www.surepayroll.com Open in urlscan Pro
2606:4700::6811:936b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://citibusinesspayroll.com/onlinepayroll/citibank/
Effective URL:
https://www.surepayroll.com/citgbanker
Submission: On February 04 via manual (February 4th 2020, 3:31:17 pm UTC) from US

Summary HTTP 109 Redirects Behaviour Indicators

Summary

This website contacted 46 IPs in 7 countries across 37 domains to perform 109 HTTP transactions. The main IP is 2606:4700::6811:936b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.surepayroll.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on April 15th 2019. Valid for: 2 years.

This is the only time www.surepayroll.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	63.240.144.198 63.240.144.198	17229 (ATT-CERFN...) (ATT-CERFNET-BLOCK)
1 1	63.240.144.205 63.240.144.205	17229 (ATT-CERFN...) (ATT-CERFNET-BLOCK)
28	2606:4700::68... 2606:4700::6811:936b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	184.73.210.203 184.73.210.203	14618 (AMAZON-AES) (AMAZON-AES)
9	159.122.87.153 159.122.87.153	36351 (SOFTLAYER) (SOFTLAYER)
1	2606:4700::68... 2606:4700::6812:1276	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:4104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:214... 2600:9000:214f:ce00:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
3	147.75.33.229 147.75.33.229	54825 (PACKET) (PACKET)
1	91.228.74.197 91.228.74.197	27281 (QUANTCAST) (QUANTCAST)
2	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
2	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
2 2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	95.101.176.176 95.101.176.176	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:205... 2600:9000:2057:1200:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:b600:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:c800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	147.75.33.131 147.75.33.131	54825 (PACKET) (PACKET)
2	34.248.116.44 34.248.116.44	16509 (AMAZON-02) (AMAZON-02)
2	143.204.214.33 143.204.214.33	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	52.57.19.198 52.57.19.198	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:10c... 2a02:26f0:10c:39e::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	3.124.133.106 3.124.133.106	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN)
1	192.28.147.68 192.28.147.68	53580 (MARKETO) (MARKETO)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	23.37.48.116 23.37.48.116	16625 (AKAMAI-AS) (AKAMAI-AS)
1	91.228.74.193 91.228.74.193	27281 (QUANTCAST) (QUANTCAST)
1	67.217.81.25 67.217.81.25	16815 (GOTO-PRIM...) (GOTO-PRIMARY-AS)
2	18.232.28.189 18.232.28.189	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:809::2013	15169 (GOOGLE) (GOOGLE)
2	51.140.6.23 51.140.6.23	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:81c::2010	15169 (GOOGLE) (GOOGLE)
2	67.217.81.34 67.217.81.34	16815 (GOTO-PRIM...) (GOTO-PRIMARY-AS)
1	52.202.69.186 52.202.69.186	14618 (AMAZON-AES) (AMAZON-AES)
109	46

1 63.240.144.198 (Darien, United States) 1 redirects

ASN17229 (ATT-CERFNET-BLOCK, US)

citibusinesspayroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.240.144.205 (Darien, United States) 1 redirects

ASN17229 (ATT-CERFNET-BLOCK, US)

www.lps.surepayroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700::6811:936b (United States)

ASN13335 (CLOUDFLARENET, US)

www.surepayroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.73.210.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-210-203.compute-1.amazonaws.com

mbsy.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 159.122.87.153 (Frankfurt am Main, Germany)

ASN36351 (SOFTLAYER, US)
PTR: 99.57.7a9f.ip4.static.sl-reverse.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1276 (United States)

ASN13335 (CLOUDFLARENET, US)

dl.episerver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:ce00:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.33.229 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress11

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.197 (United Kingdom)

ASN27281 (QUANTCAST, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.getambassador.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.176.176 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-176-176.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:1200:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:b600:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:c800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.33.131 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress7

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.116.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-116-44.eu-west-1.compute.amazonaws.com

collector-1242.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.214.33 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-33.fra53.r.cloudfront.net

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.19.198 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-19-198.eu-central-1.compute.amazonaws.com

203193.tctm.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:39e::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.124.133.106 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-133-106.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN53580 (MARKETO, US)

635-bff-282.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.48.116 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-48-116.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.193 (United Kingdom)

ASN27281 (QUANTCAST, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.217.81.25 (United States)

ASN16815 (GOTO-PRIMARY-AS, US)
PTR: b-app12-09.boldchat.com

vmss.boldchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.232.28.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-6-ue1.aws.pardot.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

app.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.140.6.23 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pendo-static-4707293416390656.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.217.81.34 (United States)

ASN16815 (GOTO-PRIMARY-AS, US)
PTR: b-app12-12.boldchat.com

vms.boldchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.69.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-1-ue1.aws.pardot.com

easy.surepayroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	surepayroll.com 1 redirects www.lps.surepayroll.com www.surepayroll.com easy.surepayroll.com	313 KB
9	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	137 KB
7	sharethis.com 1 redirects platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com t.sharethis.com	32 KB
4	pendo.io cdn.pendo.io app.pendo.io	118 KB
4	google.de www.google.de	438 B
4	google.com 2 redirects www.google.com	578 B
4	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	75 KB
4	google-analytics.com 2 redirects www.google-analytics.com	18 KB
4	googleapis.com fonts.googleapis.com pendo-static-4707293416390656.storage.googleapis.com	12 KB
3	boldchat.com vmss.boldchat.com vms.boldchat.com	16 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
2	visualstudio.com dc.services.visualstudio.com	830 B
2	pardot.com pi.pardot.com	4 KB
2	facebook.com www.facebook.com	369 B
2	bing.com bat.bing.com	8 KB
2	yimg.com s.yimg.com	7 KB
2	facebook.net connect.facebook.net	143 KB
2	tvsquared.com collector-1242.tvsquared.com	9 KB
2	marketo.net munchkin.marketo.net	6 KB
2	gstatic.com fonts.gstatic.com	18 KB
2	getambassador.com cdn.getambassador.com	174 KB
2	googleadservices.com www.googleadservices.com	20 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	7 KB
2	googletagmanager.com www.googletagmanager.com	68 KB
2	cloudflare.com cdnjs.cloudflare.com	4 KB
1	mktoresp.com 635-bff-282.mktoresp.com	303 B
1	licdn.com snap.licdn.com	2 KB
1	tctm.co 203193.tctm.co	18 KB
1	quantcount.com rules.quantcount.com	1 KB
1	consensu.org c.sharethis.mgr.consensu.org
1	youtube.com www.youtube.com Failed
1	msecnd.net az416426.vo.msecnd.net	22 KB
1	episerver.net dl.episerver.net	3 KB
1	mbsy.co mbsy.co	321 B
1	bootstrapcdn.com stackpath.bootstrapcdn.com	14 KB
1	citibusinesspayroll.com 1 redirects citibusinesspayroll.com	133 B
109	37

	Domain	Requested by
28	www.surepayroll.com	www.surepayroll.com
9	dev.visualwebsiteoptimizer.com	www.surepayroll.com dev.visualwebsiteoptimizer.com
4	www.google.de	www.surepayroll.com
4	www.google.com	2 redirects www.surepayroll.com
4	www.google-analytics.com	2 redirects www.googletagmanager.com www.surepayroll.com
3	pendo-static-4707293416390656.storage.googleapis.com	cdn.pendo.io
3	l.sharethis.com	1 redirects www.surepayroll.com
2	vms.boldchat.com	vmss.boldchat.com az416426.vo.msecnd.net
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	app.pendo.io	cdn.pendo.io
2	pi.pardot.com	www.surepayroll.com pi.pardot.com
2	t.sharethis.com	platform-api.sharethis.com t.sharethis.com
2	www.facebook.com	www.surepayroll.com
2	px.ads.linkedin.com	1 redirects www.surepayroll.com
2	bat.bing.com	www.surepayroll.com
2	s.yimg.com	www.surepayroll.com az416426.vo.msecnd.net
2	connect.facebook.net	www.surepayroll.com connect.facebook.net
2	cdn.pendo.io	www.surepayroll.com cdn.pendo.io
2	collector-1242.tvsquared.com	www.surepayroll.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	munchkin.marketo.net	www.surepayroll.com munchkin.marketo.net
2	stats.g.doubleclick.net	2 redirects
2	fonts.gstatic.com	www.surepayroll.com
2	cdn.getambassador.com	www.surepayroll.com
2	www.googleadservices.com	www.googletagmanager.com
2	static.hotjar.com	www.googletagmanager.com
2	www.googletagmanager.com	www.surepayroll.com www.googletagmanager.com
2	cdnjs.cloudflare.com	www.surepayroll.com
1	easy.surepayroll.com	pi.pardot.com
1	vmss.boldchat.com	www.surepayroll.com
1	pixel.quantserve.com	www.surepayroll.com
1	635-bff-282.mktoresp.com	az416426.vo.msecnd.net
1	www.linkedin.com	1 redirects
1	snap.licdn.com	www.surepayroll.com
1	203193.tctm.co	www.googletagmanager.com
1	vars.hotjar.com	static.hotjar.com
1	rules.quantcount.com	secure.quantserve.com
1	script.hotjar.com	static.hotjar.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	www.youtube.com	www.surepayroll.com
1	az416426.vo.msecnd.net	www.surepayroll.com
1	secure.quantserve.com	www.googletagmanager.com
1	fonts.googleapis.com	www.surepayroll.com
1	platform-api.sharethis.com	www.surepayroll.com
1	dl.episerver.net	www.surepayroll.com
1	mbsy.co	www.surepayroll.com
1	stackpath.bootstrapcdn.com	www.surepayroll.com
1	www.lps.surepayroll.com	1 redirects
1	citibusinesspayroll.com	1 redirects
109	50

This site contains no links.

