d3e471ce72f1df190cf52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-security-policy-report-only: img-src https://higherlogicdownload.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://cdn.jsdelivr.net/jquery.slick/ https://higherlogic-holdingpen-us-east-1.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://img.youtube.com/vi/ https://d2x5ku95bkycr3.cloudfront.net https://higherlogiclongterm.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://d132x6oi8ychic.cloudfront.net 'self' https://pagead2.googlesyndication.com/pagead/sodar https://pagead2.googlesyndication.com/pagead/ https://tpc.googlesyndication.com/simgad/ data:; style-src https://d132x6oi8ychic.cloudfront.net 'unsafe-inline' higherlogiccloudfront.s3.amazonaws.com https://cdn.jsdelivr.net/jquery.slick/ https://cdnjs.cloudflare.com/ajax/libs/prism/ https://d2x5ku95bkycr3.cloudfront.net/ https://ajax.googleapis.com/ajax/libs/jqueryui/ https://use.fortawesome.com/ fonts.googleapis.com https://fonts.googleapis.com/ https://d3uf7shreuzboy.cloudfront.net/ https://higherlogic-holdingpen-us-east-1.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://higherlogicdownload.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://higherlogiclongterm.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ 'self'; font-src https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://cdn.jsdelivr.net/jquery.slick/ higherlogiccloudfront.s3.amazonaws.com fonts.googleapis.com https://higherlogicdownload.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://higherlogic-holdingpen-us-east-1.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ 'self' https://higherlogiclongterm.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://maxcdn.bootstrapcdn.com/font-awesome/ https://d2x5ku95bkycr3.cloudfront.net https://d132x6oi8ychic.cloudfront.net data:; media-src https://higherlogiclongterm.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://higherlogicdownload.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://higherlogic-holdingpen-us-east-1.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://higherlogicstream.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ 'self' https://d132x6oi8ychic.cloudfront.net; script-src https://higherlogiclongterm.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://higherlogicdownload.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://ajax.aspnetcdn.com/ajax/ https://cdn.jsdelivr.net/jquery.slick/ https://d3gliviwslgzfo.cloudfront.net/WebRoot/stable/Bundles/jQuery-ui.1.10.1-patched-2022-08-16.js https://d132x6oi8ychic.cloudfront.net cdn.informz.net 'unsafe-eval' https://use.fortawesome.com/ https://higherlogic-holdingpen-us-east-1.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://cdnjs.cloudflare.com/ajax/libs/prism/ 'unsafe-inline' https://d2x5ku95bkycr3.cloudfront.net/ higherlogiccloudfront.s3.amazonaws.com https://static.filestackapi.com https://d3gliviwslgzfo.cloudfront.net/WebRoot/stable/Bundles/jQuery.1.10.2-patched-2022-08-16.js https://d3uf7shreuzboy.cloudfront.net/ 'self'; script-src-elem https://d3gliviwslgzfo.cloudfront.net/WebRoot/stable/Bundles/jQuery-ui.1.10.1-patched-2022-08-16.js https://d3uf7shreuzboy.cloudfront.net/ https://d3gliviwslgzfo.cloudfront.net/WebRoot/stable/Bundles/jQuery.1.10.2-patched-2022-08-16.js https://d2x5ku95bkycr3.cloudfront.net/ https://cdnjs.cloudflare.com/ajax/libs/prism/ https://static.filestackapi.com/filestack-js/ 'self' https://ajax.aspnetcdn.com/ajax/ 'unsafe-eval' 'unsafe-inline' https://www.googletagmanager.com/gtm.js https://securepubads.g.doubleclick.net/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js https://adservice.google.com/adsid/integrator.js https://tpc.googlesyndication.com/sodar/sodar2.js https://securepubads.g.doubleclick.net/gpt/ https://www.googletagservices.com/activeview/js/current/rx_lidar.js; worker-src 'self'; frame-src https://api.connectedcommunity.org/ 'self' https://www.youtube.com/embed/ https://6a22c86b35fefbd813a622e22c4f95e0.safeframe.googlesyndication.com/ https://tpc.googlesyndication.com/ https://www.google.com/ https://aaf2d64cdd49bb0780db74e011583fa8.safeframe.googlesyndication.com/ https://dc9099350227627fe8e068c5fed24f19.safeframe.googlesyndication.com/ https://*.safeframe.googlesyndication.com/; default-src 'self'; base-uri 'self'; connect-src 'self' hl-managedservices.informz.net https://securepubads.g.doubleclick.net/pagead/ppub_config https://pagead2.googlesyndication.com/getconfig/sodar https://securepubads.g.doubleclick.net/gampad/ads https://securepubads.g.doubleclick.net/pcs/view https://pagead2.googlesyndication.com/pcs/activeview; frame-ancestors https://*.connectedcommunity.org/ 'self'; object-src 'none'; manifest-src 'self';
content-type: text/html
date: Thu, 04 May 2023 18:09:46 GMT
p3p: CP="IDC DSP COR CUR ADMo OUR IND PHY ONL COM STA"
server
transfer-encoding: chunked
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private
content-length: 275
content-security-policy-report-only: img-src https://higherlogicdownload.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://cdn.jsdelivr.net/jquery.slick/ https://higherlogic-holdingpen-us-east-1.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://img.youtube.com/vi/ https://d2x5ku95bkycr3.cloudfront.net https://higherlogiclongterm.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://d132x6oi8ychic.cloudfront.net 'self' https://pagead2.googlesyndication.com/pagead/sodar https://pagead2.googlesyndication.com/pagead/ https://tpc.googlesyndication.com/simgad/ data:; style-src https://d132x6oi8ychic.cloudfront.net 'unsafe-inline' higherlogiccloudfront.s3.amazonaws.com https://cdn.jsdelivr.net/jquery.slick/ https://cdnjs.cloudflare.com/ajax/libs/prism/ https://d2x5ku95bkycr3.cloudfront.net/ https://ajax.googleapis.com/ajax/libs/jqueryui/ https://use.fortawesome.com/ fonts.googleapis.com https://fonts.googleapis.com/ https://d3uf7shreuzboy.cloudfront.net/ https://higherlogic-holdingpen-us-east-1.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://higherlogicdownload.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://higherlogiclongterm.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ 'self'; font-src https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://cdn.jsdelivr.net/jquery.slick/ higherlogiccloudfront.s3.amazonaws.com fonts.googleapis.com https://higherlogicdownload.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://higherlogic-holdingpen-us-east-1.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ 'self' https://higherlogiclongterm.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://maxcdn.bootstrapcdn.com/font-awesome/ https://d2x5ku95bkycr3.cloudfront.net https://d132x6oi8ychic.cloudfront.net data:; media-src https://higherlogiclongterm.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://higherlogicdownload.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://higherlogic-holdingpen-us-east-1.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://higherlogicstream.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ 'self' https://d132x6oi8ychic.cloudfront.net; script-src https://higherlogiclongterm.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://higherlogicdownload.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://ajax.aspnetcdn.com/ajax/ https://cdn.jsdelivr.net/jquery.slick/ https://d3gliviwslgzfo.cloudfront.net/WebRoot/stable/Bundles/jQuery-ui.1.10.1-patched-2022-08-16.js https://d132x6oi8ychic.cloudfront.net cdn.informz.net 'unsafe-eval' https://use.fortawesome.com/ https://higherlogic-holdingpen-us-east-1.s3.amazonaws.com/AMERICANPAYROLLASSOCIATION/ https://cdnjs.cloudflare.com/ajax/libs/prism/ 'unsafe-inline' https://d2x5ku95bkycr3.cloudfront.net/ higherlogiccloudfront.s3.amazonaws.com https://static.filestackapi.com https://d3gliviwslgzfo.cloudfront.net/WebRoot/stable/Bundles/jQuery.1.10.2-patched-2022-08-16.js https://d3uf7shreuzboy.cloudfront.net/ 'self'; script-src-elem https://d3gliviwslgzfo.cloudfront.net/WebRoot/stable/Bundles/jQuery-ui.1.10.1-patched-2022-08-16.js https://d3uf7shreuzboy.cloudfront.net/ https://d3gliviwslgzfo.cloudfront.net/WebRoot/stable/Bundles/jQuery.1.10.2-patched-2022-08-16.js https://d2x5ku95bkycr3.cloudfront.net/ https://cdnjs.cloudflare.com/ajax/libs/prism/ https://static.filestackapi.com/filestack-js/ 'self' https://ajax.aspnetcdn.com/ajax/ 'unsafe-eval' 'unsafe-inline' https://www.googletagmanager.com/gtm.js https://securepubads.g.doubleclick.net/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js https://adservice.google.com/adsid/integrator.js https://tpc.googlesyndication.com/sodar/sodar2.js https://securepubads.g.doubleclick.net/gpt/ https://www.googletagservices.com/activeview/js/current/rx_lidar.js; worker-src 'self'; frame-src https://api.connectedcommunity.org/ 'self' https://www.youtube.com/embed/ https://6a22c86b35fefbd813a622e22c4f95e0.safeframe.googlesyndication.com/ https://tpc.googlesyndication.com/ https://www.google.com/ https://aaf2d64cdd49bb0780db74e011583fa8.safeframe.googlesyndication.com/ https://dc9099350227627fe8e068c5fed24f19.safeframe.googlesyndication.com/ https://*.safeframe.googlesyndication.com/; default-src 'self'; base-uri 'self'; connect-src 'self' hl-managedservices.informz.net https://securepubads.g.doubleclick.net/pagead/ppub_config https://pagead2.googlesyndication.com/getconfig/sodar https://securepubads.g.doubleclick.net/gampad/ads https://securepubads.g.doubleclick.net/pcs/view https://pagead2.googlesyndication.com/pcs/activeview; frame-ancestors https://*.connectedcommunity.org/ 'self'; object-src 'none'; manifest-src 'self';
content-type: text/html; charset=utf-8
date: Thu, 04 May 2023 18:09:46 GMT
location: /HigherLogic/Security/SAML/localSAMLLoginService.aspx?ReturnUrl=https%3a%2f%2fcommunity.payroll.org%2fprofile%3fUserKey%3d61990060-8982-40d5-a942-018681daaf4e
p3p: CP="IDC DSP COR CUR ADMo OUR IND PHY ONL COM STA"
server
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2

200

Primary Request login.aspx Show response
ebiz.payroll.org/ebusiness/
Redirect Chain

https://ebiz.payroll.org/ebusiness/SAML/SSOService.aspx?saml=2&url=https%3a%2f%2fcommunity.payroll.org%2fhigherlogic%2fsecurity%2fsaml%2flocalassertionconsumerservice.aspx&relaystate=fda030dc-b3cb-...
https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=

92 KB
17 KB

179ms
179ms

Document
text/html

2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3f4a2b83588437dc69085797e0e0a20c893a318c737a94abad9c6ed59116ae6b

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://community.payroll.org
Referer: https://community.payroll.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c22b25f1bed362a-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 04 May 2023 18:09:47 GMT
expires: -1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cv954bWDKhv9ymMjGhy4a7vdCb9IQtW5xP0DXQrQ%2FESr4CJTkbZyrvUv8s1pDR55fexux0ef6K4d%2FymHMVOTjlrK%2Fv7jsvSM6UNwv7YV1qXmeS%2BzkooDwj6zHxwc6NbH6ZKv47nbJLuRH3lAJ1Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=11

Redirect headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7c22b25d4929362a-FRA
content-type: text/html; charset=utf-8
date: Thu, 04 May 2023 18:09:47 GMT
location: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FfoFSzIG%2BSQEY63XVEYL%2FQB0UKCOxI8p527Rf70ooQ3XJTVt2Mb%2FLIxtjsIZ0fiUUvatpEww1j5la244nK4IRzYn6mugETLfAUwJAN7%2BvOxJECDiwKvdpvj64%2BzGYF5xTcNAoHNk3XZkgSFNIg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=11

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.15.4/css/ 170 KB
32 KB 240ms
54ms Stylesheet
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.4/css/all.css
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89b2462070a1a639c693794bc1d8d9131e6eb9274fc7fb0fb854943e58940a22

Request headers

Referer: https://ebiz.payroll.org/
Origin: https://ebiz.payroll.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:47 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: A0TJK6TKM3EJVMGP
age: 106612
x-amz-id-2: 5/9PR9UCr9RetfQ2w3DFJiqKky0h1qi6guknMymwsadoGKFFkbJThhlboroXYGmWGRA6SthSJgQ=
last-modified: Wed, 04 Aug 2021 20:57:37 GMT
server: cloudflare
etag: W/"21f9f9f41222c9f2acec907529ea35a1"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7c22b2618d7abb77-FRA

GET
H2

200

hawksearch-init.js Show response
www.payroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/
Redirect Chain

https://www.americanpayroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearch-init.js?package=Talon
https://www.payroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearch-init.js?package=Talon

652 B
638 B

32ms
20ms

Script
application/javascript

2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearch-init.js?package=Talon
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4280ce3ec1c7e3918272cadcf0cb9bf86e22b1231d0e2d88cc8d565159e948b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Jun 2021 01:13:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 87635
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BS7moP8Uq5yFztb6eS4Ne5d1317AWGyX73Aruo4UiRdj4mY6OEGKjTnxhtNosAWdfBOnV2r3GV9WKyuOX%2BOCiOc8qEXs9r8A%2BJZdlBvF2HkG4mZeWD5%2Bis3d%2Favk8%2B7UtqVU8JDJa135flUEwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7c22b2619fd7362a-FRA
expires: Wed, 10 May 2023 17:49:11 GMT

Redirect headers

date: Thu, 04 May 2023 18:09:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 426
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tx5eYY81R%2BW4Ag5ezsijuE6jCR1amJj9%2FmXlQZWgdzjyU%2BUMBMqUy%2FHtLZBo5RtN91zYAj57b3zehmaJi9TEi9uVaz2A8pRUD1NgCA5EbfevyYKUXMF0ju%2B0ljeUU4Lgpk4FaevoSOiDxGHLLvEgOG%2BQMgae"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://www.payroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearch-init.js?package=Talon
cache-control: max-age=14400
cf-ray: 7c22b26169dfbbeb-FRA

GET
H2

200

hawksearch.js Show response
www.payroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/
Redirect Chain

https://www.americanpayroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearch.js?package=Talon
https://www.payroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearch.js?package=Talon

417 KB
90 KB

38ms
28ms

Script
application/javascript

2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearch.js?package=Talon
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84aad532b77d3e5592e5bd1d9d7231c7df0924612fb8d0c5e4c8401c6bed4249

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Jun 2021 01:13:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 99182
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyR6K8CskskuPPArlZ2KUsYcV6Lh3DU%2Btt674Uq8SOFJfnWF6NapeEuWEUnkGhbim8o0CrpgHt9q0rrJ9C9uOFd%2BXciOXfc0tXXQpAUgRxmRBumbQGN%2FM%2Bb0WhwmOemcJBf1VCNGLrmiQz0Exg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7c22b2619fd6362a-FRA
expires: Wed, 10 May 2023 14:36:45 GMT

Redirect headers

date: Thu, 04 May 2023 18:09:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 426
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwNV4f2ewc1YPjWsN2cmloW27NLtlWKL48A03aGybwL72u%2Fc05Qxdp9kmCnTlB2BdeE5uY5YyB3RUgC2WhwHEjlPv0eHOmLrc5kzZyfVof6tXJ0ADnBmeDX%2Br2nGABSt1Aehp3jdwfD3hEpx%2F3WoPNLUwf60"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://www.payroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearch.js?package=Talon
cache-control: max-age=14400
cf-ray: 7c22b26169e3bbeb-FRA

GET
H2 200 hawksearch.css
dev.hawksearch.net/sites/apa/includes/ 67 KB
11 KB 323ms
105ms Stylesheet
text/css 52.223.62.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.hawksearch.net/sites/apa/includes/hawksearch.css