Subject Issuer	Validity	Valid
www.surepayroll.com DigiCert SHA2 Extended Validation Server CA	`2019-04-15` - `2021-04-23`	2 years	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.mbsy.co Sectigo RSA Domain Validation Secure Server CA	`2019-03-28` - `2020-04-26`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2017-06-30` - `2020-07-06`	3 years	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-10-15` - `2020-10-09`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
*.sharethis.com Go Daddy Secure Certificate Authority - G2	`2017-09-26` - `2020-09-29`	3 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.getambassador.com COMODO RSA Domain Validation Secure Server CA	`2019-01-07` - `2020-03-07`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2018-03-30` - `2020-03-30`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2018-12-24` - `2020-03-24`	a year	crt.sh
*.sharethis.mgr.consensu.org Go Daddy Secure Certificate Authority - G2	`2018-05-21` - `2020-05-21`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.tvsquared.com COMODO RSA Domain Validation Secure Server CA	`2018-10-23` - `2020-10-22`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
cdn.pendo.io DigiCert SHA2 Extended Validation Server CA	`2019-06-04` - `2021-09-02`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.tctm.co Let's Encrypt Authority X3	`2020-01-04` - `2020-04-03`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-01-21` - `2020-03-06`	a month	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
cert1.a1.atm.aqfer.net Let's Encrypt Authority X3	`2019-12-26` - `2020-03-25`	3 months	crt.sh
*.boldchat.com GlobalSign Organization Validation CA - SHA256 - G2	`2019-02-05` - `2021-04-03`	2 years	crt.sh
*.pardot.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-01-17`	a year	crt.sh
app.pendo.io DigiCert SHA2 Extended Validation Server CA	`2019-07-23` - `2021-10-13`	2 years	crt.sh
dc.services.visualstudio.com Microsoft IT TLS CA 5	`2019-11-18` - `2021-11-18`	2 years	crt.sh
easy.surepayroll.com Let's Encrypt Authority X3	`2019-12-24` - `2020-03-23`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.surepayroll.com/citgbanker
Frame ID: DE280E3F1A1094D5E2B0612D96878D84
Requests: 105 HTTP requests in this frame

Frame: https://www.youtube.com/embed/I-smf_JAQic?wmode=transparent
Frame ID: 22F5628E96D18568A463C13BC33B5288
Requests: 2 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal.html
Frame ID: 3CBF72FCA42B59A3DE61188831187747
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: B6F289CE1A4532B92CB47F42B6710724
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=0.365.18106&cid=c010&cls=B
Frame ID: 4767D466D7DF7DC5A03106A884C7075F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://citibusinesspayroll.com/onlinepayroll/citibank/ HTTP 302
http://www.lps.surepayroll.com/CITGbanker HTTP 302
https://www.surepayroll.com/citgbanker Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

109
Requests

99 %
HTTPS

53 %
IPv6

37
Domains

50
Subdomains

46
IPs

7
Countries

1251 kB
Transfer

4196 kB
Size

30
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://citibusinesspayroll.com/onlinepayroll/citibank/ HTTP 302
http://www.lps.surepayroll.com/CITGbanker HTTP 302
https://www.surepayroll.com/citgbanker Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=1279871149&t=pageview&_s=1&dl=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&ul=en-us&de=UTF-8&dt=Citi%20Banker%20%7C%20SurePayroll&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=190160864&gjid=363134629&cid=973427276.1580830263&tid=UA-610453-1&_gid=546588581.1580830263&_r=1&gtm=2wg1m0MJCDTBT&cd3=null&z=983418496 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-610453-1&cid=973427276.1580830263&jid=190160864&_gid=546588581.1580830263&gjid=363134629&_v=j80&z=983418496 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-610453-1&cid=973427276.1580830263&jid=190160864&_v=j80&z=983418496 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-610453-1&cid=973427276.1580830263&jid=190160864&_v=j80&z=983418496&slf_rd=1&random=1670246837

Request Chain 46

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=1279871149&t=pageview&_s=1&dl=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&ul=en-us&de=UTF-8&dt=Citi%20Banker%20%7C%20SurePayroll&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEDAAEAB~&jid=1072548930&gjid=54429011&cid=973427276.1580830263&tid=UA-610453-59&_gid=546588581.1580830263&_r=1&gtm=2wg1m0MJCDTBT&z=1425942716 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-610453-59&cid=973427276.1580830263&jid=1072548930&_gid=546588581.1580830263&gjid=54429011&_v=j80&z=1425942716 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-610453-59&cid=973427276.1580830263&jid=1072548930&_v=j80&z=1425942716 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-610453-59&cid=973427276.1580830263&jid=1072548930&_v=j80&z=1425942716&slf_rd=1&random=2274693988

Request Chain 76

https://l.sharethis.com/pview?event=pview&hostname=www.surepayroll.com&location=%2Fcitgbanker&product=inline-share-buttons&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&source=sharethis.js&fcmp=false&title=Citi%20Banker%20%7C%20SurePayroll&cms=unknown&publisher=5c12a0c91c985700119229ca&sop=true&ts1580830263095=&consentDomain=.consensu.org&bsamesite=true&version=st_sop.js&lang=en HTTP 301
https://l.sharethis.com/sc?cm=CiAABl45jjcAAAASCMtMAw%3D%3D&uid=true&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&publisher=5c12a0c91c985700119229ca&sop=true

Request Chain 78

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=777690&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&time=1580830263251 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D777690%26url%3Dhttps%253A%252F%252Fwww.surepayroll.com%252Fcitgbanker%26time%3D1580830263251%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=777690&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&time=1580830263251&liSync=true

109 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request citgbanker Show response
www.surepayroll.com/
Redirect Chain

http://citibusinesspayroll.com/onlinepayroll/citibank/
http://www.lps.surepayroll.com/CITGbanker
https://www.surepayroll.com/citgbanker

78 KB
26 KB

3495ms
3358ms

Document
text/html

2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c197ab56bf267f36d27a8bcdf6e317f916fdb952ca7dd7c5c0527545afe37db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.surepayroll.com
:scheme: https
:path: /citgbanker
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Tue, 04 Feb 2020 15:30:43 GMT
content-type: text/html; charset=utf-8
content-length: 25174
set-cookie: __cfduid=d7e35275305d591b6d6bf62e3f77b6fbb1580830239; expires=Thu, 05-Mar-20 15:30:39 GMT; path=/; domain=.surepayroll.com; HttpOnly; SameSite=Lax ASP.NET_SessionId=wxqoq0eflsi2tapbk0fbvv32; path=/; HttpOnly; SameSite=Lax ASP.NET_SessionId=wxqoq0eflsi2tapbk0fbvv32; path=/; HttpOnly; SameSite=Lax .EPiForm_BID=14b3896f-0f41-47d3-b1a9-6cf94aeca8bc; expires=Mon, 04-May-2020 15:30:40 GMT; path=/; HttpOnly .EPiForm_VisitorIdentifier=14b3896f-0f41-47d3-b1a9-6cf94aeca8bc:; expires=Mon, 04-May-2020 15:30:40 GMT; path=/; HttpOnly __RequestVerificationToken=SOomqFTHx0esFnMhnPLaMdQyp0WviGZkVkiB8PrKoEFV_5v71nsp_NNb5T9DQ9cIK2VFo5gYj-J4QZiHF8ZyssvE4kg1; path=/; HttpOnly ARRAffinity=babb1fdcd78d3e047e08c5c6d45c466a0f35f297737d421bab1adc276c54b99e;Path=/;HttpOnly;Domain=www.surepayroll.com
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 55fdafe7ab086431-FRA

Redirect headers

Location: https://www.surepayroll.com/citgbanker
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2 200 jquery-1.12.4.min.js Show response
www.surepayroll.com/Scripts/ 95 KB
43 KB 24ms
23ms Script
application/x-javascript 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/Scripts/jquery-1.12.4.min.js

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12252264
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 43312
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Sun, 15 Sep 2019 12:58:22 GMT
server: cloudflare
etag: "0abf740c56bd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 55fdaffdab1d6431-FRA
expires: Wed, 03 Feb 2021 15:30:43 GMT

GET
H2 200 main.css
www.surepayroll.com/Static/dist/css/sprResource-56193c4f4994d55ad7e0b7a62cbb1acd/ 322 KB
103 KB 25ms
24ms Stylesheet
text/css 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/Static/dist/css/sprResource-56193c4f4994d55ad7e0b7a62cbb1acd/main.css

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82aa2c14460abbc8340d70ddd5ab8bc7661095e460f0f8eda6ddec3d4911d77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5478838
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Tue, 03 Dec 2019 02:00:46 GMT
server: cloudflare
etag: "01bfe797da9d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
cf-ray: 55fdaffdab1e6431-FRA
expires: Wed, 03 Feb 2021 15:30:43 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
14 KB 23ms
7ms Script
text/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by: Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.surepayroll.com/citgbanker
Origin: https://www.surepayroll.com

Response headers

date: Tue, 04 Feb 2020 15:30:43 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:33:54 GMT
access-control-allow-origin: *
etag: "1544639634"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 14090

GET
H/1.1 200
OK surepayroll Show response
mbsy.co/embed/v2/getcookie/ 54 B
321 B 19460ms
19119ms Script
application/x-javascript 184.73.210.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mbsy.co/embed/v2/getcookie/surepayroll
Requested by: Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.210.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-210-203.compute-1.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 6df9ff96634af9a2be5f7206fd25cbfeed18db008717541fd7e83b58fd528e2b

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 15:31:02 GMT
Via: 1.1 vegur
Server: TornadoServer/5.1.1
Etag: "1257fff1f426159159c810331a1efdb2aaf0d9c2"
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 54

GET
H2 200 WebResource.axd
www.surepayroll.com/ 3 KB
1 KB 134ms
133ms Stylesheet
text/css 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/WebResource.axd?d=s-f6ie6T4Qaxga0Un_qm83FAGA4UVdb3eOWsHKxWTQ12I58Ah5qwbm1kt2tvr20p3iIUVfHFd9iixCTrfTJAcLMxCimxslb2Xzd-KfQxS1RZBNv2BsGbs-pXOwnyd6LjYLQhdix8i4swweaUEf-GyCuswQw1&t=637066328160000000

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34e0df2df263315f668d2c41c69904e98ca8418d713c26e0e86af04bc4af0452

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1053
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Mon, 14 Oct 2019 06:53:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-expose-headers: Request-Context
cache-control: public
cf-ray: 55fdaffdab1f6431-FRA
expires: Sun, 24 Jan 2021 13:32:42 GMT

GET
H2 200 WebResource.axd Show response
www.surepayroll.com/ 95 KB
42 KB 475ms
475ms Script
application/x-javascript 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/WebResource.axd?d=rQapnFTl_pgMjn3yGS-nPsGjsc9dNGT8adFIVoR-0olcasIDWDRaRqQOoNRroWA0MXqWPlmkkGiG8tqtObeyQ2J60Ie2kmT4Q41o6PtkxvL8T3pb8hqMew5ZTwplgy0ctkGQKXKoIgxWy-iIkw_6lfKJht41&t=637066328160000000

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 43300
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Mon, 14 Oct 2019 06:53:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public
cf-ray: 55fdaffdab206431-FRA
expires: Sun, 24 Jan 2021 13:32:42 GMT

GET
H2 200 351544.js Show response
dev.visualwebsiteoptimizer.com/lib/ 246 KB
75 KB 76ms
32ms Script
text/javascript 159.122.87.153
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/lib/351544.js
Requested by: Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER, US),
Reverse DNS: 99.57.7a9f.ip4.static.sl-reverse.com
Software: dacdn2 /
Resource Hash: f13785c09e9abc1e36e3cf0893832df95878eef67a7a411bb2658cbe5642328a

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-computed: true
date: Tue, 04 Feb 2020 15:30:43 GMT
content-encoding: gzip
server: dacdn2
etag: W/"1580767955"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: no-cache,max-age=0, public, max-age=0

GET
H2 200 spr-main-logo.jpg
www.surepayroll.com/globalassets/images/ 4 KB
4 KB 33ms
33ms Image
image/webp 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.surepayroll.com/globalassets/images/spr-main-logo.jpg

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

345fc7c616056fb34b6c1f08c94b201291a8987fb42b0b6a4cad97784fbb7e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 29731
cf-polished: qual=85, origFmt=jpeg, origSize=8575
status: 200
content-disposition: inline; filename="spr-main-logo.webp"
cf-bgj: imgq:85
vary: Accept
content-length: 3944
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Tue, 30 Apr 2019 16:34:06 GMT
server: cloudflare
etag: "1D4FF72872FD300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
access-control-expose-headers: Request-Context
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 55fdaffdab216431-FRA
expires: Tue, 04 Feb 2020 19:30:43 GMT

GET
H2 200 surepayroll_always-here-to-help_877-366-0151.png
www.surepayroll.com/globalassets/images/partners/ 7 KB
8 KB 551ms
551ms Image
image/png 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.surepayroll.com/globalassets/images/partners/surepayroll_always-here-to-help_877-366-0151.png

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b42793d9968e418f18cf1e0a5bf9a1ee3f900ea9bf423128ff2146ea6826ed30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:44 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 7679
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Tue, 12 Mar 2019 14:07:24 GMT
server: cloudflare
etag: "1D4D8DCEA8B7600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
access-control-expose-headers: Request-Context
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 55fdb001cfc26431-FRA
expires: Wed, 05 Feb 2020 03:30:44 GMT

GET
H2 200 GetFormInitScript Show response
www.surepayroll.com/EPiServer.Forms/DataSubmit/ 10 KB
3 KB 534ms
534ms Script
application/x-javascript 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/EPiServer.Forms/DataSubmit/GetFormInitScript?formGuid=07470d1c-83fb-4c74-a04a-e283416b35fa&formLanguage=en

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

878d31406d623d2f91d485f6816c9eadba4f96e6bb82d82cfe7d2bb163d344e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
status: 200
access-control-expose-headers: Request-Context
cache-control: private
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 55fdaffdeb506431-FRA
content-length: 2659
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9

GET
H2 200 spr-footer-logo.png
www.surepayroll.com/globalassets/images/ 1 KB
2 KB 22ms
22ms Image
image/webp 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.surepayroll.com/globalassets/images/spr-footer-logo.png

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7492d50b831345d36f5fdf42f9a23d18a5c0e0e3d66976b3652ac514070c74f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:44 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 29731
cf-polished: origFmt=png, origSize=3790
status: 200
content-disposition: inline; filename="spr-footer-logo.webp"
cf-bgj: imgq:85
vary: Accept
content-length: 1462
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Sat, 24 Nov 2018 01:11:25 GMT
server: cloudflare
etag: "1D483929E9ADC80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
access-control-expose-headers: Request-Context
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 55fdb001dfca6431-FRA
expires: Tue, 04 Feb 2020 19:30:44 GMT

GET
H2 200 find.js Show response
dl.episerver.net/13.2.5/epi-util/ 6 KB
3 KB 40ms
15ms Script
application/javascript 2606:4700::6812:1276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.episerver.net/13.2.5/epi-util/find.js
Requested by: Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 50cd27879f03f1b1a0c173b14e4f30390362555145ecd8169d65d84e5fb6c055

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:43 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3198
x-powered-by: ASP.NET
status: 200
content-length: 2640
last-modified: Thu, 17 Oct 2019 12:43:43 GMT
server: cloudflare
etag: W/"6234-1571316223072"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 55fdaffe0cb7c2f9-FRA
expires: Wed, 05 Feb 2020 15:30:43 GMT

GET
H2 200 WebResource.axd Show response
www.surepayroll.com/ 35 KB
13 KB 471ms
471ms Script
application/x-javascript 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/WebResource.axd?d=TzRGlCddaaqtz0Im2nSJhHeRRlq-jg7P_eNtfRvyMeSUWC9oeE4ye3KpoIJ8eJeRIuNIO7E7FfWrDPNlQTs5vZ2rDxvrtW79WAkoxMYpIOiL2KhNR6TNCGzEuVQcZQkoRWFiPEW7iBLjOMLOPBbRAhLcLN81&t=637066328160000000