Requested by

Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.223.62.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a55e6c97d227a2720.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

33958b50e6fbd2254b3e5f6fb6d3c9bf48cfa27d5b4eb6812bc643ca522ae3d9

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:47 GMT
content-encoding: gzip
last-modified: Thu, 10 Jun 2021 06:47:23 GMT
server: Microsoft-IIS/10.0
etag: "804f7777c45dd71:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
content-length: 11261
x-xss-protection: 1; mode=block

GET
H2 200 main.min.css
ebiz.payroll.org/ebusiness/stylesheets/ 141 KB
25 KB 37ms
30ms Stylesheet
text/css 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ebiz.payroll.org/ebusiness/stylesheets/main.min.css
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0444d0b16c5943ccfeb8a6cf3e14f6e1ec59dc0a252de39cc139b6298342d58b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 May 2023 19:02:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 166517
etag: W/"848921a5287dd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSxquYFVtLi2fBPcjkr6c4LmXeT6hWIqqtrSMHQr0%2Bwyv8tvVOzzCetkQihhyWzhIsVMI3QNHSoDb7Ilj314zVWyAs0TbdC3w7UgWUsROeX8JKt4dhC3fWhNFH3W4RfGQ6JbMz%2FS6B7qkRhIrbo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 7c22b2604ddb362a-FRA
x-ua-compatible: IE=11

GET
H2 200 css
fonts.googleapis.com/ 3 KB
524 B 202ms
25ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29079d4c81c9f216e7c9942ec97b35afc8b0c0240367f32f83ef294a0e349665

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 May 2023 18:09:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 May 2023 16:12:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 May 2023 18:09:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
844 B 201ms
23ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins

Requested by

Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

87b5454ea8bbb07c83c94bb74b404ccd7a8416cff064ac0c48b5f1dc5f5d1b9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 May 2023 18:09:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 May 2023 16:31:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 May 2023 18:09:47 GMT

GET
H2 200 Current.css
ebiz.payroll.org/ebusiness/App_Master/ 66 KB
13 KB 31ms
25ms Stylesheet
text/css 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ebiz.payroll.org/ebusiness/App_Master/Current.css
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 336ed2a1104c8cc7eebcab43d7aa5d13bae8e73f4156e7622639e3d8c6cfeda1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 May 2023 19:02:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 166517
etag: W/"4a8b9a5287dd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fzi86%2FTzfrqH%2BtvSFxcvGsxLPpDHni6RTpsyi6bAFVRXEQM3PegEBsMOKXc0QciW7NLntG9gFdEFq%2FjdYd45VUlyRVRg%2BIzDpi77u8FZH2HFElwpNK47vbFIF01Df%2BPxOmz%2BPzij0HgPm0bdLyc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 7c22b2604dde362a-FRA
x-ua-compatible: IE=11

GET
H2 200 NewSiteLook.css
ebiz.payroll.org/ebusiness/App_Master/ 5 KB
2 KB 24ms
20ms Stylesheet
text/css 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ebiz.payroll.org/ebusiness/App_Master/NewSiteLook.css
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7b59d285c6d180e7d8c015582fd1c1a0fa5d2d0cdd576273a95354337488b8f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 May 2023 19:02:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 166517
etag: W/"c9edba5287dd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usmsB4wMUdQiO8ltppvrqvCHLsm5dogIIMX3TQD6b925%2BvXKQIxH%2FPPJC3ctxog4Tbv4t%2FLab4oa7m%2BwglPMpJw8000vkWRjF8UJluSLGiiy3ZlvBj5UDRvRYJCFxbPbfhZXVeYnwGsP2%2BIodiI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 7c22b2604ddf362a-FRA
x-ua-compatible: IE=11

GET

404.aspx
www.payroll.org/assets/errorpages/
Redirect Chain

https://www.americanpayroll.org/ScriptResource.axd?d=QALQaLaHh3ndlNJTMY4m2ZeANOhKu5Zsc_RrFXC8_3HfCZbh3mkcPmPJXuev30ecOSmbwMyWVw9mFNx5huPxzBwD2ZKt2gG8JEDBygmhx2QKX7ODhOp_Nlu0PtkgyaY5yEivQ3un1KaGnZZF...
https://www.payroll.org/ScriptResource.axd?d=QALQaLaHh3ndlNJTMY4m2ZeANOhKu5Zsc_RrFXC8_3HfCZbh3mkcPmPJXuev30ecOSmbwMyWVw9mFNx5huPxzBwD2ZKt2gG8JEDBygmhx2QKX7ODhOp_Nlu0PtkgyaY5yEivQ3un1KaGnZZF8FayXRa0...
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/ScriptResource.axd
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx

0
0

GET

404.aspx
www.payroll.org/assets/errorpages/
Redirect Chain

https://www.americanpayroll.org/ScriptResource.axd?d=YjL_qd4_7_rUU-y2Y9B2SvMq5GdRQYwZ05lSKo9M5FVtsIegpP4fzCs-6FswJr3F-icGyUYQEazDTGtATpMVtrh26OKsX2mqpXoPVFPukJHA9PAI5kdv5nznhxMUQ2qcfpc59eNX4GkO8X6b...
https://www.payroll.org/ScriptResource.axd?d=YjL_qd4_7_rUU-y2Y9B2SvMq5GdRQYwZ05lSKo9M5FVtsIegpP4fzCs-6FswJr3F-icGyUYQEazDTGtATpMVtrh26OKsX2mqpXoPVFPukJHA9PAI5kdv5nznhxMUQ2qcfpc59eNX4GkO8X6bGBmfZIHz...
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/ScriptResource.axd
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx
https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx

0
0

GET
H2 200 login.css
ebiz.payroll.org/ebusiness/Stylesheets/ 1 KB
828 B 23ms
19ms Stylesheet
text/css 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ebiz.payroll.org/ebusiness/Stylesheets/login.css
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 35f173a99a075ce16b7ae4cdb7449771963f55425e45cbaf910dc17d7751e5c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 May 2023 19:02:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 166517
etag: W/"848921a5287dd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYAZQ2qFTyeG6we7a6V4n3N07KnX%2FpwT4jSM1B%2FALUVx3RAMnFlBOktmtLST92kt5W%2Fbrs2RrWAmUL7n5KAHXtMpAXhwZcfKKhs%2BcRthyvlEuK2ObrCeEQ5dSUo%2FN%2BsJLuONAyySUP5I6dizjiU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 7c22b2604de0362a-FRA
x-ua-compatible: IE=11

GET
H2 200 tachyons.min.css
ebiz.payroll.org/ebusiness/Stylesheets/vendors/ 119 KB
14 KB 38ms
34ms Stylesheet
text/css 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ebiz.payroll.org/ebusiness/Stylesheets/vendors/tachyons.min.css
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a48fcd71c28debc9783fb10cbdad94f8406a39346fbfb9d0456d7fbaea750249

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 May 2023 19:02:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 166517
etag: W/"0a7baa4287dd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIArn8WHotCcu8h9agK4WVtjkQRhmwtFCSj2iMTHVv0mFlioYB75V9HM4RzBj0gbwxt%2Fq3qn51iJG4YSudaIki352dri3aWJVQSTYTJYhwPEexqwxh2KjRzfM0v2%2BWrmngYNIXw6k7AKfFhV1G8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 7c22b2604de1362a-FRA
x-ua-compatible: IE=11

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.5.0/js/ 1 MB
372 KB 58ms
34ms Script
application/javascript 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/js/all.js
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16e8f08eb363930ccc9f0e91f33ded7905fed943045a040078196294db8a9b17

Request headers

Referer: https://ebiz.payroll.org/
Origin: https://ebiz.payroll.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CQC27D6VZ4X84GCR
age: 45171
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: nL3BbokfvlmxU/ICaRI84I5GxX3otpyNYdIBpIGBLs9byvjV4SjHvIlFWh4UnYSFMC5d+SFxb2A=
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
server: cloudflare
etag: W/"02dc00e986773a2294d5ce33ef02e442"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wMyx4mdsYIgk7C9Ww0R1670O%2FEDgxI9%2Bah0k%2B1pmC%2BY5Nf%2BZh%2FhgAZht8PFBtw7%2BKFhYk3qdNWhs4DuvBZUxEgDq%2BAvN9ETvzucIX7wack1xcj0o1XvcRZK4i%2Bo0nCqgsSA6SqfkM5tYhZAyv6jERiLq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31556926
cf-ray: 7c22b2745e1b996f-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 281ms
90ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

029030f09934b754e92d2412401d6f35e9b208b9a6356da7da679d669066c9dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24739
x-xss-protection: 0
server: cafe
etag: 754 / 19481 / m202305010101 / config-hash: 12840004910015491638
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 May 2023 18:09:47 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
ebiz.payroll.org/ebusiness/Scripts/ 85 KB
31 KB 30ms
26ms Script
application/javascript 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ebiz.payroll.org/ebusiness/Scripts/jquery-3.3.1.min.js
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 26 Aug 2018 17:47:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 166517
etag: W/"3486d6da643dd41:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdq5JbyCrSUCsm6B%2BiDHFNYaTSVf%2Bi04XmruIYvednhM5uvTM4BJflLuZIk5N9P1JEG5vYE9hF%2BinDpxzpVP%2Fxb%2BG0L%2B1Nc154udUWK6AZUVelte6UrwvXNCsRfXYsGtdWo7qnTursoppEYfSOg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7c22b2604de6362a-FRA
x-ua-compatible: IE=11

GET
H2 200 Telerik.Web.UI.WebResource.axd
ebiz.payroll.org/ebusiness/ 137 KB
21 KB 120ms
117ms Stylesheet
text/css 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ebiz.payroll.org/ebusiness/Telerik.Web.UI.WebResource.axd?d=PMrIT5dOWaVYIcpFWUE4nKOeAxDjHA529-jU45gnm1WjLe36widLRd7vTZGLNo60Ryhw_yFIt6fPDmN5zeV3F_84fHSpAheo_c7T9nMSMjtAK5VP0&t=638065771056067895&compress=0&_TSM_CombinedScripts_=%3b%3bTelerik.Sitefinity.Resources%2c+Version%3d13.3.7624.0%2c+Culture%3dneutral%2c+PublicKeyToken%3db28c218413bdf563%3aen%3a25a51fbf-f6a5-4323-963e-0105852ff6eb%3a7a90d6a%3ad271177c%3adff30785
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 852e961aed7d4ae98b596b3f06e2b017039aa0cb83e054f6efa6eed3b53e4c11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Fri, 03 May 2024 18:00:45 GMT
date: Thu, 04 May 2023 18:09:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 19 Jan 2021 06:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
vary: HTTP_USER_AGENT,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBfy6Y7IVkii%2BiwDfk479bGhiuDzvexo53iw0nMKqG7KciKTUvC9%2Fqz1KpPt3K%2F5dhgi6eeipNnQwqtGs9k%2B%2F8VNgY2E%2FINTzHKven0jAOsWL27Y9Kp7edENUAJWhirLvh1lUaMvxtBknw%2BtUqI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31535457
cf-ray: 7c22b2604de3362a-FRA
x-ua-compatible: IE=11

GET
H2 200 layout_transformations.css
ebiz.payroll.org/ebusiness/Sitefinity/Public/ResponsiveDesign/ 47 KB
3 KB 24ms
21ms Stylesheet
text/css 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ebiz.payroll.org/ebusiness/Sitefinity/Public/ResponsiveDesign/layout_transformations.css?pageDataId=112c3849-b781-60ed-9ead-ff0000bbe4eb&pageSiteNode=102C3849-B781-60ED-9EAD-FF0000BBE4EB/416acd56-d9fa-47a0-9074-6d42c7df1c0e/SitefinitySiteMap
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ed1ff4a354736f0a0ebc803e5295d7613bb98e6222ba5c09db00c1c01181bad1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 471
x-powered-by: ASP.NET
x-ua-compatible: IE=11
last-modified: Thu, 04 May 2023 18:01:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvctovPMUdltR9Wkh1MnATpFB7rEQEesiYvQUgidWj2sgacZ0GE%2F%2BcR1leDeJVLekmvKuP0NMZXlineCWZefLcx66mimT%2F1yTQ3SY7f009o0oXzMoUmTA%2BgZeF8h6YDwQ4vEpqSdcxYCp0LrRmE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7c22b2604de5362a-FRA
expires: Thu, 04 May 2023 19:01:56 GMT

GET
H2 200 WebResource.axd Show response
ebiz.payroll.org/ebusiness/ 23 KB
5 KB 115ms
112ms Script
application/x-javascript 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ebiz.payroll.org/ebusiness/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZJ8Y4yMZfh9DSEFaUmzbPUEmFSqZC12hxEOhsPu21miiQJ0gKQ2&t=637814437746327080
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Fri, 03 May 2024 13:03:12 GMT
date: Thu, 04 May 2023 18:09:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 26 Feb 2022 15:42:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbJQuSg0fcex%2Fy58%2B5GdIutIVCaHusIsxl5AvPdZtF7r31ZrXzgtkiEDO9Y6XZMLu29Mhl%2FFaiS7W%2FB%2BnVOVqF7%2BsDvRiEO6ba1mZWdGzobVnBPJJwffNYAMfNdmwRC3TriaMspdeVBL3Ez3u8w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public
cf-ray: 7c22b2604de7362a-FRA
x-ua-compatible: IE=11

GET
H2 200 ScriptResource.axd Show response
ebiz.payroll.org/ebusiness/ 100 KB
26 KB 127ms
123ms Script
application/x-javascript 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ebiz.payroll.org/ebusiness/ScriptResource.axd?d=NJmAwtEo3Ipnlaxl6CMhvioqTPKSoP5OkQV9QymC2u1dDGjozgCRyKZjdB_MW96CaBIsxWFJWR5leEMLVBD36EVu6d5FzlhYCOIAP6Kbi9N15JI6EoKc7bEBcGiTJ_5Wc2Vk_cb_MUFXnO7x4_zoGlnpPmc1&t=49337fe8
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ua-compatible: IE=11
date: Thu, 04 May 2023 18:09:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 04 May 2023 18:03:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJv9n7HpijOmcUrZvkjrzrv9ThCiV14I%2FYBYE2CK5VsuTtyC8oqxjgqXXg9G4Q6yBMyfoqMSXGJhGTmNpkHUuzdJRMlz27dVU7vP6yS7N3N07GIWdkS5pqyxOUCtI8bPjqTQqs3rOdpIOaUPNuw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public
cf-ray: 7c22b2604de9362a-FRA
expires: Fri, 03 May 2024 13:03:12 GMT

GET
H2 200 ScriptResource.axd Show response
ebiz.payroll.org/ebusiness/ 39 KB
11 KB 125ms
121ms Script
application/x-javascript 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ebiz.payroll.org/ebusiness/ScriptResource.axd?d=dwY9oWetJoJoVpgL6Zq8OIC31KGSkmZK4TkflVws3nStZSoAHsrpDSzK8ldbbNADm2AXkupMRSEY1YPmepZ7d-Wfd8SA4JfQUpvBJH8HVNTXKG4sFLvxTrcyjRUPArSUy1oUyc3rl6mnQD3Mq7sHMUDgLb41&t=49337fe8
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ua-compatible: IE=11
date: Thu, 04 May 2023 18:09:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 04 May 2023 18:03:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmGUnYv0qDJMyjUyHJMJtKAKL1qwjgr7hcEXTjdtxZENOfsTq4%2BzpxUy13%2B29skxQYB50vOk6wq%2FCx3cKSsNNG1KkjWAXjdbtn2%2FXLdk9TH2FV8%2BQsImsvGd%2FcbsECXi5BLBOR51wgBo4MWDjv8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public
cf-ray: 7c22b2606df9362a-FRA
expires: Fri, 03 May 2024 13:03:12 GMT