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3836e0bed2e5e2a6a702d318af4042cf8ac8a163ca70d5fd33a187e2e6512f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 13041
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Mon, 14 Oct 2019 06:53:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public
cf-ray: 55fdaffe2bc86431-FRA
expires: Sun, 24 Jan 2021 13:32:42 GMT

GET
H2 200 main.js Show response
www.surepayroll.com/Static/dist/js/main/sprResource-cb037e8f6d65a4d123e49d010dba787e/ 10 KB
3 KB 56ms
55ms Script
application/x-javascript 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/Static/dist/js/main/sprResource-cb037e8f6d65a4d123e49d010dba787e/main.js

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55db50c9721c11691d122bdbf106e5399777a7576da8b12033637f75cbaf5bb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36568
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 3199
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Tue, 17 Dec 2019 22:19:56 GMT
server: cloudflare
etag: "0ce921c28b5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 55fdb0011f1a6431-FRA
expires: Wed, 03 Feb 2021 15:30:44 GMT

GET
H2 200 jquery-functions.js Show response
www.surepayroll.com/Static/dist/js/global/sprResource-f6f084daa56cc49a7fd3e35162e47882/ 6 KB
3 KB 19ms
18ms Script
application/x-javascript 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/Static/dist/js/global/sprResource-f6f084daa56cc49a7fd3e35162e47882/jquery-functions.js

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c87077647d6688d0812550fe8eacdb87f380fa2ce76a849c6d7275b382dbbaa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12260521
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2465
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Sun, 15 Sep 2019 13:00:42 GMT
server: cloudflare
etag: "0f96994c56bd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 55fdb0013f326431-FRA
expires: Wed, 03 Feb 2021 15:30:44 GMT

GET
H2 200 jquery.dataTables.min.js Show response
www.surepayroll.com/Static/dist/js/vendor/ 78 KB
34 KB 25ms
24ms Script
application/x-javascript 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/Static/dist/js/vendor/jquery.dataTables.min.js

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df3d8a838fc6f9d6412e3e8dbcbe46073d24e75a23f6275cc88217e0626d537c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36567
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 34958
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Tue, 17 Dec 2019 22:19:56 GMT
server: cloudflare
etag: "0ce921c28b5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 55fdb001ffec6431-FRA
expires: Wed, 03 Feb 2021 15:30:44 GMT

GET
H2 200 jquery.fitvids.js Show response
www.surepayroll.com/Static/dist/js/vendor/ 3 KB
1 KB 35ms
35ms Script
application/x-javascript 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/Static/dist/js/vendor/jquery.fitvids.js

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5b595c4ca0c8a5c9b06021b7300e17d232cdb061302b98317c429bbfc86c632

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8316344
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1405
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Tue, 29 Oct 2019 20:15:48 GMT
server: cloudflare
etag: "072faa6958ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 55fdb00228146431-FRA
expires: Wed, 03 Feb 2021 15:30:44 GMT

GET
H2 200 moment.min.js Show response
www.surepayroll.com/Static/dist/js/vendor/ 19 KB
8 KB 22ms
21ms Script
application/x-javascript 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/Static/dist/js/vendor/moment.min.js

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfecbe118b9759404b3d766f6beffdf9ccbbbb21dd1123289eb1354d0ecb5b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12260521
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 8401
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Sun, 15 Sep 2019 13:00:42 GMT
server: cloudflare
etag: "0f96994c56bd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 55fdb00258496431-FRA
expires: Wed, 03 Feb 2021 15:30:44 GMT

GET
H2 200 modernizr.custom.js Show response
www.surepayroll.com/Scripts/ 12 KB
6 KB 21ms
21ms Script
application/x-javascript 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/Scripts/modernizr.custom.js

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65a8d01458ae2fc8b519ef48056ba6220c5835c9c40e9685a30046d44f773f0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12260521
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 6068
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Sun, 15 Sep 2019 12:58:22 GMT
server: cloudflare
etag: "0abf740c56bd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 55fdb00288696431-FRA
expires: Wed, 03 Feb 2021 15:30:44 GMT

GET
H2 200 form-cookies.js Show response
www.surepayroll.com/Static/dist/js/forms/sprResource-43483db4c19c6e47e3810df784d8a9f6/ 4 KB
2 KB 63ms
63ms Script
application/x-javascript 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/Static/dist/js/forms/sprResource-43483db4c19c6e47e3810df784d8a9f6/form-cookies.js

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

085c4afa303b843dc6a6b1860c156c86d7d2163d3884e32afc1f304b59c2d6a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8404945
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1583
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Tue, 29 Oct 2019 20:15:48 GMT
server: cloudflare
etag: "072faa6958ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 55fdb0015f4d6431-FRA
expires: Wed, 03 Feb 2021 15:30:44 GMT

GET
H2 200 QuoteForm.js Show response
www.surepayroll.com/Static/dist/js/forms/sprResource-081349d24a290914b82f67239257b63f/ 7 KB
2 KB 20ms
20ms Script
application/x-javascript 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/Static/dist/js/forms/sprResource-081349d24a290914b82f67239257b63f/QuoteForm.js

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

222f94c6e80f0b3b650ebddaa7cabe92a4571777b82ed1eccfcdd7bc1e3087d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12260521
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2096
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Sun, 15 Sep 2019 13:00:42 GMT
server: cloudflare
etag: "0f96994c56bd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 55fdb0017f6a6431-FRA
expires: Wed, 03 Feb 2021 15:30:44 GMT

GET
H2 200 ReferralRewardsForm.js Show response
www.surepayroll.com/Static/dist/js/forms/sprResource-3169c8a93dd5180f6574895029c45a71/ 4 KB
1 KB 16ms
16ms Script
application/x-javascript 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/Static/dist/js/forms/sprResource-3169c8a93dd5180f6574895029c45a71/ReferralRewardsForm.js

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75db834dcf29f78fb5bec93666f7fc253fa5a2ee6a54222c92da44d6d393179a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36567
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1247
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Tue, 17 Dec 2019 22:19:56 GMT
server: cloudflare
etag: "0ce921c28b5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 55fdb0019f8a6431-FRA
expires: Wed, 03 Feb 2021 15:30:44 GMT

GET
H2 200 jquery.lazy.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/ 5 KB
2 KB 13ms
13ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/jquery.lazy.min.js

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecf4a6176a23634e19ed80b01b9c30bc7f9b754c55d4f3c220e46fbd3607a3b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 8496170
cf-ray: 55fdb001be69c2ef-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Tue, 22 May 2018 14:15:52 GMT
server: cloudflare
etag: W/"5b042618-139e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 24 Jan 2021 15:30:44 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H2 200 jquery.lazy.plugins.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/ 4 KB
1 KB 12ms
12ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/jquery.lazy.plugins.min.js

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35ecbd48276f3dec75c9f9c8f9f638ad2aeb5b74c387a731cefade25466e9ffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 8324470
cf-ray: 55fdb001be82c2ef-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Tue, 22 May 2018 14:15:52 GMT
server: cloudflare
etag: W/"5b042618-113c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 24 Jan 2021 15:30:44 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.000

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 90 KB
28 KB 23ms
9ms Script
text/javascript 2600:9000:214f:ce00:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:ce00:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9c8c2bd991b19902c8cb90bcc99a960a88a9efebaf022cd1d4f474510aa2a757

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:29:42 GMT
content-encoding: gzip
age: 64
etag: W/"167be-8DIvRrzW3PEk4KZ1oorsWTPrmpc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
status: 200
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 1CoyPs6-QEtphsuiy8SfSuam_4cC73xozwRzY2iogaGHoxV_J7OQ0w==
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)

GET
H2 200 css
fonts.googleapis.com/ 26 KB
1 KB 19ms
19ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ca4886256b91e6b49639211f92b0f7f19c689bd8198740fe2f8b58d04682650

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 04 Feb 2020 15:30:43 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 04 Feb 2020 15:30:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 04 Feb 2020 15:30:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
40 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJCDTBT

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dccdda3062baf6082eb9d1e8bc1e1e392410e777091e360187d23366bb11ee07

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:02 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=300; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41267
x-xss-protection: 0
last-modified: Tue, 04 Feb 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Feb 2020 15:31:02 GMT

GET
H2 200 gv.gif Show response
dev.visualwebsiteoptimizer.com/ 648 B
594 B 22ms
21ms Script
text/javascript 159.122.87.153
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/gv.gif?a=351544&u=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/351544.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER, US),
Reverse DNS: 99.57.7a9f.ip4.static.sl-reverse.com
Software: dacdn2 /
Resource Hash: eef99fbd7bebd5d5b8e03e837e2d7b90c6203c6f3a53f0b4a1ba79190a995afe

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Tue, 04 Feb 2020 15:31:02 GMT
content-encoding: gzip
server: dacdn2
timing-allow-origin: *
content-type: text/javascript; charset=UTF-8

GET
H2 200 opa-ec4a5f60e2f69e8abdae242272cca74b.js Show response
dev.visualwebsiteoptimizer.com/analysis/2.0/ 150 KB
43 KB 22ms
22ms Script
application/javascript 159.122.87.153
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/2.0/opa-ec4a5f60e2f69e8abdae242272cca74b.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/351544.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER, US),
Reverse DNS: 99.57.7a9f.ip4.static.sl-reverse.com
Software: dacdn2 /
Resource Hash: 63de39b7cb45640fb5d0b035ef4f05cc4676619b02270939334abed407e9f3ec

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:02 GMT
content-encoding: br
last-modified: Fri, 20 Dec 2019 11:17:58 GMT
server: dacdn2
access-control-allow-origin: *
etag: "5dfcade6-a932"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 43314

GET
H2 200 track-3a851ae4f8ad73489168e2c099a3c55d.js Show response
dev.visualwebsiteoptimizer.com/6.0/ 11 KB
4 KB 22ms
21ms Script
text/javascript 159.122.87.153
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/6.0/track-3a851ae4f8ad73489168e2c099a3c55d.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/351544.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER, US),
Reverse DNS: 99.57.7a9f.ip4.static.sl-reverse.com
Software: dacdn2 /
Resource Hash: 19ece2daf3aade1705797690a471d5e3c50d1e342749373b4a123aa9f8c41267

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:02 GMT
content-encoding: br
last-modified: Fri, 31 Jan 2020 14:14:27 GMT
server: dacdn2
access-control-allow-origin: *
etag: "5e343643-dae"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3502

GET
H2 200 tpc Show response
dev.visualwebsiteoptimizer.com/ 33 B
150 B 22ms
22ms Script
text/javascript 159.122.87.153
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/tpc?a=351544&r=0.9076310092032356
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/351544.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER, US),
Reverse DNS: 99.57.7a9f.ip4.static.sl-reverse.com
Software: dacdn2 /
Resource Hash: 49cd92ccfacd2748c7ec362930e9de5251c1091b637400a2f547c27b27cbf075

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

status: 200
date: Tue, 04 Feb 2020 15:31:02 GMT
content-encoding: gzip
server: dacdn2
content-type: text/javascript; charset=UTF-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
4ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJCDTBT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 01:10:36 GMT
server: Golfe2
age: 3449
date: Tue, 04 Feb 2020 14:33:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17926
expires: Tue, 04 Feb 2020 16:33:33 GMT

GET
H2 200 hotjar-1035906.js Show response
static.hotjar.com/c/ 23 KB
3 KB 153ms
113ms Script
application/javascript 147.75.33.229
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1035906.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJCDTBT

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.33.229 Amsterdam, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress11

Software

Resource Hash

92c062f0a84e8c42107abb82ee314f753632946ef08c1f6f070323c798951800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 0
status: 200
access-control-max-age: 600
section-io-cache: Miss
content-length: 3058
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/dea78a93956e954f24b9873408bd7a5a
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.092
accept-ranges: bytes
section-io-id: e9e877530b9bc5877d7ae2608459ec76
section-origin-responded: true

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 13 KB
6 KB 105ms
26ms Script
application/x-javascript 91.228.74.197
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJCDTBT

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.197 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 15:31:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04-Feb-2020 15:31:03 GMT
Server: QS
ETag: M0-56c8c653
Vary: Accept-Encoding
Strict-Transport-Security: max-age=86400
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5651
Expires: Tue, 11 Feb 2020 15:31:03 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 34ms
33ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJCDTBT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f2.1e100.net

Software

cafe /

Resource Hash

338dcbb3305bedccf6f4a34fcc8dd8acc4bf67cfe825f79d7734faaf27696098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9929
x-xss-protection: 0
server: cafe
etag: 14452000459530203521
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 04 Feb 2020 15:31:03 GMT

GET
H2 200 hotjar-1433347.js Show response
static.hotjar.com/c/ 3 KB
2 KB 58ms
18ms Script
application/javascript 147.75.33.229
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1433347.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJCDTBT

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.33.229 Amsterdam, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress11

Software

Resource Hash

81d9b781fec035f866e5dd73dac89e310fd4d2aa4c818fd45641c51cdb841288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 13
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 1610
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/06ee31d165b7482e40cd26d26ad31211
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.084
accept-ranges: bytes
section-io-id: 8c7a1395b12e8108723f34f530ddff21
section-origin-responded: true

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
236 B 23ms
21ms Image
image/gif 159.122.87.153
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?a=351544&d=surepayroll.com&u=D95C0698B1A75BF9B4A2E4568E72239A4&h=13252920adf1d6d054030e1be6302e75&r=0.20958419627596525

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER, US),

Reverse DNS

99.57.7a9f.ip4.static.sl-reverse.com

Software

dacdn2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 15:31:03 GMT
x-content-type-options: nosniff
server: dacdn2
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 2 KB
789 B 26ms
25ms Script
application/javascript 159.122.87.153
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=351544&settings_type=2&vn=6.0&r=0.5848875906899447&u=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/351544.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER, US),
Reverse DNS: 99.57.7a9f.ip4.static.sl-reverse.com
Software: dacdn2 /
Resource Hash: 98a7b840c8cb2217f02ae508f724f5b136c2c28b80ab70b86937bb2e9bcd69c4

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: gzip
server: dacdn2
content-type: application/javascript; charset=UTF-8

GET
H2 200 dyn Show response
dev.visualwebsiteoptimizer.com/ 247 B
307 B 26ms
25ms Script
text/javascript 159.122.87.153
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/dyn
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/351544.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER, US),
Reverse DNS: 99.57.7a9f.ip4.static.sl-reverse.com
Software: dacdn2 /
Resource Hash: 5e2101318f20a45523f5acfdf3ae8246754317dda922b9370306bee6a220c5af

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: gzip
server: dacdn2
content-type: text/javascript; charset=UTF-8

GET
H2 200 us-3e543582-d07d-42d6-b705-a1243091ad34.js Show response
cdn.getambassador.com/ 357 KB
87 KB 96ms
21ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getambassador.com/us-3e543582-d07d-42d6-b705-a1243091ad34.js
Requested by: Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy / Express
Resource Hash: 62c9cb4113ae6f7d27c252887e99b85342db6ed2824c953c1e6680dc7113d655

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: gzip
age: 320215
x-powered-by: Express
x-cache: HIT
status: 200
content-length: 88783
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
server: Cowboy
x-timer: S1580830263.076121,VS0,VE1
etag: W/"59442-BdAQ6aIVH5n+8O7X05RFMvfubCc"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 vegur, 1.1 varnish
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
access-control-allow-headers: accept, authorization, cache-control, content-type, mbsy-universal-id, mbsy-universal-location, origin, x-mbsy-client-id, x-mbsy-url
x-cache-hits: 1

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
Origin: https://www.surepayroll.com

Response headers

date: Sat, 01 Feb 2020 00:22:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 313716
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Sun, 31 Jan 2021 00:22:27 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 95 KB
22 KB 76ms
19ms Script
application/x-javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8AAA) /
Resource Hash: 013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: gzip
content-md5: 7JhCKwvLjoUoS5N/nN9LRA==
age: 50427
x-cache: HIT
status: 200
content-length: 21636
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jun 2019 21:34:18 GMT
server: ECAcc (ama/8AAA)
etag: 0x8D6EEB48F61B4AC
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2f28fef3-a01e-00ba-2ffa-da04ed000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, immutable
x-ms-version: 2009-09-19

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
Origin: https://www.surepayroll.com

Response headers

date: Wed, 22 Jan 2020 14:33:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 1126627
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9080
x-xss-protection: 0
expires: Thu, 21 Jan 2021 14:33:56 GMT

GET
H2 200 worker.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
14 KB 66ms
23ms XHR
application/javascript 159.122.87.153
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/2.0/opa-ec4a5f60e2f69e8abdae242272cca74b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER, US),
Reverse DNS: 99.57.7a9f.ip4.static.sl-reverse.com
Software: dacdn2 /
Resource Hash: 7f26039bc285692ece41166f9c171051da8e93c3bae29e9ee1b888335e394bce

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.surepayroll.com/citgbanker
Origin: https://www.surepayroll.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: br
last-modified: Fri, 20 Dec 2019 11:17:58 GMT
server: dacdn2
status: 200
etag: "5dfcade6-3536"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13622