GET
H2 200 PayrollOrg-Logo-NoTag.png
ebiz.payroll.org/ebusiness/images/ 6 KB
7 KB 79ms
77ms Image
image/png 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ebiz.payroll.org/ebusiness/images/PayrollOrg-Logo-NoTag.png
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 13bb93325b17fc89cdc669e5da0109da8fd7a82b5c00b31fb549643ac9e7a404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 166504
x-powered-by: ASP.NET
content-length: 6547
x-ua-compatible: IE=11
last-modified: Tue, 02 May 2023 19:02:30 GMT
server: cloudflare
etag: "d31413a5287dd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtmtHNEanN4XssB75gILUkrKplR8moDp%2B%2BWfMkkh0N92GaBaX05py8fojjNUtvHJxTLPPSq5QcV5by5cgXKSjof%2FitszDcF5ihg8xXlLz9hunq9qxGiHUANvhCUxZaPoOUE7TvM1%2FjGys%2FIHlfY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7c22b2743ba2362a-FRA

GET
H2 200 77b349d1-25d1-4d9a-9c4b-7dcb46b388f7.png
no-cache.hubspot.com/cta/default/516067/ 36 KB
37 KB 185ms
153ms Image
image/jpeg 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/516067/77b349d1-25d1-4d9a-9c4b-7dcb46b388f7.png

Requested by

Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edec6071a233a39b369c2cc2645c65baafdb80da5fe2b7718a75cb51bdca7705

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
x-amz-version-id: OLHw0elCm4ClEzVOJ5mBsBOMyZM9N22i
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: W6M0S5KT7NMKDM5C
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36783
x-amz-id-2: 8jPl3bkrmfHt7xi6YL9LqDrqOUKoyArqNHKCD15xI+j+Fxd1UF4Wr9C7EOLd+C1OIPRzW17UBIE=
last-modified: Mon, 03 Apr 2023 16:50:47 GMT
server: cloudflare
etag: "ceba6223affdfde442f1a01a3f1d9e5f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLfHRZAuCjCBOqXwnK3V88dOy26pvzCbrdNpflrjSR6v59%2F2pnJJCpo17snqLR8RUDp4aCFfS%2F8tTvfmVIuboJ%2BspZxDXoq0%2FPjJPbzG7X1QZrOLbbDMsJUGqWV3P6D8cHA6xFWLNhfZvWTJQLV8bOoM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 7c22b27468702bf5-FRA

GET
H2 200 f4dae295-7514-4a75-bbe1-e651f9653545.png
no-cache.hubspot.com/cta/default/516067/ 52 KB
52 KB 197ms
165ms Image
image/jpeg 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/516067/f4dae295-7514-4a75-bbe1-e651f9653545.png

Requested by

Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efa9f4ee16848b238554191165a38f42d00f5efee8f247dc6eaef8515fece117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
x-amz-version-id: ccMxX.oTnaEz2rVGvR3Hnaa4MjBlVDse
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: W6M6ND2YQASW9R80
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52800
x-amz-id-2: WfOJMEXeaiDU3s5NwPlAzD5wv5aA7wKmKCKZQEjJQLinkgj8wHG7ZS4vBYP3dhGbGXgem1oRF+o=
last-modified: Tue, 02 May 2023 21:55:01 GMT
server: cloudflare
etag: "af98cbbb7c77378a75d9365acd57d7ec"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePF6bWBjULE0pFZ62twz1qNYHr4QmMrvhqekohOsETt94W%2BMMhVwQ9M5lgsVwYbFvjQyAMAqaFMD0KcwGxF8huAspA4drrRHeyE4IzqBM4tgGjFzcmNeIntfPUJ4nWrkts9uaQOD2ppRHStSIDG30JwI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 7c22b27468732bf5-FRA

GET
H2 200 caa08eff-a7cd-41da-a22d-03989a05e86c.png
no-cache.hubspot.com/cta/default/516067/ 36 KB
37 KB 185ms
154ms Image
image/jpeg 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/516067/caa08eff-a7cd-41da-a22d-03989a05e86c.png

Requested by

Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1759bec1d0cf915b2cb392a68d8681d0165bdc47cbec6685e668a603bec333b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
x-amz-version-id: znDExqwkAi693HG4AV892SVB9an7tcRD
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: W6MAEQPJVWG2KKNT
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37163
x-amz-id-2: JkvUGZgmTR06FFC+AtzNH0Si+Dtq/WgXD0c8MiAXs49DuP8MeAUkd1LCgu6QSbREViPK9+u8VmE=
last-modified: Tue, 02 May 2023 19:53:03 GMT
server: cloudflare
etag: "8425d91f6fce3bd308bb25000df5925c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjKVa7wd5SvvPvJl%2B8Y0wIg2bAOC8Yaa%2ByBaWzPUkZAvf%2FL%2Fg51E7JyTOi%2BTP1YcgrtUsRWPHZqSOZ%2FTsYTnQ8pJHg651eyNkttlsW18ZgsggtLMhYdF6zRs8fRWHNovpb3wo2cuyxoSLJDj%2FFJ6A9b3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 7c22b27468762bf5-FRA

GET
H2 200 38c05ffd-6bca-4b9e-ac2b-ff854f9c37fe.png
no-cache.hubspot.com/cta/default/516067/ 61 KB
62 KB 187ms
155ms Image
image/jpeg 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/516067/38c05ffd-6bca-4b9e-ac2b-ff854f9c37fe.png

Requested by

Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16e3668afb6021e6266a4beb81538bc6a2ad0c0f55b8a37810d1c5509f0c9e86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
x-amz-version-id: 23E1Wg3FkSvFz51t_gRTodr3dPEoFwqF
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: W6MESK2B839JHMBB
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62336
x-amz-id-2: 7iVy62inyY5or302CxvSy57WrvcvFIyLB1TPFzjOqw7hMvlX0JiheWbopOgDtTRbHl/Qou8IXRw=
last-modified: Tue, 02 May 2023 19:55:14 GMT
server: cloudflare
etag: "dd12e8dd6514a271f9232400e7f868f5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WS1KD%2FY86yAtOvJH%2BjaI98eABdZe3TNKir13AjYSXt%2B6JvTD1w501SDio6PfQhg6%2F%2FmpliKCAIWxMYecJ0Tw9WMWFHRwEql4PIv5p6ALrOx0HOgH1O9KGTJptnkPN4TJS%2B2Ex3DkgWVMq4%2BQOhksolsQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 7c22b27468772bf5-FRA

GET
H2 200 a923c94a-43b1-41c2-933c-8029e7918c3d.png
no-cache.hubspot.com/cta/default/516067/ 41 KB
42 KB 178ms
147ms Image
image/jpeg 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/516067/a923c94a-43b1-41c2-933c-8029e7918c3d.png

Requested by

Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e154a3173e3bc65fa9656ab84cf9f906480c795062a54a2b9d31866fbf1addaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
x-amz-version-id: sQTBT3hxip3u0Zhte_jV9NMdJwCaxsnM
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: W6M9XCN97Q8KY4B2
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42010
x-amz-id-2: nwHX5mmjOTQGyQCp3GlUEedHrXIPwVNqfXjp0q150HcrV4rVw1ZuxfLWj/WlE3LRzqm0wn0J4eg=
last-modified: Wed, 01 Mar 2023 15:10:38 GMT
server: cloudflare
etag: "2eaff3c0dc5c9ae3a52bdd21a0bd76ee"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FoSyAQ4NuH42L1PezbHm5cTcEKy5LHX0P8QXeQUqbRxoY8OlqlTVUnlkfs0QQNwLAFtqn%2FN6zHl21CsrQsqVXi%2FntweUyJLIoNcJp8KVJEOMwsAZJg29j%2BFxuvlqL4YrVcalMxaC0CZPMFErbAE8mpY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 7c22b27468782bf5-FRA

GET
H2 200 american-payroll-association.png
ebiz.payroll.org/ebusiness/Images/ 6 KB
7 KB 16ms
15ms Image
image/png 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ebiz.payroll.org/ebusiness/Images/american-payroll-association.png
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 13bb93325b17fc89cdc669e5da0109da8fd7a82b5c00b31fb549643ac9e7a404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 166504
x-powered-by: ASP.NET
content-length: 6547
x-ua-compatible: IE=11
last-modified: Tue, 02 May 2023 19:02:30 GMT
server: cloudflare
etag: "c9edba5287dd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuFm2k6YvmPThRkFX80ENN5ZwM90aQTnWp74wCzMFa%2BiPWQ23PB%2BtQCmKcLNLNe7w%2F3t9JjlyC2AfjjEyMO1yqfdXyBJH%2FvfjbBLNM8er5xj2mZuG9vyQpxSQSydJv58llztapJ0jxSae1mylX4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7c22b2743ba3362a-FRA

GET
H2 200 plugins.js Show response
ebiz.payroll.org/ebusiness/include/americaneagle/ 104 KB
21 KB 18ms
18ms Script
application/javascript 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ebiz.payroll.org/ebusiness/include/americaneagle/plugins.js
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2131e467dbbf7f6b8852787083b99fbeaa8e2ae80ff871a15fd74a4034677e97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Jun 2020 19:03:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 166506
etag: W/"90415811039d61:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7%2FiR3n6d4jkXq2WxbQ5EbW7ivNlDyuqrNt6Fh6pr1cmnjF8tOBLSfJsNVm4LMX%2Fm96XA8Bho7sX%2BnEPPAAXj7a8MgfJrsHRhKZxEmjiJaKLQgpx6uX%2FC8Ec4n4qO1bGQHOd1Gvt3yuoctOHmFc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7c22b2736aa5362a-FRA
x-ua-compatible: IE=11

GET
H2 200 functions.js Show response
ebiz.payroll.org/ebusiness/include/americaneagle/ 4 KB
1 KB 15ms
15ms Script
application/javascript 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ebiz.payroll.org/ebusiness/include/americaneagle/functions.js
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 124d4aacce1e9942dab056e0c149874a885e70d853b30bc43540c5ad8fcc3ac0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 May 2020 22:56:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 166506
etag: W/"e2a498f672dd61:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FANSNfc8BnKq%2BMDVdMTtirblOMOoy%2F6%2FyKUIKKtsJS%2BjnL1AfOOcdm3fmM6kL3h5J5y7QsoS5uaaQD%2Bjo%2BdpXAS6Pe00ooduIi8VGNIQdxAX9e9i9cNsrSExAh6J9DmVlBWcY%2FgLvnI2xWQehaA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7c22b2738acf362a-FRA
x-ua-compatible: IE=11

GET
H2 200 nav.js Show response
ebiz.payroll.org/ebusiness/scripts/ 212 B
455 B 15ms
14ms Script
application/javascript 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ebiz.payroll.org/ebusiness/scripts/nav.js
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4dcc0d30fb102fa88aaba5e9186ed945395fdc2d9bd307c557c9fd4426e3c6a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 17:39:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 166505
etag: W/"ab103ecc632bd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZAWX5goNk4PUTMNRxpKjynnSXx%2BdGGFaDqRE4ssDQBqMwSSzTKxqwKjq8AEoZmeWCaaQuaUeA7Sh5dloohhYGxL%2Fi32jBuEZa9O8Kpz9iy%2F8DhUjv7FKOhucpGxI2eHtKP5BL6fvJduRnmJmc0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7c22b273aaf0362a-FRA
x-ua-compatible: IE=11

GET
H2

200

all.min.js Show response
www.payroll.org/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/
Redirect Chain

https://www.americanpayroll.org/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/all.min.js?package=Talon
https://www.payroll.org/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/all.min.js?package=Talon

81 KB
23 KB

17ms
17ms

Script
application/javascript

2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payroll.org/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/all.min.js?package=Talon
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7918fea01e240c395d204c350ec88c62506c2b8b1f7130613adbb5e357622f01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Jun 2021 01:13:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 99222
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwccQzuhBWhDzyq7ZNhr%2BVHE2HBC7zj0ViwojfcC18HLhwSPs3mbLzdAciPD8yw70WjHus27PEV5nBgPK4en%2F8Hru%2B%2FX%2FyQBijRDAbxzKkFlRYHhe9s44plTUbqPmZpFmJ6%2FguNyuXRfAzOXqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7c22b273db29362a-FRA
expires: Wed, 10 May 2023 14:36:07 GMT

Redirect headers

date: Thu, 04 May 2023 18:09:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 425
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ehdZwhymkHQlipCqs0gzCV7cloWjLWmVzCqmRj%2B6BiiyGDq2M%2BGVTLqKckGP2RsOZU6m6bOQvNIcBIKQDjlvDI5Pvh50lXpG8VfEd2MjVDohcfI3M5W%2FPIyiD9D8rdLngYS79QINclRypHqqor9Wz5R8K21"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://www.payroll.org/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/all.min.js?package=Talon
cache-control: max-age=14400
cf-ray: 7c22b273bde3bbeb-FRA

GET
H2 200 516067.js Show response
js.hs-scripts.com/ 2 KB
1 KB 422ms
397ms Script
application/javascript 2606:4700::6812:873b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/516067.js
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:873b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebebd0aa188f127a3934f4833f58c3421829974c366518cb90c5767faad8962a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:51 GMT
content-encoding: br
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 2c5e7f5c-4ecb-4ec0-a4da-cb6398f99743
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 15
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ca576a54-9d99-47bd-afa2-3c1188a8cb78
last-modified: Thu, 04 May 2023 18:00:48 GMT
server: cloudflare
x-trace: 2B1E9C6E02C6F914C3C29F92B3810BAE9308AF73C0000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://ebiz.payroll.org
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5677b5b686-scc7c
cf-ray: 7c22b2745b51366d-FRA
expires: Thu, 04 May 2023 18:10:51 GMT

GET
H2

200

hawksearch-autosuggest.js Show response
www.payroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/
Redirect Chain

https://www.americanpayroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearch-autosuggest.js?package=Talon
https://www.payroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearch-autosuggest.js?package=Talon

426 B
513 B

18ms
18ms

Script
application/javascript

2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearch-autosuggest.js?package=Talon
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b09f11caf0c2c7f8e25425e5f8338f430e90a0a79a998844e64ed8b89a97030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Jun 2021 01:13:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 99177
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SM6LjTNBYPMuZuzWHOtQSYs5HdRGl2%2BuI23Skrfn8cNVFuMzrnfZOIV3668sz0500Erh8xMKU8Pxg026MeiQe63%2F6wQ6ixwCR%2B8FbUwXohvXeh72d9OPhTa3JnLtPVtg7a1YhayXMdIRlfyRCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7c22b2743ba4362a-FRA
expires: Wed, 10 May 2023 14:36:53 GMT

Redirect headers

date: Thu, 04 May 2023 18:09:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 425
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p70%2F8oxJRGVzB2Bv0pw6sfJH7Vh2Wf8K80cNqRziuXlmTLKBYfI1QxAyIYnBt%2BF5jqsiJPjKVprJR2Ts7m9L9m6mEVCea3EIsx%2FcuBABQ14Uor%2BX06kav3hy1BDL5oJDr9zKbuJnJ3paisnLSFNIxM%2FAFDta"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://www.payroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearch-autosuggest.js?package=Talon
cache-control: max-age=14400
cf-ray: 7c22b273fe35bbeb-FRA

GET
H2

200

hawksearchbox.js Show response
www.payroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/
Redirect Chain

https://www.americanpayroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearchbox.js?package=Talon
https://www.payroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearchbox.js?package=Talon

2 KB
998 B

22ms
22ms

Script
application/javascript

2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearchbox.js?package=Talon
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c22ba3143f11e2f5eb5a277e037c9ea002cf5c84124a05d254a9ae8f3eb6b33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Jun 2021 01:13:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 87626
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFe%2BXvYnLrdUGDwJWyns56UQrs43hDmGWVpFWgUK4RKbzFDK%2Fr%2BhaiX8kFSZHWNdmouyo9%2B2DxZi2NkLE3HJwGQNZGhFcXmgOJ8nfF2H1KSYwMgBngo8P4s2Q9%2BL%2BDK2kDM%2FZW5EGxjBZOvNnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7c22b2743bb6362a-FRA
expires: Wed, 10 May 2023 17:49:24 GMT

Redirect headers

date: Thu, 04 May 2023 18:09:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 425
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVjTBet1tltpXcZ0gmrn12PbW6KUJcf9RMRB%2BGqAZzfEC08rGC7jQROTD24Dcx33FdAxnJ%2B6eWM8ViBACHCAMfBzirpR5dhQgysL8%2FsowNCncvdz613j2g2achwVbz5osV26SAwZJSGzlvwaXWgZDd9qRFYU"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://www.payroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearchbox.js?package=Talon
cache-control: max-age=14400
cf-ray: 7c22b273fe36bbeb-FRA

GET
H2 200 current.js Show response
js.hscta.net/cta/ 16 KB
7 KB 48ms
16ms Script
application/javascript 2606:4700::6812:a9c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscta.net/cta/current.js

Requested by

Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a9c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

384ebb3a6b18fba46505d1421ff20bcd924b64606de2641eec22ed8bc41bf0fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
x-amz-version-id: uhL6dnppSo8KeomrebPU9hB2_.Cn105d
via: 1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
age: 224
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=cta-embed-js/static-1.167/bundles/current.js&cfRay=7c22acfabc1f3667-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 418e56fa-1918-4439-9a96-3ab06cf23a5b
last-modified: Wed, 26 Apr 2023 03:31:59 UTC
server: cloudflare
etag: W/"5c558aa2f7c9b2022b11cf9710ccaf47"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-589c5fd4fb-vnl6w
cf-ray: 7c22b2746e9d3625-FRA
x-amz-cf-id: k8aRcxvFPb63k8gXfR6ERCY6CvCXGR0YCT6vrUGGa3k-2xV2645X0A==
x-hs-target-asset: cta-embed-js/static-1.167/bundles/current.js

GET
H2 200 style.css
dev.hawksearch.net/sites/shared/icons/ 4 KB
2 KB 102ms
101ms Stylesheet
text/css 52.223.62.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.hawksearch.net/sites/shared/icons/style.css

Requested by

Host: dev.hawksearch.net
URL: https://dev.hawksearch.net/sites/apa/includes/hawksearch.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.223.62.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a55e6c97d227a2720.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

0e2bebab63664782658f77dd7d372b6296c64446afbcb41d09db2976674e8bfd

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dev.hawksearch.net/sites/apa/includes/hawksearch.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:47 GMT
content-encoding: gzip
last-modified: Tue, 01 Nov 2016 01:57:15 GMT
server: Microsoft-IIS/10.0
etag: "80cfad44e333d21:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1977
x-xss-protection: 1; mode=block

GET
H2 200 hawk-recommender-common.css
dev.hawksearch.net/sites/shared/ 3 KB
971 B 101ms
100ms Stylesheet
text/css 52.223.62.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.hawksearch.net/sites/shared/hawk-recommender-common.css

Requested by

Host: dev.hawksearch.net
URL: https://dev.hawksearch.net/sites/apa/includes/hawksearch.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.223.62.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a55e6c97d227a2720.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

3ce2cf958ae2f6a8fb76566e251ec76e9a28c41fd0add9c2d93af2be9d9603ea

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dev.hawksearch.net/sites/apa/includes/hawksearch.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:47 GMT
content-encoding: gzip
last-modified: Thu, 10 Jun 2021 06:47:29 GMT
server: Microsoft-IIS/10.0
etag: "80d6a7bc45dd71:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
content-length: 684
x-xss-protection: 1; mode=block

GET
H2 200 hawksearch_plugins.css
dev.hawksearch.net/sites/apa/includes/ 40 KB
7 KB 102ms
102ms Stylesheet
text/css 52.223.62.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.hawksearch.net/sites/apa/includes/hawksearch_plugins.css

Requested by

Host: dev.hawksearch.net
URL: https://dev.hawksearch.net/sites/apa/includes/hawksearch.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.223.62.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a55e6c97d227a2720.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

07f2b41e869083db0340c2eb83f477877ce2832adc53cb4bd6a371b0e52615c2

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dev.hawksearch.net/sites/apa/includes/hawksearch.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:47 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2017 02:20:02 GMT
server: Microsoft-IIS/10.0
etag: "035fb1f6ab2d21:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
content-length: 6673
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 36ms
9ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: www.americanpayroll.org
URL: https://www.americanpayroll.org/Frontend-Assembly/HawkSearchWidgets/Mvc/Scripts/hawksearch.js?package=Talon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 06:02:20 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/ 401 KB
124 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

282b1607a57a6bef203e6016dc849f5162dd0ceae9d12296d476344afefffe41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebiz.payroll.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 04 May 2023 14:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14083
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126853
x-xss-protection: 0
server: cafe
etag: 4617370205818610952
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 03 May 2024 14:15:07 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 38 B
66 B 59ms
42ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ebiz.payroll.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ec58b711fc918f7b30d43d1c43261c9b2ebdd7f780d41867d83a93b122914b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Thu, 04 May 2023 18:09:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 04 May 2023 16:35:44 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5646
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 04 May 2023 18:35:44 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 191 KB
70 KB 48ms
24ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5LN4Z6X

Requested by

Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5eaca89cc1129c4642268c18d215a70e2ae522438c7bc15ef822d8a024ee5086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71194
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 May 2023 18:09:50 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ebiz.payroll.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 05:52:39 GMT
x-content-type-options: nosniff
age: 476231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 05:52:39 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 59ms
18ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ebiz.payroll.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 49ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ebiz.payroll.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 54 KB
22 KB 59ms
58ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2950210110011513&correlator=1064569327074676&eid=31074171%2C31074302%2C31074298&output=ldjh&gdfp_req=1&vrg=202305010101&ptt=17&impl=fifs&iu_parts=143769951%2C12345678910&enc_prev_ius=%2F0%2F1&prev_iu_szs=1200x150&ifi=1&adks=2283139738&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1683223790804&lmt=1683223790&dlt=1683223787553&idt=3167&adxs=155&adys=391&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D&ref=https%3A%2F%2Fcommunity.payroll.org%2F&frm=20&vis=1&psz=1290x0&msz=1290x0&fws=4&ohw=1600&ga_vid=585666810.1683223791&ga_sid=1683223791&ga_hid=120588817&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8acfd144e957e03e6d06c3bfd489b4d2e4c78d972ad175128d733b0e3feeafde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22277
x-xss-protection: 0
google-lineitem-id: 5673581916
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138347242298
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ebiz.payroll.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f8f884deab4593c7d7d0d26a286f0418.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1B2C 6 KB
3 KB 81ms
22ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f8f884deab4593c7d7d0d26a286f0418.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebiz.payroll.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 18:09:50 GMT
expires: Fri, 03 May 2024 18:09:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fa-solid-900.woff2
pro.fontawesome.com/releases/v5.15.4/webfonts/ 134 KB
134 KB 21ms
20ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.15.4/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d4d29042c23b5fcbed3af690421776de0f8ad3d308d66e24a9d80bcc8ccb522

Request headers

Referer: https://pro.fontawesome.com/releases/v5.15.4/css/all.css
Origin: https://ebiz.payroll.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
cf-cache-status: HIT
x-amz-request-id: DAYW686QZKM2RFD2
age: 106600
content-length: 137104
x-amz-id-2: XScKHZeZS9rQrRR34TFdyxT/zMULowVxXnr0JjVHaKwYbYc1Kqe1903S2w/no6vtKS+jP1oFIF8=
last-modified: Wed, 04 Aug 2021 20:59:35 GMT
server: cloudflare
etag: "dbf1fc91f1beec2915123257ea4d58ef"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7c22b274bc8cbb77-FRA

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ebiz.payroll.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 17:28:07 GMT
x-content-type-options: nosniff
age: 175303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2024 17:28:07 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 74 KB
25 KB 111ms
82ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.americanpayroll.org
URL: https://www.americanpayroll.org/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/all.min.js?package=Talon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52a6863781dfda3be4008ee7758444265ca2df3c4eb30c4223a6cb9edc20fbf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24739
x-xss-protection: 0
server: cafe
etag: 812 / 19481 / m202305010101 / config-hash: 12840004910015491638
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 May 2023 18:09:50 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 27ms
8ms Script
application/x-javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=65845
accept-ranges: bytes
content-length: 4777

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 15ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=120588817&t=pageview&_s=1&dl=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D&dr=https%3A%2F%2Fcommunity.payroll.org%2F&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAACAAI~&jid=1549927732&gjid=1581323788&cid=585666810.1683223791&tid=UA-7957765-4&_gid=7011165.1683223791&_r=1&_slc=1&z=132743581

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ebiz.payroll.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 May 2023 18:09:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ebiz.payroll.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 54EC 0
0 106ms
105ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0rlg08xIRpQG_ra4j7lAEaXGE2VEjsuDTroS9W5JsgpqM98B1CllcTpA6IlmrFke9m8nbw9GTVZcVLhbPak3cVOEfBNDbVyCOjIEAlN9ik_fCvg2hlC_btAmte69lOqBDPPE4z66oJ9hEGzu9w-qxK-wfLNAFecolQI2adz6NHtscEzBfYx4ZO1cs0TCUxe1x-z_iE0sLMCaZ53RihrNRkANJt0MPj6ryDmIU_-OFRzP4g0ewqiRul7Blu38CdyfGVJkSeFJ1RneqUp3Y8ZIrveL_hvcPNnDisWpSdCZ5J7bOwXfFS6GxEoTgS6990R56&sai=AMfl-YRu4GODvrmeH0fd1VularRQJ_fdRNaj9RHMJx9UZ_rDB518aXhuHwrkLGhX-fDnZ5U0ZJ8QBuLEkS3BcLpbdx57ZC9FD8e2u5GgamxR3Pe8CQYZJBsAf-GevV-nDK151qUpdGPoojx6j6oFBpvf&sig=Cg0ArKJSzHanjEM8g9QyEAE&uach_m=[UACH]&adurl=

Requested by

Host: community.payroll.org
URL: https://community.payroll.org/HigherLogic/Security/SAML/localSAMLLoginService.aspx?ReturnUrl=https%3a%2f%2fcommunity.payroll.org%2fprofile%3fUserKey%3d61990060-8982-40d5-a942-018681daaf4e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 04 May 2023 18:09:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame 54EC 22 KB
9 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8767
x-xss-protection: 0
server: cafe
etag: 1250930375877819641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:55:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 54EC 3 KB
1 KB 37ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 16:47:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4929
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 16:47:42 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 54EC 160 KB
49 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50014
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683113006724128"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 18:09:50 GMT

GET
H2 200 15906152712716434168
tpc.googlesyndication.com/simgad/ Frame 54EC 132 KB
132 KB 37ms
9ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15906152712716434168

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b8695b9564ab0fdfd5d4e9f7d99bddd3c2e5f7278ce13191e544d0e105950c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:17:11 GMT
x-content-type-options: nosniff
age: 3160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134659
x-xss-protection: 0
last-modified: Thu, 22 Apr 2021 20:31:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 03 May 2024 17:17:11 GMT

GET
H2 200 cta-json Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 19 KB
4 KB 176ms
167ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Flocalhost%2Febusiness%2Flogin.aspx&pid=516067&sv=cta-embed-js-static-1.167&utm_referrer=https%3A%2F%2Fcommunity.payroll.org%2F&rdy=1&df=t&pg=a923c94a-43b1-41c2-933c-8029e7918c3d&pg=caa08eff-a7cd-41da-a22d-03989a05e86c&pg=f4dae295-7514-4a75-bbe1-e651f9653545&pg=38c05ffd-6bca-4b9e-ac2b-ff854f9c37fe&pg=77b349d1-25d1-4d9a-9c4b-7dcb46b388f7

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

748671875975f99a7bd1398d70cc5d82e3730bf856a037c0222145a04deac64f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-origin-hublet: na1
date: Thu, 04 May 2023 18:09:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 1ef39385-65e8-4489-a8c1-65c7d91d7238
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 45
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1df83d29-860a-4869-a09c-1540425e2e33
server: cloudflare
x-trace: 2B110811EFFDC2EFB197EE31383A04667E3892593A000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ebiz.payroll.org
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-58fd596dd9-8q9cj
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L34rHoHUBMJlGKp5%2FTlD7pBinw1cRHr6jOyKKSF0jHX%2FDmcamTATuGXJFye1V%2BjdUCITuV%2F1chDwaqybJYx5LZC6Qz5%2BqtBc0a1vv7FYQxA7s%2BaOc4KDk3GNZH1KFHuJNlEiliJc7TFGUEjFzs5Q84cbm54ByTbxhv0%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7c22b275faab2bf5-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 64ms
21ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-7957765-4&cid=585666810.1683223791&jid=1549927732&gjid=1581323788&_gid=7011165.1683223791&_u=IAhAAEAAAAAAACAAI~&z=1671698882

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ebiz.payroll.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 04 May 2023 18:09:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ebiz.payroll.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 67 KB
22 KB 50ms
8ms Script
text/javascript 2600:9000:225e:f400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LN4Z6X
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46fb5dc9bc2c62510524ff7d023d1acdd98a693e2c4c6bc6adbe8dce242d5246

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

X-Amz-Version-Id: t2odp6E0L3gMv4oaa6APyl80R6IDi46D
Content-Encoding: gzip
Via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
Date: Thu, 04 May 2023 17:46:12 GMT
Age: 1420
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 27 Apr 2023 15:01:40 GMT
Server: AmazonS3
Etag: W/"ad8051d4b1764868cb152a1dc4edad0b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: h7s1JrJs6A4xTcqhd7-wZ1XQGQDVTP78sLsrAIyP1ED6ZqUstNZi9A==

GET
H2 200 hotjar-505541.js Show response
static.hotjar.com/c/ 14 KB
5 KB 67ms
34ms Script
application/javascript 65.9.95.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-505541.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LN4Z6X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-45.prg50.r.cloudfront.net

Software

Resource Hash

12d308443c9758c1a752f19ff120afb9ae270cc276c3ce805e1539f4342f5f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 04 May 2023 18:09:51 GMT
via: 1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 31
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/2375466364f0cbc7764e5580f8a38c2a
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: tLVJ3c5V-StbMem9tliKl24rM0fiBK4dfgLWbUmzECf_YFinzkAgYw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
78 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3H3E65SWVW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LN4Z6X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

621df04fd58bc9df70ae2415a85cb5dc7888da5df96d7c89ee109e1a592f75a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79713
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 May 2023 18:09:51 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3225460/domain/ebiz.payroll.org/ 36 B
379 B 32ms
9ms XHR
application/json 2600:9000:2127:5c00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3225460/domain/ebiz.payroll.org/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:5c00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://ebiz.payroll.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 12:57:12 GMT
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 18759
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=21467
x-amz-cf-id: YAu3PmRfjmSWjQqDtQeLeKnZF9RLkrl9vuKPcbbkbwjm_pY5BmIgKg==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3225460&time=1683223791061&url=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3225460%26time%3D1683223791061%26url%3Dhttps%253A%252F%252Febiz.payroll.org%252Fe...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3225460&time=1683223791061&url=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3225460&time=1683223791061&url=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%...