GET I-smf_JAQic
www.youtube.com/embed/ Frame 22F5 0
0

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=1279871149&t=pageview&_s=1&dl=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&ul=en-us&de=UTF-8&dt=Citi%20Banker%20%7C%20SurePayroll&sd=24-bit...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-610453-1&cid=973427276.1580830263&jid=190160864&_gid=546588581.1580830263&gjid=363134629&_v=j80&z=983418496
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-610453-1&cid=973427276.1580830263&jid=190160864&_v=j80&z=983418496
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-610453-1&cid=973427276.1580830263&jid=190160864&_v=j80&z=983418496&slf_rd=1&random=1670246837

42 B
109 B

18ms
17ms

Image
image/gif

2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-610453-1&cid=973427276.1580830263&jid=190160864&_v=j80&z=983418496&slf_rd=1&random=1670246837

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 15:31:03 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 Feb 2020 15:31:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-610453-1&cid=973427276.1580830263&jid=190160864&_v=j80&z=983418496&slf_rd=1&random=1670246837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=1279871149&t=pageview&_s=1&dl=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&ul=en-us&de=UTF-8&dt=Citi%20Banker%20%7C%20SurePayroll&sd=24-bit...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-610453-59&cid=973427276.1580830263&jid=1072548930&_gid=546588581.1580830263&gjid=54429011&_v=j80&z=1425942716
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-610453-59&cid=973427276.1580830263&jid=1072548930&_v=j80&z=1425942716
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-610453-59&cid=973427276.1580830263&jid=1072548930&_v=j80&z=1425942716&slf_rd=1&random=2274693988

42 B
109 B

19ms
18ms

Image
image/gif

2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-610453-59&cid=973427276.1580830263&jid=1072548930&_v=j80&z=1425942716&slf_rd=1&random=2274693988

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 15:31:03 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 Feb 2020 15:31:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-610453-59&cid=973427276.1580830263&jid=1072548930&_v=j80&z=1425942716&slf_rd=1&random=2274693988
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
108 B 6ms
6ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j80&a=1279871149&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&ul=en-us&de=UTF-8&dt=Citi%20Banker%20%7C%20SurePayroll&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Pardot&ea=Read%20Pardot%20Visitor%20ID&_u=YEDAAEAB~&jid=&gjid=&cid=973427276.1580830263&tid=UA-610453-59&_gid=546588581.1580830263&gtm=2wg1m0MJCDTBT&z=2078016599

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 07:48:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 27747
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 I-smf_JAQic
www.youtube.com/embed/ Frame 22F5 0
0 128ms
127ms Document
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/I-smf_JAQic?wmode=transparent

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/Scripts/jquery-1.12.4.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/I-smf_JAQic?wmode=transparent
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.surepayroll.com/citgbanker
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.surepayroll.com/citgbanker

Response headers

status: 200
content-encoding: br
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-type: text/html; charset=utf-8
cache-control: no-cache
expires: Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options: nosniff
date: Tue, 04 Feb 2020 15:31:03 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=8HwWjZKmtO4; path=/; domain=.youtube.com; secure; expires=Sun, 02-Aug-2020 15:31:03 GMT; httponly; samesite=None YSC=gtiHHJ91wSY; path=/; domain=.youtube.com; httponly VISITOR_INFO1_LIVE=8HwWjZKmtO4; path=/; domain=.youtube.com; secure; expires=Sun, 02-Aug-2020 15:31:03 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 04-Feb-2020 16:01:03 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 FormScript.js Show response
www.surepayroll.com/ClientResources/ViewMode/ 5 KB
2 KB 23ms
23ms Script
application/x-javascript 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/ClientResources/ViewMode/FormScript.js

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/WebResource.axd?d=TzRGlCddaaqtz0Im2nSJhHeRRlq-jg7P_eNtfRvyMeSUWC9oeE4ye3KpoIJ8eJeRIuNIO7E7FfWrDPNlQTs5vZ2rDxvrtW79WAkoxMYpIOiL2KhNR6TNCGzEuVQcZQkoRWFiPEW7iBLjOMLOPBbRAhLcLN81&t=637066328160000000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c82e236ec4aac84e9fdf26b0c972f0d8f3d81a52d6c21b6646469da7ee54de16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8316363
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1843
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Tue, 29 Oct 2019 20:13:34 GMT
server: cloudflare
etag: "0ab1b57958ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 55fdb0781dbe6431-FRA
expires: Wed, 03 Feb 2021 15:31:03 GMT

GET
H2 200 MinimumStringLengthValidator.js Show response
www.surepayroll.com/ClientResources/ViewMode/ 1 KB
703 B 34ms
33ms Script
application/x-javascript 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/ClientResources/ViewMode/MinimumStringLengthValidator.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ddba7b029e4e5e85674320c58e072badc84885efbd38e7f5407c29b600f349d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5994320
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 594
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Tue, 19 Nov 2019 23:14:52 GMT
server: cloudflare
etag: "07e93252f9fd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 55fdb0781dbf6431-FRA
expires: Wed, 03 Feb 2021 15:31:03 GMT

GET
H2 200 MaximumStringLengthValidator.js Show response
www.surepayroll.com/ClientResources/ViewMode/ 1 KB
670 B 26ms
25ms Script
application/x-javascript 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/ClientResources/ViewMode/MaximumStringLengthValidator.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43263e1a4e561dc8c93b62c926c01e776f0d216843be1b4bb1d56042929b3e7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12260537
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 594
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Sun, 15 Sep 2019 12:58:22 GMT
server: cloudflare
etag: "0abf740c56bd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 55fdb0781dc46431-FRA
expires: Wed, 03 Feb 2021 15:31:03 GMT

GET
H2 200 PhoneValidator.js Show response
www.surepayroll.com/ClientResources/ViewMode/ 1 KB
647 B 35ms
35ms Script
application/x-javascript 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/ClientResources/ViewMode/PhoneValidator.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6980cd228111179ae58d43ca337cb5ad753bbc5bdf06f8a3e3366b384473aca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8404962
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 567
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Tue, 29 Oct 2019 20:13:34 GMT
server: cloudflare
etag: "0ab1b57958ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 55fdb0781dc76431-FRA
expires: Wed, 03 Feb 2021 15:31:03 GMT

GET
H2 200 CustomPositiveIntegerValidator.js Show response
www.surepayroll.com/ClientResources/ViewMode/ 397 B
454 B 21ms
20ms Script
application/x-javascript 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/ClientResources/ViewMode/CustomPositiveIntegerValidator.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cefcfe18cb7a3466eb48a8e879a060e45d3450e1806b7b9001fa11ccd64335ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6441463
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 367
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Tue, 19 Nov 2019 23:14:52 GMT
server: cloudflare
etag: "07e93252f9fd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 55fdb0783e056431-FRA
expires: Wed, 03 Feb 2021 15:31:03 GMT

GET
H2 200 Index
www.surepayroll.com/util/LiveMonitor/Tracking/ 44 B
526 B 129ms
128ms Image
image/gif 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.surepayroll.com/util/LiveMonitor/Tracking/Index?contentId=15420&languageId=en&r=0.11350934424328485&referrer=

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 15:31:03 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, proxy-revalidate, private, no-cache=Set-Cookie
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
cf-ray: 55fdb0784e106431-FRA
content-length: 44
expires: -1

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 82ms
31ms Script
application/x-javascript 95.101.176.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.176.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-176-176.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6c9094cac8fa542195988d92ed1705cf5c88cea911f55a85711ad27006041e75

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 15:31:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jan 2020 02:58:58 GMT
Server: Apache
ETag: "84c4b4b08c71ce1110818e8853f50222:1580180338"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 768

GET
H2 200 GetOrganicLink Show response
www.surepayroll.com/cms-app/FormInfo/ 15 B
344 B 140ms
140ms XHR
application/json 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/cms-app/FormInfo/GetOrganicLink?referrer=

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/Scripts/jquery-1.12.4.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b394506bc1433f485a9a6d2b8df6282032cb4cf57e11797e9042aea355d44fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.surepayroll.com/citgbanker
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
status: 200
access-control-expose-headers: Request-Context
cache-control: private
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 55fdb0783e076431-FRA
content-length: 135
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9

GET
H2 200 / Show response
www.surepayroll.com/cms-app/FormInfo/GetSiteEntry/ 57 B
417 B 125ms
125ms XHR
application/json 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surepayroll.com/cms-app/FormInfo/GetSiteEntry/?siteentryurl=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/Scripts/jquery-1.12.4.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa537344fa28b1060dd72cdf0d2765508ffd804984c65de95b0388a4aa30c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.surepayroll.com/citgbanker
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
status: 200
access-control-expose-headers: Request-Context
cache-control: private
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 55fdb0783e096431-FRA
content-length: 171
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9