0
266 B

210ms
181ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3225460&time=1683223791061&url=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D&liSync=true&e_ipv6=AQL1jlKxSIyWUQAAAYfn9Mfk6fzY45LM5fzIaUBbMANBQdgLOxSPdVpoBSpi2qBF
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:51 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: FAB0BC173A7A410493862D1CB16AB76B Ref B: DUS30EDGE0722 Ref C: 2023-05-04T18:09:51Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX64hQwAsLdRfV4FjRkgQ==

Redirect headers

date: Thu, 04 May 2023 18:09:51 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 812693712E864BD886A64FF30B3315DB Ref B: DUS30EDGE0411 Ref C: 2023-05-04T18:09:51Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3225460&time=1683223791061&url=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D&liSync=true&e_ipv6=AQL1jlKxSIyWUQAAAYfn9Mfk6fzY45LM5fzIaUBbMANBQdgLOxSPdVpoBSpi2qBF
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX64hQsuGuXTA+UqwdQxQ==

GET
DATA 200
OK truncated
/ Frame 54EC 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a8a5604133e09ad0090be775f1fb91516da6aae476ac12b034e8712ea9e2814

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3225460/domain/ebiz.payroll.org/ 36 B
378 B 22ms
11ms XHR
application/json 2600:9000:2127:5c00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3225460/domain/ebiz.payroll.org/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:5c00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://ebiz.payroll.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 12:57:12 GMT
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 18759
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=21467
x-amz-cf-id: ClwarHpGByyrHdrt8f-hjMYw6V2i0jQdYSjG77eCjJxVQQzGOYVJtg==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 54EC 0
0 48ms
48ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvdbnKA-U39FP-1RUvYLpjcKZmWT6ejeqYW2hA6abVTGH_JXNw5fA3hlwL9NftHXd4cczE2wbOOUk331xSR5oZKxBARHVb7u6VhxjiJMgTwtAnhHClkxStdvLW9q_eqTF0_1ZStHHvc2wEjf8QIO87qWIOe3KmWoqiVtdfJjxMezlqexLsoKrOfHl8PRQlfdSa_NNFheudgowB4qO87nq896IJD1PPaYMn809TP915ZUOpBiN7flTde5hpNE4BdII5BnQhIreKk3BBw2sRD6KR5mdlwIlc-qg99TRiUuNT11zfLsUhfEgPD-c-jwp7LDN0WLA&sai=AMfl-YRNVc-aWvAvMGMApLV0kcpDe2TZfxVzhDMv_IcojiTkUejXIqCieyyLdDM4l2JpnWFneyLZWGQHUFlAcEp89N874eueP2Ji41zS4b3g5x6dhLVOi92VuLVR7p30-lBx8E5PPC9TbF1OT5-Ys_dg&sig=Cg0ArKJSzFaQmCtBuKtWEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 04 May 2023 18:09:51 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 67ms
44ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-7957765-4&cid=585666810.1683223791&jid=1549927732&_u=IAhAAEAAAAAAACAAI~&z=1570661056

Requested by

Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 18:09:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 73ms
46ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-7957765-4&cid=585666810.1683223791&jid=1549927732&_u=IAhAAEAAAAAAACAAI~&z=1570661056

Requested by

Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 18:09:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/exp/OBOESQZEFVBTXLEGXYYAEP/ 38 B
795 B 10ms
10ms Script
application/javascript 2600:9000:225e:f400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/OBOESQZEFVBTXLEGXYYAEP/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6c19d4ee9832249a4a542057fe1cda984efb525973cb294831ec5ecc42367f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

X-Amz-Version-Id: tWUJqJLr4cdm10N9nY9YHDNksuZMK5i1
Date: Thu, 04 May 2023 07:43:17 GMT
Via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
Age: 37594
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 38
Last-Modified: Tue, 21 Mar 2023 16:35:19 GMT
Server: AmazonS3
Etag: "f5a64db38c4218cefe3f9d7531faf9a1"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: gdUqjzy8CJ41Shu-R9mFFgQE7k69zdBPZQqaZmjGmqt6Rt22AMfpfw==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/OBOESQZEFVBTXLEGXYYAEP/KGMO6US5ZRGVTOLE5XFT2G/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

10ms
10ms

Script
application/javascript

2600:9000:225e:f400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: HTTP/1.1
Server: 2600:9000:225e:f400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Thu, 04 May 2023 14:40:21 GMT
Via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
Age: 12570
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ix9t5r3tHTOSY0mHYhHjtyC2DgO420Av3SW1Dt95GI-ICZYmX6EljQ==

Redirect headers

Date: Thu, 04 May 2023 12:25:38 GMT
Via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
Age: 20653
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ZbAsSTtXzxufHSghyUnjo3Pj7bfemAamuweKa7L1pMWD0ijFuktBuw==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/OBOESQZEFVBTXLEGXYYAEP/KGMO6US5ZRGVTOLE5XFT2G/ 4 KB
3 KB 24ms
9ms Script
text/javascript 2600:9000:225e:f400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/OBOESQZEFVBTXLEGXYYAEP/KGMO6US5ZRGVTOLE5XFT2G/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0cb0a48c76b0f668105a76c39481285b24b12dadca2090687a984f7210688025

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

X-Amz-Version-Id: gfd0Ra9iD70ACRvt061a_sR.e8zM_zYM
Content-Encoding: gzip
Via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
Date: Thu, 04 May 2023 18:07:10 GMT
Age: 359
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 25 Apr 2023 12:22:03 GMT
Server: AmazonS3
Etag: W/"a7bb70ece1e3f0f3879dcfca4857a770"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 127cZURvA8gT8gowaWa2bvelWHtmfjEHZklbzGCnz_sskBbzRk8GUg==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 41ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3H3E65SWVW&gtm=45je3510&_p=120588817&cid=585666810.1683223791&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683223791&sct=1&seg=0&dl=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D&dr=https%3A%2F%2Fcommunity.payroll.org%2F&dt=Login&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3H3E65SWVW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 18:09:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ebiz.payroll.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.b440b8b3971e5ec6056f.js Show response
script.hotjar.com/ 264 KB
68 KB 32ms
8ms Script
application/javascript 65.9.95.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.b440b8b3971e5ec6056f.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-505541.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-91.prg50.r.cloudfront.net

Software

Resource Hash

674492bb351bc3c8328b014f9ad016d26361a9da7599de0f0af8dfdbb7b99d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:29:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 117644
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69234
last-modified: Wed, 03 May 2023 09:28:55 GMT
etag: "4d60597d3bb7082d16c50293546f6f66"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: PGtmIEV7d3A4Ip00qIc6l79SsEHjxZs_9qmmO03iyOuroITFN8Ng5A==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 55ms
24ms Script
application/javascript 2606:4700::6810:75be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/516067.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:75be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0df60d15ee1b87cc9007f1d50ea2d9fd8560ac1b7cf143a51208f20b27a59fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:51 GMT
x-amz-version-id: .SjrrXgKPXt.4Z9u7JrAeq5b0ko7RK6Q
via: 1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 89
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.360/bundles/pixels-release.js&cfRay=7c22b04aafc32bf6-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 641774c6-9f59-4479-a84b-507aa8d4b56d
last-modified: Mon, 17 Apr 2023 03:30:21 UTC
server: cloudflare
etag: W/"1ecc18fb1c2090998fc7361c029fa6a1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-589c5fd4fb-xk27s
cf-ray: 7c22b2770fac2bcd-FRA
x-amz-cf-id: YJcmKY4icdXH0HGtAmdAasNmjMjylf4RrvyLX1jB-xPMYaxGkyUcaw==
x-hs-target-asset: adsscriptloaderstatic/static-1.360/bundles/pixels-release.js

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 545 KB
87 KB 66ms
35ms Script
application/javascript 2606:4700::6811:836e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/516067.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:836e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7239304bfda1edbdc25f38e13e0c6ed0c40c2aa7bf88e95b9fc8f17ba36a8253

Request headers

Referer: https://ebiz.payroll.org/
Origin: https://ebiz.payroll.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-encoding: br
age: 380
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1180/bundle/main/lead-flows-release.js&cfRay=7c22a92e9a771c73-IAD
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"0bee9cd87f137fe7aec90112cb8b0376"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1180/bundle/main/lead-flows-release.js
date: Thu, 04 May 2023 18:09:51 GMT
x-amz-version-id: RmhmaytfCYjkF4kIWncNidw0.aX_4QVo
via: 1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-request-id: cb276bda-4d28-443d-ba51-0c619bdec08f
last-modified: Mon, 03 Apr 2023 03:50:40 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-589c5fd4fb-jqgs7
cf-ray: 7c22b2770f0d1c42-FRA
x-amz-cf-id: gNA1dW_wz4fC33oAzU0N-ImB8omqMKzEzSR17Kw6eMnfARs0QGvYsw==

GET
H2 200 516067.js Show response
js.hs-analytics.net/analytics/1683223500000/ 65 KB
21 KB 192ms
167ms Script
text/javascript 2606:4700::6810:88ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1683223500000/516067.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/516067.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:88ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 997865743b8d70ad1b8df6c9e2321b44bb4e58c02eab370967289833b6fbd536

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:51 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: H83YQWPWCDHYN35H
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 31
x-amz-id-2: EQEkEe6bh5Rxor4/hIvXDhZjMfu1zWjEQuQBtdsCLYJup5gm7sD3P4I2p0r2adNZFyJ0+Cu+dZU=
x-evy-trace-listener: listener_https
x-request-id: 0a70bc93-9dd6-412f-a5cd-cf36e87db096
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 18 Apr 2023 13:55:24 GMT
server: cloudflare
etag: W/"7d71c02617afdd2ff8da567081867eb0"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6b7cfc8cf5-vxsnr
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7c22b276fb2b03c4-FRA
expires: Thu, 04 May 2023 18:14:51 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/516067/ 208 KB
64 KB 55ms
25ms Script
text/javascript 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/516067/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/516067.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a53f756c8d7eb55e20434146580cfe3eb3eb23a38c9ac992ba3163a6f018951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:51 GMT
x-amz-version-id: Ai.evfNV7k8SLXyVCLvYiwoEPrcBUUSs
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: C7NW5T7ZB8Y11QBA
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
age: 31
x-envoy-upstream-service-time: 59
x-amz-id-2: 6ADyHdHYPMrg3b4v4yzhY4InG8Lnl7VocU2RytmpkGN0WJZKRlVKI3Emp63+WOCTx8Ap26ONnDU=
x-evy-trace-listener: listener_https
x-request-id: 0d894db4-30f8-41e4-8461-707104e4d497
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 17 Apr 2023 14:58:59 GMT
server: cloudflare
etag: W/"4acc86feff9525838f7c196566ac2026"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.gpminstitute.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6b7cfc8cf5-76cd9
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7c22b2770c0c8fd6-FRA
expires: Thu, 04 May 2023 18:14:20 GMT

GET
H2 200 cta-loaded.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 0
485 B 135ms
132ms Script
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=516067&pg=a923c94a-43b1-41c2-933c-8029e7918c3d&lt=1683223790868&dt=1683223790869&at=1683223791248&sl=1&an=1

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-origin-hublet: na1
date: Thu, 04 May 2023 18:09:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 86eb485f-a326-4d2d-9ebd-24de4aa5a91d
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3ead9d1e-b3f2-42f4-9476-ca7a3eda5e60
last-modified: Thu, 04 May 2023 18:09:51 GMT
server: cloudflare
x-trace: 2B80826B95629DFFCB882BF730EE6C35D45647061E000000000000000000
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqdNc0MUAMWvwOEneC0quG5YjyotNn86z7PxwxVv4Og5dOXmhYcZlbwazkn3q8fUEWL%2FOyw2w2MjIU7bvycTrO0N5UVp0ACsVGFhTD60ZLoNySUx8MFgDRBq1zr3ZSOUr3kpunvgbCyM5S0xKNWZyxtcKbSHMfhqBFs%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-58fd596dd9-84zxp
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
x-robots-tag: noindex, follow
cf-ray: 7c22b2775ca82bf5-FRA

GET
H2 200 cta-loaded.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 0
494 B 148ms
146ms Script
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=516067&pg=caa08eff-a7cd-41da-a22d-03989a05e86c&lt=1683223790869&dt=1683223790869&at=1683223791249&sl=1&an=1

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-origin-hublet: na1
date: Thu, 04 May 2023 18:09:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9243fd2e-bffc-4b11-b2df-a0cbbb37f92d
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2d5db0c6-0d6a-4a1d-b7ca-9aa79f0e1d57
last-modified: Thu, 04 May 2023 18:09:51 GMT
server: cloudflare
x-trace: 2BD0D5098841B648E886396A21116F28BC6DBB828D000000000000000000
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ijIVgdgxhTUdYuwypCUBUDmki%2Fs13E8l1VhSwiifOquIWeaQtAkmzqwDiJhEIqnYWlwaFiyxd9bbzbUQHPYbEcX4jTRLE%2FZlvyq0hUj2XCLe7cZqWt9RnLfjy0pImW%2BNAt41vxVu72%2BngNlqI7wbnIRu0g3RN6rzQ8%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-58fd596dd9-nf7pf
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
x-robots-tag: noindex, follow
cf-ray: 7c22b2775ca92bf5-FRA

GET
H2 200 cta-loaded.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 0
476 B 138ms
135ms Script
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=516067&pg=38c05ffd-6bca-4b9e-ac2b-ff854f9c37fe&lt=1683223790869&dt=1683223790869&at=1683223791249&sl=1&an=1

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-origin-hublet: na1
date: Thu, 04 May 2023 18:09:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c02f928f-1c7b-4e00-9df7-e38c20eb646a
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 49b3c105-be96-4c10-8512-6b2d24cc20df
last-modified: Thu, 04 May 2023 18:09:51 GMT
server: cloudflare
x-trace: 2B3A73F4D44E13814CC5C06DB61E4F360AB2026B0F000000000000000000
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85TgOWdrsWqoFsCPHzpBqt5QxiPc1N%2Bb928c%2BM9lOshK0i4gPGM2Mnl45UN1qjehQ8fwleKTwMVkCBLT%2FJ49bQv210MDdqogoFQlP%2BMMNy%2FXmjdY6fLD5E89h1liTG0xecNwyk7mSPuo618m%2FsSY12g3v6HhnTxtd18%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-58fd596dd9-nwz49
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
x-robots-tag: noindex, follow
cf-ray: 7c22b2775cab2bf5-FRA

GET
H2 200 cta-loaded.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 0
597 B 139ms
137ms Script
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=516067&pg=77b349d1-25d1-4d9a-9c4b-7dcb46b388f7&lt=1683223790869&dt=1683223790869&at=1683223791250&sl=1&an=1

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-origin-hublet: na1
date: Thu, 04 May 2023 18:09:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 1b8d036a-a006-4ab3-a807-2fbf12e0f404
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c253150d-08ae-4afe-996a-b8403d541763
last-modified: Thu, 04 May 2023 18:09:51 GMT
server: cloudflare
x-trace: 2BF89E536B93ECC2394A86FDCEB2ED3A8D44DAAAD3000000000000000000
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDRsdITaSBaVu7P7FsaJ7sB8M2zaD5pWJOJyRKDkPyhl2laatjJ4GPpw9fRmoojaCkPwtnh%2B5n5zqYgpWRj09umfEfokkGXdqKjM2gdh7UBi6SWfvdwiS8oR3WkiWCMkrYg2mkA8u1eQwCc6YuCgc9d2Sw3IlcvZwds%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-58fd596dd9-qq552
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
x-robots-tag: noindex, follow
cf-ray: 7c22b2775cac2bf5-FRA

GET
H2 200 cta-loaded.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 0
582 B 136ms
134ms Script
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=516067&pg=f4dae295-7514-4a75-bbe1-e651f9653545&lt=1683223790869&dt=1683223790869&at=1683223791250&sl=1&an=1

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-origin-hublet: na1
date: Thu, 04 May 2023 18:09:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 7a529204-74bb-4ef5-8666-8bf0bbffab4e
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: bf17da3f-54be-4d47-986a-59d14b3a803a
last-modified: Thu, 04 May 2023 18:09:51 GMT
server: cloudflare
x-trace: 2BCC3E4FA0854555CB85819D7460188BBE21C9D421000000000000000000
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BluoOCKJatDTR4Mid7sEoJPdiYEV9ubvXkFu%2B21%2FL2IE08L9fvGPa0OLan%2FGETDe0QJ7s1ISVYrnbkUY4o%2FLEF6UjXjfIHH8U8cSnAiGNrKTXeLXHbdppH%2FPlvbl45kAhS22zOoEpQvGWUOba3%2Fgn4mMP4o7fSnL9AM%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-58fd596dd9-qq552
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
x-robots-tag: noindex, follow
cf-ray: 7c22b2775cae2bf5-FRA

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
729 B 163ms
132ms Image
image/gif 2606:4700::6811:d2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1

Requested by

Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d2f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
x-hubspot-correlation-id: c8adf58e-735d-4bc2-a7b2-7b336e57dc58
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 02cb4116-4e2c-4abc-8331-5bcd95c30381
last-modified: Thu, 04 May 2023 18:09:51 GMT
server: cloudflare
x-trace: 2B531267F8B658A9A9DED9B5E1E51C56FCD560AC1F000000000000000000
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-58fd596dd9-dvnh4
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 7c22b27788d91cc5-FRA

GET
H2 200 563dbfce-8149-4cdf-9b37-023b9f33f7b2.jpeg
516067.fs1.hubspotusercontent-na1.net/hubfs/516067/hub_generated/resized/ 24 KB
24 KB 129ms
94ms Image
image/webp 2606:4700::6812:f0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://516067.fs1.hubspotusercontent-na1.net/hubfs/516067/hub_generated/resized/563dbfce-8149-4cdf-9b37-023b9f33f7b2.jpeg
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac346ef975a5292f48445c475b70b9f850b286f032015dac44e05f50d35a9da6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:51 GMT
via: 1.1 27674c645904e04ed5860bd3bff6d214.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: e4t8WoXL7tlU4sGhrADTGgIYzmK0DHt_
age: 242854
x-amz-cf-pop: MXP64-P1
cf-polished: qual=85, origFmt=jpeg, origSize=42010
x-amz-request-id: 476M2DH00AZG1QE6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="563dbfce-8149-4cdf-9b37-023b9f33f7b2.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
content-length: 24260
x-amz-id-2: NNO88zw1wWha7ar+rDWTlNXiVbfoOX7JALr+DyM9Hqo6nsjYJItU90zsyisUW7fK4vpCJBGDgZ8=
last-modified: Wed, 01 Mar 2023 15:10:33 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "2eaff3c0dc5c9ae3a52bdd21a0bd76ee"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7c22b2779d779b8c-FRA
x-amz-cf-id: nLX_AJDhFWBLi2BCl4sxnqXIUufz4UuIKfq66LBKIGcdMrqh0i6rMQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
250 B 169ms
138ms Image
image/gif 2606:4700::6811:d2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1

Requested by

Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d2f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
x-hubspot-correlation-id: c0665e7e-8e5f-4fad-a973-28e75b086359
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 10
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e87cf93d-f03b-452d-95b3-2281ae132e87
last-modified: Thu, 04 May 2023 18:09:51 GMT
server: cloudflare
x-trace: 2BA87AFE8149D9B443CEF44FE83A25A17EDBFFFD2F000000000000000000
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-58fd596dd9-cxp2g
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 7c22b27788dd1cc5-FRA

GET
H2 200 68710882-6c33-473f-a3ae-99446436c573.jpeg
516067.fs1.hubspotusercontent-na1.net/hubfs/516067/hub_generated/resized/ 17 KB
17 KB 136ms
102ms Image
image/webp 2606:4700::6812:f0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://516067.fs1.hubspotusercontent-na1.net/hubfs/516067/hub_generated/resized/68710882-6c33-473f-a3ae-99446436c573.jpeg
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c70b33a61e64c63c7d954785177cfc154fe278360404f3033d1dd5a739a4b8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:51 GMT
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: Uc7fjb6mXqs7ojHfZGHd40ZJx4T8GmY0
age: 110488
x-amz-cf-pop: FRA56-P7
cf-polished: qual=85, origFmt=jpeg, origSize=37163
x-amz-request-id: 82DD75ZREQWZW561
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: PENDING
content-disposition: inline; filename="68710882-6c33-473f-a3ae-99446436c573.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
content-length: 17168
x-amz-id-2: e4pzjJjjwN5srWxruvE0NBo7FV+i3qo+s60yaFjNrazyZbbBUd4SEDaP0Q30uvpYhsLJflCcOmc=
last-modified: Tue, 02 May 2023 19:53:01 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "8425d91f6fce3bd308bb25000df5925c"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7c22b2779d7a9b8c-FRA
x-amz-cf-id: EultNd1PjpzEsI2wIKceSbIBMhN5KCq_wswvt3Uc5aYJkqkthbvrEA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20

GET
H2 200 7206175f-7cc7-4799-a59f-b40b8839d357.jpeg
516067.fs1.hubspotusercontent-na1.net/hubfs/516067/hub_generated/resized/ 30 KB
31 KB 128ms
93ms Image
image/webp 2606:4700::6812:f0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://516067.fs1.hubspotusercontent-na1.net/hubfs/516067/hub_generated/resized/7206175f-7cc7-4799-a59f-b40b8839d357.jpeg
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 460945d111bfdad5fd45d86b8577f28d571545fd376f19eb7001e84cd47580ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:51 GMT
via: 1.1 93efd892a8e99dc59164afbee331cd56.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: GrX0BiYOIY91CfCE6LuM51ipgoBCdE6r
age: 110488
x-amz-cf-pop: FRA56-P7
cf-polished: qual=85, origFmt=jpeg, origSize=62336
x-amz-request-id: VPS6SYK53SBX2C5J
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="7206175f-7cc7-4799-a59f-b40b8839d357.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
content-length: 30472
x-amz-id-2: ID6bsfwfpF96qZuFChKCH7+BuJd2zSrbrg5CPb37irQpY6/Gl4tjl2JEkCshporWfWdYUY8FT6U=
last-modified: Tue, 02 May 2023 19:55:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "dd12e8dd6514a271f9232400e7f868f5"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7c22b2779d7c9b8c-FRA
x-amz-cf-id: e6wo-V9tsd9UB7dPCjJERIDy7XshomaMczU8mSshoQjATyT7MPBkmg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20

GET
H2 200 28f99f5c-5354-495c-997e-884c72bc2bc7.jpeg
516067.fs1.hubspotusercontent-na1.net/hubfs/516067/hub_generated/resized/ 15 KB
16 KB 137ms
103ms Image
image/webp 2606:4700::6812:f0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://516067.fs1.hubspotusercontent-na1.net/hubfs/516067/hub_generated/resized/28f99f5c-5354-495c-997e-884c72bc2bc7.jpeg
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fbda56b922115aa02d221f4c09ac4985c7d24b630cb0ab02ce1a885bad4609b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:51 GMT
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: MOqWrY_fajl0BN0UEkW3TjlzQ0_xcnBp
age: 278071
x-amz-cf-pop: FRA56-P7
cf-polished: qual=85, origFmt=jpeg, origSize=36783
x-amz-request-id: 01CB4Z91E2X019YR
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="28f99f5c-5354-495c-997e-884c72bc2bc7.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
content-length: 15798
x-amz-id-2: drFqFoQl5ljT/AXWyT1sA+1Qw6XzJhx5mcYmHgt1/CL/wY6mB5qdlVIdfT0zhmzAWMKoZ9ads/w=
last-modified: Mon, 03 Apr 2023 16:50:46 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "ceba6223affdfde442f1a01a3f1d9e5f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7c22b277ad7e9b8c-FRA
x-amz-cf-id: UwgS8u-Wyz_678PNa4ENn38-RMvizrg2oWX6kOgOg2ZHpH2I60Pd4A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20

GET
H2 200 92f62858-5860-4a47-a8e7-2cc1cdc5a6a5.jpeg
516067.fs1.hubspotusercontent-na1.net/hubfs/516067/hub_generated/resized/ 25 KB
26 KB 137ms
103ms Image
image/webp 2606:4700::6812:f0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://516067.fs1.hubspotusercontent-na1.net/hubfs/516067/hub_generated/resized/92f62858-5860-4a47-a8e7-2cc1cdc5a6a5.jpeg
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57f1ddc4842f7d594cc2c7a96242c4655c2a30e471c8ff65400c33eaed212684

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:51 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: EG0xHLVLqIbBSO_vSBg3V2cTPsT3p338
age: 110488
x-amz-cf-pop: FRA56-P7
cf-polished: qual=85, origFmt=jpeg, origSize=52800
x-amz-request-id: G4JNHQECNZ15KZBT
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="92f62858-5860-4a47-a8e7-2cc1cdc5a6a5.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
content-length: 25886
x-amz-id-2: W5LkU4JuRGLDinbHNlaejsSF5PPwmQEV9Bq8rw+l2KnV0hdZviEOSDiXRUBpqN1InDmSGfSwnqI=
last-modified: Tue, 02 May 2023 21:55:00 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "af98cbbb7c77378a75d9365acd57d7ec"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7c22b277ad809b8c-FRA
x-amz-cf-id: cLe_eCLchnxFN8CKU84ZJzPgq-2FgVHCubAV0ppFuEn9HmMVmdnD3g==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20

GET
H2 200 OBOESQZEFVBTXLEGXYYAEP Show response
d.adroll.com/consent/check/ 453 B
546 B 108ms
31ms Script
application/javascript 2a05:d018:cc3:fe04:b7a:cdcb:b18e:304c
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/OBOESQZEFVBTXLEGXYYAEP?pv=26647043734.560104&arrfrr=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D&_s=7b9c964a85690d84bb72f8704535fec0&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:b7a:cdcb:b18e:304c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 393aa7bdee93f4ce6f9133803664143d79cab49c3497a82c603761f9e149b597

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:51 GMT
server: nginx/1.22.1
content-length: 453
content-type: application/javascript

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 188 B
1 KB 163ms
141ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=516067

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

976578fa5aeead37e73f9ae33dec0a62e4fc87ed2d6420b48396104b0b1d429a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6a7c9120-4ff7-431a-b51a-1c2567591f3d
x-envoy-upstream-service-time: 8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 76938c89-395e-4b30-be55-ff3949a514b2
server: cloudflare
x-trace: 2B3E0E7AB6DA95EB5131C49EDBD536806766146489000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ebiz.payroll.org
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5677b5b686-qz6jv
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vlkEzFso%2FF1qgsuMgn5jNmuip%2FORTKBN1tjK%2B%2Bzu5M0AljLQevIq5cbLHl%2Bd8%2BG7eK%2BIbgP4sDXlD9x%2Foc2UEHGlCXT01T38JAoTMI2wbM%2BcdDsqy1kYmTBkhx6K19h6QQZAqd%2BaokkFstl"}],"group":"cf-nel","max_age":604800}
cf-ray: 7c22b277a958371a-FRA
access-control-allow-headers: *

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 410 KB
55 KB 12ms
12ms Script
application/javascript 2600:9000:225e:f400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

X-Amz-Version-Id: 44sIT20LqRj70wQHqyIoOw7etYYdjkbK
Content-Encoding: gzip
Via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
Date: Thu, 04 May 2023 18:08:16 GMT
Age: 100
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 19:41:48 GMT
Server: AmazonS3
Etag: W/"0a7d0ea8d7d31b07e925fe340acf431b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: tmHCWggHi-RlLz1yeaWzPsNmjx4malJ3wTUyw3MYieuU025foNaCug==

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 9ms
8ms Image
image/png 2600:9000:225e:f400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date: Thu, 04 May 2023 04:15:12 GMT
Via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
Age: 68593
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: QoonYwXyC4yohboZgRN0x2Pu-z3-q7TOsFhsePTrkm2sCldLcpCyrA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-827417185

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9eaaaa634b6e54572679b04723032f8abd981f137bfb74c39be24868bae22659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68885
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 May 2023 18:09:51 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-827417185&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LN4Z6X

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cae52e98f82e8938e083ed10820a861310d3af8f35a324e525b363eed57d2365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68751
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 May 2023 18:09:51 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/827417185/ 3 KB
2 KB 59ms
36ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827417185/?random=1683223791484&cv=11&fst=1683223791484&bg=ffffff&guid=ON&async=1&gtm=45be3530h2&u_w=1600&u_h=1200&url=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D&ref=https%3A%2F%2Fcommunity.payroll.org%2F&hn=www.googleadservices.com&frm=0&tiba=Login&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=405441084.1683223791&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-827417185

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efd583bb75f48e755526a6f17e58c46d036c58073b6015595667a4ad7ed10a99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 18:09:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1285
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/827417185/ 42 B
154 B 19ms
18ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/827417185/?random=1683223791484&cv=11&fst=1683223200000&bg=ffffff&guid=ON&async=1&gtm=45be3530h2&u_w=1600&u_h=1200&url=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D&ref=https%3A%2F%2Fcommunity.payroll.org%2F&frm=0&tiba=Login&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3165442465&rmt_tld=0&ipr=y

Requested by

Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 18:09:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/827417185/ 42 B
154 B 23ms
23ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/827417185/?random=1683223791484&cv=11&fst=1683223200000&bg=ffffff&guid=ON&async=1&gtm=45be3530h2&u_w=1600&u_h=1200&url=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D&ref=https%3A%2F%2Fcommunity.payroll.org%2F&frm=0&tiba=Login&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3165442465&rmt_tld=1&ipr=y

Requested by

Host: ebiz.payroll.org
URL: https://ebiz.payroll.org/ebusiness/login.aspx?ReturnURL=H2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 18:09:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 88ms
58ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6cc32f39ba1a5c9fde82605c9ae0502607c000fe44472687d39a92b3019db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11276
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 105 KB
28 KB 99ms
32ms Script
application/x-javascript 2a03:2880:f028:16:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f028:16:face:b00c:0:3 Sofia, Bulgaria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f7b103418c76d3c630fa9ac6128249bebab1e97454948c2fcfc22fc88f4ea3a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 04 May 2023 18:09:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27428
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: SZ9kEMmDueT8EbsyPDhmMCxpSJB91V9fN9itWoD68xWQqggMbItjfaMAF2eLzPbXQfdM7HH9HlxEqPasfvinmg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
702 B 129ms
126ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=609496040&v=1.1&a=516067&rcu=https%3A%2F%2Flocalhost%2Febusiness%2Flogin.aspx&r=https%3A%2F%2Fcommunity.payroll.org%2F&pu=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D&t=Login&cts=1683223791902&vi=7f98886cb11004084e9932fda99d74a2&nc=true&u=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&b=251592985.1.1683223791899&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: aebe9821-536f-416b-b807-67ceed7e9331
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 75596db4-779f-430f-97b3-a12fb42c0bb7
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkxQfrBXwCV0eVfW8DqkUllm1PxP%2BJFHWH4gJQ2q%2B8MgqbvvROughiWME5kV26W51AH7UU87fxzKaJ%2FhN47jqyJ%2F33h2OBVrN8rpIdJSLPsSrBuXmbaQpB3XPOpMX7k8EJVhW9nUBCmb%2BKRDAgvM"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-5dsgc
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7c22b27b7bb02bf5-FRA
x-robots-tag: none

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
294 B 130ms
128ms Image
image/gif 2606:4700::6811:d2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d2f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
x-hubspot-correlation-id: e436553b-0082-4db7-9f93-e71e1103bf23
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d6e56fef-4412-4af9-baea-6df432ad7a86
last-modified: Thu, 04 May 2023 18:09:52 GMT
server: cloudflare
x-trace: 2B3FF43609941E37A4E6F9C55BB54D33B8900C672B000000000000000000
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-58fd596dd9-nglwz
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 7c22b27b7ff71cc5-FRA