GET
H2 200 5c12a0c91c985700119229ca.js Show response
buttons-config.sharethis.com/js/ 852 B
1 KB 390ms
373ms Script
text/javascript 2600:9000:2057:1200:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5c12a0c91c985700119229ca.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:1200:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d2131a3a82a28076131fcc7129a68ab654cea11b3417d75b2749090dc1eec46

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:04 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
last-modified: Thu, 13 Dec 2018 18:33:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "dd262146f6e28c15675761961be79205"
x-cache: Miss from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=60,public
accept-ranges: bytes
content-length: 852
x-amz-cf-id: PK8zwdRUtTZNmP0Hco9dFJYa_w7TyIW-gzY76vNH-bQeLPKTlWSQ9g==

GET
H2 200 portal.html
c.sharethis.mgr.consensu.org/ Frame 3CBF 0
0 22ms
6ms Document
text/html 2600:9000:2057:b600:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:b600:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.surepayroll.com/citgbanker
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.surepayroll.com/citgbanker

Response headers

status: 200
content-type: text/html; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
accept-ranges: bytes
last-modified: Mon, 27 Jan 2020 20:26:17 GMT
content-encoding: gzip
date: Tue, 04 Feb 2020 15:30:21 GMT
cache-control: max-age=600, public
etag: W/"3802-16fe8aef228"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b0954612f115b3d0a0db0a669e45ae8f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: wZVVPuaCimHyRUinEJ8I3svBaUWP_JE3Dqd3HlnNYbD9jgW86VH80w==
age: 42

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072465258/ 2 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072465258/?random=1580830263114&cv=9&fst=1580830263114&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&tiba=Citi%20Banker%20%7C%20SurePayroll&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86be886f9b5e1eb0339ae88e5ae32eb35bdfb8ea2ba2c4934482d2c6ab34d7e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1007
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.9ad849c74ae56ab50f63.js Show response
script.hotjar.com/ 401 KB
70 KB 59ms
19ms Script
application/javascript 147.75.33.229
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.9ad849c74ae56ab50f63.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1433347.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.33.229 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress11
Software: /
Resource Hash: 5bab148520bb9b4b911f4da5ab8fd2c4a32333142fa835aaa645d6094396aab4

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: br
content-type: application/javascript
age: 607893
status: 200
section-io-cache: Hit
content-length: 71256
last-modified: Tue, 28 Jan 2020 14:35:53 GMT
etag: "1d20895803c0fbc2ae7dc220b20b6a79"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.081
accept-ranges: bytes
section-io-id: 1027d6cb84aff955ccd2e9e44769e2a5
section-origin-responded: true

GET
H2 200 rules-p-0zw96-V5Rcpk6.js Show response
rules.quantcount.com/ 3 KB
1 KB 376ms
361ms Script
application/x-javascript 2600:9000:2057:c800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-0zw96-V5Rcpk6.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:c800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b9b662f650ee5329e023ed176b8060380813397f0376021d855da47b3c5b66f

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 11:25:52 GMT
content-encoding: gzip
last-modified: Fri, 24 Jan 2020 21:15:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-id: 0wbWJ9z9pfrxPH-nlhxlxbhMtOGky-u5Urzmrz4sHJu0e6rdgB24-Q==
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame B6F2 0
0 60ms
19ms Document
text/html 147.75.33.131
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1433347.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.33.131 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress7
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.surepayroll.com/citgbanker
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.surepayroll.com/citgbanker

Response headers

status: 200
date: Tue, 04 Feb 2020 15:31:03 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 29 Jan 2020 12:33:12 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.023
section-origin-responded: true
age: 528884
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 041c01a2c44faa5e196e967f4349c3b2

GET
H/1.1 200
OK tv2track.js Show response
collector-1242.tvsquared.com/ 20 KB
9 KB 188ms
38ms Script
application/javascript 34.248.116.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-1242.tvsquared.com/tv2track.js
Requested by: Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.116.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-116-44.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0a9aa75388f20120607c9ca759ff9be8076260ee661c01ca367dada52c8f36a0

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 15:31:03 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Nov 2019 13:48:19 GMT
Server: nginx
ETag: "5de121a3-2113"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 8467
Expires: Tue, 04 Feb 2020 15:41:03 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1072465258/ 42 B
110 B 37ms
37ms Image
image/gif 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1072465258/?random=1580830263114&cv=9&fst=1580828400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1m0&sendb=1&frm=0&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&tiba=Citi%20Banker%20%7C%20SurePayroll&async=1&fmt=3&is_vtc=1&random=3190442898&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 15:31:03 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1072465258/ 42 B
110 B 23ms
23ms Image
image/gif 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1072465258/?random=1580830263114&cv=9&fst=1580828400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1m0&sendb=1&frm=0&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&tiba=Citi%20Banker%20%7C%20SurePayroll&async=1&fmt=3&is_vtc=1&random=3190442898&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 15:31:03 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/bf506cfa-b006-4806-5f7d-810298f1ff59/ 330 KB
105 KB 101ms
44ms Script
application/javascript 143.204.214.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/bf506cfa-b006-4806-5f7d-810298f1ff59/pendo.js
Requested by: Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-33.fra53.r.cloudfront.net
Software: UploadServer /
Resource Hash: 01a05b63d3b62e8d3732323b97d2048dc4b12f510349811285186ef8143de1b0

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 02:30:10 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA53-C1
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Jan 2020 19:10:59 GMT
Server: UploadServer
ETag: "1ad1192a0162359ddaff8b9ce2707f87"
Vary: Accept-Encoding
x-goog-hash: crc32c=pXJOgA==, md5=GtEZKgFiNZ3a/4uc4nB/hw==
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-goog-generation: 1580411459937183
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 106171
Accept-Ranges: bytes
X-GUploader-UploadID: AEnB2UoPtzoPLHACun9BG74wXtthZ5-Bbt-LG2H8WQvE_Qz9E0Lz2oi9PFKNY_OEdnhMLLVH6lsJNwaZPj691uKXr-R6e1KoUA
X-Amz-Cf-Id: WLF9DtDd36ZilTWTorUltOXrqnURLytquZV28CiZEVaBlheYy7yp8w==
Expires: Tue, 04 Feb 2020 02:37:40 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: V1DmdG2IIqWDKOYuHpK+yx7ANnw9LR2UtMUgs1QIn5bTFFNQTPhOcqIRk7ZgJIxhoJ4dhonR1VCX8ubruxW8eQ==
x-fb-trip-id: 1850256238
date: Tue, 04 Feb 2020 15:31:03 GMT, Tue, 04 Feb 2020 15:31:03 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 us-3e543582-d07d-42d6-b705-a1243091ad34.js Show response
cdn.getambassador.com/ 357 KB
87 KB 26ms
23ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getambassador.com/us-3e543582-d07d-42d6-b705-a1243091ad34.js
Requested by: Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy / Express
Resource Hash: 62c9cb4113ae6f7d27c252887e99b85342db6ed2824c953c1e6680dc7113d655

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: gzip
age: 320215
x-powered-by: Express
x-cache: HIT
status: 200
content-length: 88783
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
server: Cowboy
x-timer: S1580830263.212672,VS0,VE0
etag: W/"59442-BdAQ6aIVH5n+8O7X05RFMvfubCc"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 vegur, 1.1 varnish
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
access-control-allow-headers: accept, authorization, cache-control, content-type, mbsy-universal-id, mbsy-universal-location, origin, x-mbsy-client-id, x-mbsy-url
x-cache-hits: 2

GET
H2 200 t.js Show response
203193.tctm.co/ 52 KB
18 KB 93ms
35ms Script
application/x-javascript 52.57.19.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://203193.tctm.co/t.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJCDTBT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.57.19.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-19-198.eu-central-1.compute.amazonaws.com
Software: ctm /
Resource Hash: 4090d2f7bc4a888dffea063e8e4598fd028670517fb34276b6a9dbc69b1fba7d

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: gzip
last-modified: Tue, 04 Feb 2020 15:31:03 GMT
server: ctm
etag: W/5e398e37000319b928948c9b-203193
content-type: application/x-javascript
status: 200
cache-control: no-cache, no-store, must-revalidate

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 9ms
9ms Script
application/x-javascript 2a02:26f0:10c:39e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:39e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 15:31:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=15274
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 24 KB
7 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

6c1472520b668aae52d693d940ccb27e6018a2b6034257eab0e3fa0635d6e05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2486
x-amz-server-side-encryption: AES256
status: 200
content-length: 6923
strict-transport-security: max-age=15552000
x-amz-request-id: 247CF6E76084BD09
x-amz-id-2: 9XGLJEAdfcEbtT38SY/lYfFshIP2d2z+N6zj8PgyHU1dAj2zDjiTwfxZYGbGizaBllxRhQjjLOs=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 24 Feb 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 20 Jan 2020 10:57:46 GMT
server: ATS
etag: "87979af60825dc3955d617bf362ac2cf-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
x-amz-version-id: SLAS5izKJxtni8maKdLju1blUijqa4el
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1072465258