GET
H2 200 __pto.gif
track.hubspot.com/ 45 B
652 B 141ms
139ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__pto.gif?w=1683223791903&m=ReferenceError%3A+hsVars+is+not+defined&j=1.1&n=ReferenceError&x=ReferenceError%3A+hsVars+is+not+defined%0A++++at+https%3A%2F%2Fjs.hscta.net%2Fcta%2Fcurrent.js%3A1%3A1556%0A++++at+i+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1683223500000%2F516067.js%3A19%3A43322)%0A++++at+hstc.tracking.Runner.processHsq+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1683223500000%2F516067.js%3A19%3A44068)%0A++++at+hstc.tracking.Runner.run+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1683223500000%2F516067.js%3A19%3A43266)%0A++++at+i+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1683223500000%2F516067.js%3A19%3A65320)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: c687b4db-3ee1-40f7-a7a8-72448121fccf
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6b6d21e6-b98c-4b65-956c-2b0ed772a399
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70BXGgiii%2B8t9eiKuFXiGvyuXiAiZuw62mUggCnv%2Bvkxp5dpzKEtr8pMN9T35aQ25z1egpz3FR8MRNnbEb9jVKthNbV95EE4Z%2FlmHEGHzfE5AjscC6ETqg3S%2FRB9miBmhqVjDkvG3lGEpKhp1Nwy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-jndc8
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7c22b27b7baa2bf5-FRA
x-robots-tag: none

GET
H2 200 __pto.gif
track.hubspot.com/ 45 B
452 B 140ms
138ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__pto.gif?w=1683223791904&m=ReferenceError%3A+hsVars+is+not+defined&j=1.1&n=ReferenceError&x=ReferenceError%3A+hsVars+is+not+defined%0A++++at+https%3A%2F%2Fjs.hscta.net%2Fcta%2Fcurrent.js%3A1%3A1556%0A++++at+i+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1683223500000%2F516067.js%3A19%3A43322)%0A++++at+hstc.tracking.Runner.processHsq+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1683223500000%2F516067.js%3A19%3A44068)%0A++++at+hstc.tracking.Runner.run+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1683223500000%2F516067.js%3A19%3A43266)%0A++++at+i+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1683223500000%2F516067.js%3A19%3A65320)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 0473fc80-dd2b-459f-8daf-9818e837893d
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 461ec50b-c8f5-40d6-b9ba-5555c4502afb
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Lef7FVXHrux6TOfGRkrtDiW9hXs5jkd66AtIlLJx5t78semooUVXP6tswNFKoFIEdRZyALKiN%2FnRUYsnfwladc7PGyUPjl2VB%2BU%2Fo0JylwKY2RoZBLdPRRUzuLF6cMuGF64L7EE432NBuOpxt35"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-mw7ks
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7c22b27b7bac2bf5-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
472 B 131ms
130ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22a923c94a-43b1-41c2-933c-8029e7918c3d%22%2C%22a82cdc8b-8338-4740-91e1-32607c006bf7%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=609496040&v=1.1&a=516067&rcu=https%3A%2F%2Flocalhost%2Febusiness%2Flogin.aspx&r=https%3A%2F%2Fcommunity.payroll.org%2F&pu=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D&t=Login&cts=1683223791905&vi=7f98886cb11004084e9932fda99d74a2&nc=true&u=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&b=251592985.1.1683223791899&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 436698e0-8f62-4b3f-b5b7-77a70201a3e3
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2857971c-c27e-4e9b-ac24-91cbc85fe265
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPbxsYBLIIoz1yFmopIaaodyVJM0PiRNjwsO%2BP5TnkFkmq9f%2F%2Fxi8mtNoMR6oC%2BllBEvTJHU3pbHlXMyX8hdMzENpsepuEv%2B7pPJmBhsMHzzCkHqA9sItGUwbzdlUdEak7GlpzT0goR1QVb5eDrU"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-r7kqt
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7c22b27b7bad2bf5-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
440 B 132ms
131ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22caa08eff-a7cd-41da-a22d-03989a05e86c%22%2C%226f508493-c525-419e-b7e2-20e64a92eaf4%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=609496040&v=1.1&a=516067&rcu=https%3A%2F%2Flocalhost%2Febusiness%2Flogin.aspx&r=https%3A%2F%2Fcommunity.payroll.org%2F&pu=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D&t=Login&cts=1683223791906&vi=7f98886cb11004084e9932fda99d74a2&nc=true&u=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&b=251592985.1.1683223791899&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6cc17c0c-ef87-458e-88a3-9bfe39d43d98
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b65c74f9-7aa9-42c9-950a-cc5a1bd71691
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HyTCn4uHY9SvwyFpQtGgL5nOJYZ%2FnMDxmDjHqGJb6H5FzMY84gjmCA6fkvvS3Nz%2BhKEcJ%2BOTx9xFm2oMrXPo%2BwCWjm9KHvimb%2FbPcxxZreqdZ2nM8uld5Mbf%2Bvzutz4UzZ0IsLeCurak5Ux5G8VW"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-jndc8
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7c22b27b7bae2bf5-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
565 B 134ms
133ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%2238c05ffd-6bca-4b9e-ac2b-ff854f9c37fe%22%2C%2240249a50-1ddd-47c1-aacc-872d2b371d38%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=609496040&v=1.1&a=516067&rcu=https%3A%2F%2Flocalhost%2Febusiness%2Flogin.aspx&r=https%3A%2F%2Fcommunity.payroll.org%2F&pu=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D&t=Login&cts=1683223791907&vi=7f98886cb11004084e9932fda99d74a2&nc=true&u=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&b=251592985.1.1683223791899&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ec826480-2a48-4fb5-8fdf-94fe1fc2e7fb
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 27bbebca-4759-498a-bfc3-40f8eb492bf8
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjrh4wiB2OAIG05JtZvuRQEzPavnJL1vaaiXxhwdz2kdLmRtEwztC%2Br2lePiemsu8o60CALCZQxVIcIV%2B1GYybiMErnNugWhi%2BGJb5j%2F7ly74TXDeSSm9DSKl%2Fu6xT%2Frr09M3RFoFaMLH4tuxi9z"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-zftp9
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7c22b27b7baf2bf5-FRA
x-robots-tag: none

GET
H3 200 __ptq.gif
track.hubspot.com/ 45 B
936 B 135ms
133ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%2277b349d1-25d1-4d9a-9c4b-7dcb46b388f7%22%2C%22785e56c9-e7b0-4fc6-98c9-b02acf6361e9%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=609496040&v=1.1&a=516067&rcu=https%3A%2F%2Flocalhost%2Febusiness%2Flogin.aspx&r=https%3A%2F%2Fcommunity.payroll.org%2F&pu=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D&t=Login&cts=1683223791908&vi=7f98886cb11004084e9932fda99d74a2&nc=true&u=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&b=251592985.1.1683223791899&cc=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f48d94f1-cb0c-4ee0-9307-54db12a56574
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3ccb897c-5bfd-4be5-bdc5-249b2a3bc3fd
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BcSp0r2xw3aBUOv%2BE732hHVgHEyE5l6XG%2BaXNS%2FA9UoS23WcvXtkSTztrMGVrr1ZLLTckkBZK7Hu2woohAaPu5eswqIRpuYjbWfmVT47IoRGji5aOu%2BmqCbdobcENQ1Xbd1%2FU19rCj%2F7VvB0E8O1"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-8d865
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7c22b27c4b342c77-FRA
x-robots-tag: none

GET
H3 200 __ptq.gif
track.hubspot.com/ 45 B
892 B 141ms
139ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22f4dae295-7514-4a75-bbe1-e651f9653545%22%2C%2291fa72b8-0545-401a-9d38-2c9d957eab61%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=609496040&v=1.1&a=516067&rcu=https%3A%2F%2Flocalhost%2Febusiness%2Flogin.aspx&r=https%3A%2F%2Fcommunity.payroll.org%2F&pu=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D&t=Login&cts=1683223791909&vi=7f98886cb11004084e9932fda99d74a2&nc=true&u=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&b=251592985.1.1683223791899&cc=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 51128313-a055-4a47-9f0b-ef13c244b44b
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1371cda0-4ddc-446d-ab07-a32749a8fea2
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUEr52YaxvK2u33vFp9vKj1z6dZw4KYZUlpuo3N3iZN4vtJG08UWhsitDELJtFJVc%2FoIFqrhenAafKkX8%2BVMYkAHNc6rYmCaMqHsB2z3TxgI4hoN0YuYcenQWpne5eIscy30Ijn2vq8nXRui9qeD"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-tdwqq
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7c22b27c4b352c77-FRA
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 220 B
1 KB 171ms
150ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=516067&utk=7f98886cb11004084e9932fda99d74a2&__hstc=251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1&__hssc=251592985.1.1683223791899&referrer=https%3A%2F%2Fcommunity.payroll.org%2F&currentUrl=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d225ebb5591c6ded2f3cc8c9bfa963da6b0bd64cb6ba97f7d351319b38bef0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: b37782a3-700d-43d5-a378-2dfbde3fdc48
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 24
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5fe56b14-4eab-4b9f-a21a-7049c1bf1192
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ebiz.payroll.org
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkXnrcUNMyINRFnJZz4veL2g7vy4CqRKulnP%2BRs%2BgobjCWcePuOKC5BS7leZ8v0Twm4IwUB%2FpvV%2FqGew2EJfUTo6eQ288WRDgdyyTQwhYVSVOfIfEB5L2ZVeEikJQVoE5JrZ8lg7LIOVY9ZnuJIF"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7c22b27c081f377b-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-58fd596dd9-b8d87

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 04 May 2023 18:09:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 98BF 13 KB
5 KB 10ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebiz.payroll.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4176
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 17:00:16 GMT
expires: Fri, 03 May 2024 17:00:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DBE8 783 B
534 B 24ms
23ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

215bb68aacb5f936725bd998c96c13a621913964c0d60c5b0aaeb995a56f2472

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NqSqPMFrmAZWu02ivejoOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ebiz.payroll.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-NqSqPMFrmAZWu02ivejoOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 18:09:52 GMT
expires: Thu, 04 May 2023 18:09:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 33ms
32ms Script
application/x-javascript 2a03:2880:f028:16:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.103

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f028:16:face:b00c:0:3 Sofia, Bulgaria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 04 May 2023 18:09:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ueLdzhqkj9W8Yw83AcAlsE1RxHAU+8/2li2rOgGnIFv5dN7L5fT+tsyhR3TqPQh+laUDDjBKf9kOPZL8li1HPg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 486216198428225 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 239ms
238ms Script
application/x-javascript 2a03:2880:f028:16:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/486216198428225?v=2.9.103&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f028:16:face:b00c:0:3 Sofia, Bulgaria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

462634a7af48ee3531e2d108333906e88ad7c9dd1e54f8f59b3cf61553b410ea

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 04 May 2023 18:09:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: AbsjzswF3mA29tUeCE2YDINyedBWy58iyGmQw6x0fObwj0v1UD+mNvm40AlDDR5u4YWKZmtto8BiQCjNuG1OFQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DBE8 0
0 135ms
118ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305010101&jk=2950210110011513&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H3 200 ikSMSteO3o14Tpi7JK6I_pos91N-O9tJx_W-F7IaH6U.js Show response
pagead2.googlesyndication.com/bg/ Frame 98BF 37 KB
14 KB 25ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ikSMSteO3o14Tpi7JK6I_pos91N-O9tJx_W-F7IaH6U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a448c4ad78ede8d784e98bb24ae88fe9a2cf7537e3bdb49c7f5be17b21a1fa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 18:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 May 2024 18:22:28 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 54EC 42 B
174 B 124ms
124ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsux11mswjuksBG7m2fMCTk8pxNW-Y7iYaGHlrQ9hJ-VPp6LvJcLB7X1vSDb1tUMBGsvheQmVhVfBw3OSJeF-lFhlzHMf_wYab3u9KtSVb-CARJW_u&sig=Cg0ArKJSzMbKG2opiEL4EAE&id=lidar2&mcvt=1000&p=359,200,509,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230503&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2283139738&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683223790977&rpt=125&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 18:09:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 98BF 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SiOBiQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:09:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 26ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=486216198428225&ev=PageView&dl=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D&rl=https%3A%2F%2Fcommunity.payroll.org%2F&if=false&ts=1683223792379&sw=1600&sh=1200&ud[external_id]=7f98886cb11004084e9932fda99d74a2&v=2.9.103&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1683223792377.856736674&cs_est=true&it=1683223792062&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 04 May 2023 18:09:52 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 125ms
124ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305010101&jk=2950210110011513&bg=!UVKlUgbNAAYV_mUANf47ADkAdvg8Wkn7xPHDXvb72p7ox_a22DdCEnDad3-UHknCiLa6Xeb53XyamPVcli9NIsaCcnZEQqa6hasCAAAAbVIAAAAEaAEHCgBEtKJIz8w2ycjOXBJaAinjPXKy-Fl4zbpYs2NSEvC7gQhevtLjAchIb5FNUFUuY3RrNrrXaD3WaXV7CX9hVoKgydrUxTuZAt70i0E9sRXhwDLnqvVAYcna3LwfvyTkNmqATl2HUqAaNxEicGKgQUgRkTMQrVQlC6dGr6RepdkoLOnFp5DuVRgQJsW9mKKs3w5nahRqq6XBvSkUtXRnT5WGFfYgQYepWZJAcJ38uYuNuDet3HkUtG1L_ai8r7Wzjife4uKIb8wjWSkckOKUt4qAfPbhqNVecheK3P495wlXrqUNPPmUhyzmLd_kxGKeN8NVW84Uvd7HYk-jiEHcNVl5SiTN68XKrS5q88H31jdTBucIM7EkwMZXuLvM8aNDgOP9Gq0zQPdob30bNlNRhmuDhe9q7UETr9Mu0MIR9pXy4KERcyNGnOtjkirO4mJS-dHClhr1l8kr1FjwxnxXym-tn8_dKyLfocEiUdNyrWnNj0D5FDU9tjaeUYZv9D4c1wqMOLkZFt_nAJs2ar2xsISMyhg2M03iiVzVXrcoOs8cepY3yVy01Q6Fkce0AXhZLqZxY8cQolBffN1G-b1kiZaerNWKq5x-c6EwY9_SWuRi2LkgEZDSsVeomVCB1wevUe4W3LYRssyWrbubHdySBaUzeRLFBn9X9aIR1IGYJVCHn1PgOeitgPeUD-DJE6_aDySLiVpBJ5YiWqkw4fsd6aroGU-UguvG6sPC7TWiIfbBXNpg8gSRtarmMc1WLLZnqRVcwCCBplI7ZbFU8F2zYrMzykA9XoZoU4QVKHsEKY8zs0BAfJut1-j3khZnaxUOfORRmS-MjfmxHU59AwcJsgXAaYQjugNSAeQlbCzAZqoOVdsMkFxPB6Eex5zxO20LcsnKnN_9mO5v52zhvGl8Za-I5qSnOW6RfdBjNWSOG8GHGIhyVZkndfWLZzbF1OfgaCtOSON21NAyNrQRlq2H9we-dwNeSUrdPAORxsjlhXwixVZzd8nJ4LyBHVG7rrqHuxvb2VppPd1v75YXcpc5_NmFwXkI3aIaTvcq_Zqud-zv2Re7n7T0PA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=486216198428225&ev=Microdata&dl=https%3A%2F%2Febiz.payroll.org%2Febusiness%2Flogin.aspx%3FReturnURL%3DH2LCbM4z1jUMhKi3qvdiSEYjVXOqu10MfY2v2pRKKys%3D&rl=https%3A%2F%2Fcommunity.payroll.org%2F&if=false&ts=1683223792882&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtLogin%5Cn%22%2C%22meta%3Adescription%22%3A%22Login%20-%20Aptify%20e-Busines%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22%40id%22%3A%22%23website%22%2C%22url%22%3A%22https%3A%2F%2Fwww.americanpayroll.org%22%2C%22name%22%3A%22AE%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwww.americanpayroll.org%3FsearchQuery%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%5D&sw=1600&sh=1200&ud[external_id]=7f98886cb11004084e9932fda99d74a2&v=2.9.103&r=stable&a=tmhubspot&ec=1&o=30&fbp=fb.1.1683223792377.856736674&it=1683223792062&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebiz.payroll.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 04 May 2023 18:09:52 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.payroll.org
URL: https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx

Domain: www.payroll.org
URL: https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
community.payroll.org/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: h5uq02hpgw34njhx3mwldmvw
community.payroll.org/	1969-12-31 23:59:59	Name: SSORedirectCount Value: 0
ebiz.payroll.org/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 2h0amjejc2z2u1g2kczt2k2s
.payroll.org/	1970-01-20 11:35:10	Name: _gid Value: GA1.2.7011165.1683223791
.payroll.org/	1970-01-20 11:33:43	Name: _gat Value: 1
ebiz.payroll.org/	1970-01-20 20:12:07	Name: visitor_id Value: dcfa2577-954e-4f69-b279-065873b3a7e4
ebiz.payroll.org/	1970-01-20 11:33:58	Name: visit_id Value: 11ac8811-71ab-440c-9c84-4e4dac7a5aec
.payroll.org/	1970-01-20 20:55:19	Name: __gads Value: ID=f1e18c9a188931b9:T=1683223790:S=ALNI_Ma3vzzrk2T7vCeMNoqWls74V4Gouw
.payroll.org/	1970-01-20 20:55:19	Name: __gpi Value: UID=00000bf54daace7d:T=1683223790:RT=1683223790:S=ALNI_MYBxNcW3Aj06yNIVZD2q-YKdZFfDw
.hubspot.com/	1970-01-20 11:33:45	Name: __cf_bm Value: gHWvnM1sNnx2MvYkDyT8yQB4MssRvPfJ9E5vefhNim8-1683223790-0-AdO6peRZCDwFmX6DSnPx31IQHe0LCgz49eMMC7R8nYgLoqnlD9c6tdNg3eWuHyPWoR2XPCFpCxXFTRtzXfNFLis=
.doubleclick.net/	1970-01-20 20:55:19	Name: IDE Value: AHWqTUlMROqnv7hC4n4vo22bH1n2voxX6f0YGGM3K_7WFU1LfVrOfeWa6er9AdU1sMg
ebiz.payroll.org/	1970-01-20 11:35:10	Name: ln_or Value: eyIzMjI1NDYwIjoiZCJ9
.payroll.org/	1970-01-20 21:09:43	Name: _ga_3H3E65SWVW Value: GS1.1.1683223791.1.0.1683223791.0.0.0
.payroll.org/	1970-01-20 21:09:43	Name: _ga Value: GA1.1.585666810.1683223791
.payroll.org/	1970-01-20 20:19:19	Name: _hjSessionUser_505541 Value: eyJpZCI6ImNiODhjOGE4LTI2MDctNWUwOS05Nzk5LWVjOWY3ZmY0NmQyOSIsImNyZWF0ZWQiOjE2ODMyMjM3OTEyMjMsImV4aXN0aW5nIjpmYWxzZX0=
.payroll.org/	1970-01-20 11:33:45	Name: _hjFirstSeen Value: 1
.payroll.org/	1970-01-20 11:33:43	Name: _hjIncludedInSessionSample_505541 Value: 1
.payroll.org/	1970-01-20 11:33:45	Name: _hjSession_505541 Value: eyJpZCI6IjJlYmJjMTI0LTI5M2EtNDIyMy05ZGJjLWRkYjRiZTE3NTE5NCIsImNyZWF0ZWQiOjE2ODMyMjM3OTEyNDQsImluU2FtcGxlIjp0cnVlfQ==
.payroll.org/	1970-01-20 11:33:45	Name: _hjAbsoluteSessionInProgress Value: 0
.linkedin.com/	1970-01-20 12:16:55	Name: UserMatchHistory Value: AQJOSajCWe8oxgAAAYfn9MZVP2fMiBQ6sE5no-E3auVzqKLjHY3iaraYB7YIK07oP9IJbolik9PnQg
.linkedin.com/	1970-01-20 12:16:55	Name: AnalyticsSyncHistory Value: AQImFBtwnv8AUgAAAYfn9MZVXnowT6yRp79XsQMMu69ijTFs89QvWMyiSrqEOa07YgSha4Xb_lyXI76rZPXSvw
.linkedin.com/	1970-01-20 20:19:19	Name: bcookie Value: "v=2&40f02446-00df-45ac-868c-a037dbd77a52"
.linkedin.com/	1970-01-20 11:35:10	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2930:u=1:x=1:i=1683223791:t=1683310191:v=2:sig=AQGo3MOnmyRgC6hQGyT22SG2XWI5Q6ZV"
.payroll.org/	1970-01-20 13:43:19	Name: _gcl_au Value: 1.1.405441084.1683223791
.www.linkedin.com/	1970-01-20 20:19:19	Name: bscookie Value: "v=1&202305041809519f3311c6-174d-498f-8fd7-2ba4ac9ae785AQGSfG9VXB__USzr8AxSlBuQ8vf4boHF"
.linkedin.com/	1970-01-20 15:52:55	Name: li_gc Value: MTswOzE2ODMyMjM3OTE7MjswMjH8vzcbApI50bJwMCYUYbEkBrxb6hQmX+s5s5Q+Kqa63g==
ebiz.payroll.org/	1970-01-20 15:52:55	Name: __hstc Value: 251592985.7f98886cb11004084e9932fda99d74a2.1683223791899.1683223791899.1683223791899.1
ebiz.payroll.org/	1970-01-20 15:52:55	Name: hubspotutk Value: 7f98886cb11004084e9932fda99d74a2
ebiz.payroll.org/	1969-12-31 23:59:59	Name: __hssrc Value: 1
ebiz.payroll.org/	1970-01-20 11:33:45	Name: __hssc Value: 251592985.1.1683223791899
.payroll.org/	1970-01-20 13:43:19	Name: _fbp Value: fb.1.1683223792377.856736674

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://www.payroll.org/assets/errorpages/404.aspx?aspxerrorpath=/404.aspx Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

516067.fs1.hubspotusercontent-na1.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.hubapi.com
cdn.linkedin.oribi.io
community.payroll.org
connect.facebook.net
cta-service-cms2.hubspot.com
d.adroll.com
dev.hawksearch.net
ebiz.payroll.org
f8f884deab4593c7d7d0d26a286f0418.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscta.net
js.hsleadflows.net
no-cache.hubspot.com
pagead2.googlesyndication.com
perf.hsforms.com
pro.fontawesome.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
s.adroll.com
script.hotjar.com
securepubads.g.doubleclick.net
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
tpc.googlesyndication.com
track.hubspot.com
use.fontawesome.com
www.americanpayroll.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.payroll.org
www.payroll.org
13.107.42.14
2001:4860:4802:34::36
2600:9000:2127:5c00:2:53b2:240:93a1
2600:9000:225e:f400:6:9280:1080:93a1
2606:4700:20::681a:5e1
2606:4700:20::681a:a59
2606:4700::6810:75be
2606:4700::6810:88ce
2606:4700::6811:836e
2606:4700::6811:cbcc
2606:4700::6811:d2f3
2606:4700::6812:1734
2606:4700::6812:18c4
2606:4700::6812:873b
2606:4700::6812:a9c0
2606:4700::6812:f0f
2606:4700::6813:9a53
2606:4700::6813:9b53
2606:4700:e2::ac40:840f
2620:1ec:21::14
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9d
2a02:26f0:3500:16::215:148d
2a03:2880:f028:16:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:cc3:fe04:b7a:cdcb:b18e:304c
34.193.4.92
52.223.62.122
65.9.95.45
65.9.95.91
029030f09934b754e92d2412401d6f35e9b208b9a6356da7da679d669066c9dc
0444d0b16c5943ccfeb8a6cf3e14f6e1ec59dc0a252de39cc139b6298342d58b
07f2b41e869083db0340c2eb83f477877ce2832adc53cb4bd6a371b0e52615c2
0b8695b9564ab0fdfd5d4e9f7d99bddd3c2e5f7278ce13191e544d0e105950c0
0c70b33a61e64c63c7d954785177cfc154fe278360404f3033d1dd5a739a4b8f
0cb0a48c76b0f668105a76c39481285b24b12dadca2090687a984f7210688025
0df60d15ee1b87cc9007f1d50ea2d9fd8560ac1b7cf143a51208f20b27a59fa7
0e2bebab63664782658f77dd7d372b6296c64446afbcb41d09db2976674e8bfd
124d4aacce1e9942dab056e0c149874a885e70d853b30bc43540c5ad8fcc3ac0
12d308443c9758c1a752f19ff120afb9ae270cc276c3ce805e1539f4342f5f8e
13bb93325b17fc89cdc669e5da0109da8fd7a82b5c00b31fb549643ac9e7a404
16e3668afb6021e6266a4beb81538bc6a2ad0c0f55b8a37810d1c5509f0c9e86
16e8f08eb363930ccc9f0e91f33ded7905fed943045a040078196294db8a9b17
1a53f756c8d7eb55e20434146580cfe3eb3eb23a38c9ac992ba3163a6f018951
2131e467dbbf7f6b8852787083b99fbeaa8e2ae80ff871a15fd74a4034677e97
215bb68aacb5f936725bd998c96c13a621913964c0d60c5b0aaeb995a56f2472
282b1607a57a6bef203e6016dc849f5162dd0ceae9d12296d476344afefffe41
29079d4c81c9f216e7c9942ec97b35afc8b0c0240367f32f83ef294a0e349665
2ec58b711fc918f7b30d43d1c43261c9b2ebdd7f780d41867d83a93b122914b3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
336ed2a1104c8cc7eebcab43d7aa5d13bae8e73f4156e7622639e3d8c6cfeda1
33958b50e6fbd2254b3e5f6fb6d3c9bf48cfa27d5b4eb6812bc643ca522ae3d9
35f173a99a075ce16b7ae4cdb7449771963f55425e45cbaf910dc17d7751e5c0
384ebb3a6b18fba46505d1421ff20bcd924b64606de2641eec22ed8bc41bf0fb
393aa7bdee93f4ce6f9133803664143d79cab49c3497a82c603761f9e149b597
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3ce2cf958ae2f6a8fb76566e251ec76e9a28c41fd0add9c2d93af2be9d9603ea
3f4a2b83588437dc69085797e0e0a20c893a318c737a94abad9c6ed59116ae6b
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4280ce3ec1c7e3918272cadcf0cb9bf86e22b1231d0e2d88cc8d565159e948b7
460945d111bfdad5fd45d86b8577f28d571545fd376f19eb7001e84cd47580ff
462634a7af48ee3531e2d108333906e88ad7c9dd1e54f8f59b3cf61553b410ea
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46fb5dc9bc2c62510524ff7d023d1acdd98a693e2c4c6bc6adbe8dce242d5246
4c22ba3143f11e2f5eb5a277e037c9ea002cf5c84124a05d254a9ae8f3eb6b33
4db6cc32f39ba1a5c9fde82605c9ae0502607c000fe44472687d39a92b3019db
4dcc0d30fb102fa88aaba5e9186ed945395fdc2d9bd307c557c9fd4426e3c6a3
52a6863781dfda3be4008ee7758444265ca2df3c4eb30c4223a6cb9edc20fbf3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57f1ddc4842f7d594cc2c7a96242c4655c2a30e471c8ff65400c33eaed212684
5eaca89cc1129c4642268c18d215a70e2ae522438c7bc15ef822d8a024ee5086
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621df04fd58bc9df70ae2415a85cb5dc7888da5df96d7c89ee109e1a592f75a2
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
674492bb351bc3c8328b014f9ad016d26361a9da7599de0f0af8dfdbb7b99d48
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7239304bfda1edbdc25f38e13e0c6ed0c40c2aa7bf88e95b9fc8f17ba36a8253
748671875975f99a7bd1398d70cc5d82e3730bf856a037c0222145a04deac64f
7918fea01e240c395d204c350ec88c62506c2b8b1f7130613adbb5e357622f01
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b59d285c6d180e7d8c015582fd1c1a0fa5d2d0cdd576273a95354337488b8f5
7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7fbda56b922115aa02d221f4c09ac4985c7d24b630cb0ab02ce1a885bad4609b
84aad532b77d3e5592e5bd1d9d7231c7df0924612fb8d0c5e4c8401c6bed4249
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852e961aed7d4ae98b596b3f06e2b017039aa0cb83e054f6efa6eed3b53e4c11
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
87b5454ea8bbb07c83c94bb74b404ccd7a8416cff064ac0c48b5f1dc5f5d1b9b
89b2462070a1a639c693794bc1d8d9131e6eb9274fc7fb0fb854943e58940a22
8a448c4ad78ede8d784e98bb24ae88fe9a2cf7537e3bdb49c7f5be17b21a1fa5
8acfd144e957e03e6d06c3bfd489b4d2e4c78d972ad175128d733b0e3feeafde
8b09f11caf0c2c7f8e25425e5f8338f430e90a0a79a998844e64ed8b89a97030
8d4d29042c23b5fcbed3af690421776de0f8ad3d308d66e24a9d80bcc8ccb522
91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b
976578fa5aeead37e73f9ae33dec0a62e4fc87ed2d6420b48396104b0b1d429a
997865743b8d70ad1b8df6c9e2321b44bb4e58c02eab370967289833b6fbd536
9a8a5604133e09ad0090be775f1fb91516da6aae476ac12b034e8712ea9e2814
9d225ebb5591c6ded2f3cc8c9bfa963da6b0bd64cb6ba97f7d351319b38bef0d
9eaaaa634b6e54572679b04723032f8abd981f137bfb74c39be24868bae22659
9f7b103418c76d3c630fa9ac6128249bebab1e97454948c2fcfc22fc88f4ea3a
a3ea686ef650ee2a9a7b9ccb29bb86a633d39e94a6d3e471ce72f1df190cf52c
a48fcd71c28debc9783fb10cbdad94f8406a39346fbfb9d0456d7fbaea750249
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ac346ef975a5292f48445c475b70b9f850b286f032015dac44e05f50d35a9da6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1759bec1d0cf915b2cb392a68d8681d0165bdc47cbec6685e668a603bec333b
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cae52e98f82e8938e083ed10820a861310d3af8f35a324e525b363eed57d2365
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e154a3173e3bc65fa9656ab84cf9f906480c795062a54a2b9d31866fbf1addaf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c19d4ee9832249a4a542057fe1cda984efb525973cb294831ec5ecc42367f7
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ebebd0aa188f127a3934f4833f58c3421829974c366518cb90c5767faad8962a
ed1ff4a354736f0a0ebc803e5295d7613bb98e6222ba5c09db00c1c01181bad1
edec6071a233a39b369c2cc2645c65baafdb80da5fe2b7718a75cb51bdca7705
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa9f4ee16848b238554191165a38f42d00f5efee8f247dc6eaef8515fece117
efd583bb75f48e755526a6f17e58c46d036c58073b6015595667a4ad7ed10a99
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

ebiz.payroll.org Open in urlscan Pro 2606:4700:20::681a:5e1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

93 %HTTPS

89 %IPv6

30 Domains

48 Subdomains

43 IPs

5 Countries

2545 kBTransfer

7418 kBSize

31 Cookies

139 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ebiz.payroll.org Open in urlscan Pro
2606:4700:20::681a:5e1 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

93 %
HTTPS

89 %
IPv6

30
Domains

48
Subdomains

43
IPs

5
Countries

2545 kB
Transfer

7418 kB
Size

31
Cookies

126 HTTP transactions
1 data transactions