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJCDTBT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f620166b1596afedcfb66dd4bf2d243f01f44d069dd315fd3f14989a562fa57b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=300; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28471
x-xss-protection: 0
last-modified: Tue, 04 Feb 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Feb 2020 15:31:03 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
8 KB 51ms
27ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:02 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 21:01:31 GMT
x-msedge-ref: Ref A: 514F3AF351A94AC2BA1FA2A593292C42 Ref B: FRAEDGE0113 Ref C: 2020-02-04T15:31:03Z
access-control-allow-origin: *
etag: "8087c39c79d8d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7295

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/156/ 9 KB
5 KB 34ms
33ms Script
application/x-javascript 95.101.176.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/156/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.176.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-176-176.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e6cf48bc1bfd904673cda470939d69e4c555779587d2361e65d03869b26eeebf

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 15:31:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Sep 2019 20:22:41 GMT
Server: Apache
ETag: "24e78e4d5137c385c6e3393d80cfd6bf:1568751761"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4198
Expires: Thu, 14 May 2020 15:31:03 GMT

GET
H/1.1

301
Moved Permanently

sc Show response
l.sharethis.com/
Redirect Chain

https://l.sharethis.com/pview?event=pview&hostname=www.surepayroll.com&location=%2Fcitgbanker&product=inline-share-buttons&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&source=sharethis.js&fcm...
https://l.sharethis.com/sc?cm=CiAABl45jjcAAAASCMtMAw%3D%3D&uid=true&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&publisher=5c12a0c91c985700119229ca&sop=true

0
-1 B

85ms
21ms

XHR
text/html

3.124.133.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/sc?cm=CiAABl45jjcAAAASCMtMAw%3D%3D&uid=true&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&publisher=5c12a0c91c985700119229ca&sop=true
Requested by: Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.133.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-133-106.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 15:31:03 GMT
Location: /sc?cm=CiAABl45jjcAAAASCMtMAw%3D%3D&uid=true&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&publisher=5c12a0c91c985700119229ca&sop=true
P3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Access-Control-Max-Age: 1728000
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.surepayroll.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 190
Stid: CiAABl45jjcAAAASCMtMAw==

Redirect headers

Date: Tue, 04 Feb 2020 15:31:03 GMT
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.surepayroll.com
Access-Control-Max-Age: 1728000
P3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Location: /sc?cm=CiAABl45jjcAAAASCMtMAw%3D%3D&uid=true&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&publisher=5c12a0c91c985700119229ca&sop=true
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 190
Stid: CiAABl45jjcAAAASCMtMAw==

GET
H2 200 379850526121944 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 58ms
57ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/379850526121944?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c3ff71010ef86280fc58c30073925e289d896b69dfb32491c42efdeac39ca3b2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: YevYxyL2zAxu68u5xRVMqgvzXO7EVX/JXkh9D/ujCJFiMuNlRFwBW9gplLwaLlcIx8f+/hzBqdYJkdm/+auAtw==
x-fb-trip-id: 1850256238
date: Tue, 04 Feb 2020 15:31:03 GMT, Tue, 04 Feb 2020 15:31:03 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=777690&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&time=1580830263251
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D777690%26url%3Dhttps%253A%252F%252Fwww.surepayroll.com%252Fcitgbanker%26time%3D15...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=777690&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&time=1580830263251&liSync=true

0
40 B

165ms
165ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=777690&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&time=1580830263251&liSync=true
Requested by: Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: cPPcyL888BVgNDqIrSoAAA==

Redirect headers

date: Tue, 04 Feb 2020 15:31:03 GMT
x-content-type-options: nosniff
linkedin-action: 1
status: 302
strict-transport-security: max-age=2592000
content-length: 0
x-li-uuid: TImUvb888BXwcL3hoCsAAA==
server: Play
pragma: no-cache
x-li-pop: prod-efr5
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=777690&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&time=1580830263251&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 10075750.json Show response
s.yimg.com/wi/config/ 2 B
169 B 121ms
121ms XHR
application/json 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10075750.json

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.surepayroll.com/citgbanker
Origin: https://www.surepayroll.com

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 5C5ADEE6CA4FBD15
x-amz-id-2: lE7xvgLwOkZGz/j969rtpBMaTB42nsCP5sE8sisB30f8o32/58PvxrnZdxKjI/V6RBb9/5hsCvI=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H/1.1 200
OK visitWebPage Show response
635-bff-282.mktoresp.com/webevents/ 2 B
303 B 807ms
167ms XHR
text/plain 192.28.147.68
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL: https://635-bff-282.mktoresp.com/webevents/visitWebPage?_mchNc=1580830263271&_mchCn=&_mchId=635-BFF-282&_mchTk=_mch-surepayroll.com-1580830263270-94439&_mchHo=www.surepayroll.com&_mchPo=&_mchRu=%2Fcitgbanker&_mchPc=https%3A&_mchVr=156&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software: akka-http/10.1.7 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.surepayroll.com/citgbanker
Origin: https://www.surepayroll.com

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 04 Feb 2020 15:31:03 GMT
Content-Encoding: gzip
Server: akka-http/10.1.7
Transfer-Encoding: chunked
X-Request-Id: 7fa7eedd-62a3-4d62-93f1-3dfcdeec0c94
Content-Type: text/plain; charset=UTF-8

GET
H2 204 0
bat.bing.com/action/ 0
171 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5637918&Ver=2&mid=ef6141b4-b3c8-ac28-7ae6-d397b4420dda&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Citi%20Banker%20%7C%20SurePayroll&p=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&r=&lt=24014&evt=pageLoad&msclkid=N&rn=493232
Requested by: Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Tue, 04 Feb 2020 15:31:03 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: A24CB1AB22564F89AE65E2E1C6F89D5F Ref B: FRAEDGE0113 Ref C: 2020-02-04T15:31:03Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
263 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=379850526121944&ev=PageView&dl=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&rl=&if=false&ts=1580830263313&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1580830263312.970192716&it=1580830263224&coo=false&rqm=GET

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT, Tue, 04 Feb 2020 15:31:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 04 Feb 2020 15:31:03 GMT

GET
H/1.1 200
OK sc Show response
l.sharethis.com/ 51 B
510 B 21ms
21ms XHR
text/plain 3.124.133.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/sc?cm=CiAABl45jjcAAAASCMtMAw%3D%3D&uid=true&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&publisher=5c12a0c91c985700119229ca&sop=true
Requested by: Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.133.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-133-106.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 22fa5e5d55c9012029ac6a56b000f79caae04413b99081935be8e90a49e5a42f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.surepayroll.com/citgbanker
Origin: https://www.surepayroll.com

Response headers

Date: Tue, 04 Feb 2020 15:31:03 GMT
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.surepayroll.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 51
Stid: CiAABl45jjcAAAASCMtMAw==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 33ms
32ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1072465258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f2.1e100.net

Software

cafe /

Resource Hash

338dcbb3305bedccf6f4a34fcc8dd8acc4bf67cfe825f79d7734faaf27696098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9929
x-xss-protection: 0
server: cafe
etag: 14452000459530203521
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 04 Feb 2020 15:31:03 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
1 KB 73ms
23ms Script
application/javascript 23.37.48.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=B&dmn=www.surepayroll.com&gdpr_domain=.consensu.org&rnd=1580830263339

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.37.48.116 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-48-116.deploy.static.akamaitechnologies.com

Software

Resource Hash

9c32b3d4705fa89a97df4adc7accf8802b1701e985ec846e8f88b147536dc402

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 15:31:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 959
Expires: Tue, 04 Feb 2020 16:31:03 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072465258/ 2 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072465258/?random=1580830263371&cv=9&fst=1580830263371&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1m0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&tiba=Citi%20Banker%20%7C%20SurePayroll&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42a7ca3b9a79083ab7317254a93a4980dc11649d7ae833bfc83517100a882136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 15:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1034
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tv2track.php
collector-1242.tvsquared.com/ 43 B
371 B 46ms
46ms Image
image/gif 34.248.116.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-1242.tvsquared.com/tv2track.php?action_name=Citi%20Banker%20%7C%20SurePayroll&idsite=TV-81725472-1&rec=1&r=274998&h=16&m=31&s=3&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&_id=5a89ee799eb64f82&_idts=1580830263&_idvc=0&_idn=1&_viewts=&cvar=%7B%225%22%3A%5B%22pageview%22%2C%22%7B%5C%22rev%5C%22%3A%5C%22%5C%22%2C%5C%22prod%5C%22%3A%5C%22%5C%22%2C%5C%22id%5C%22%3A%5C%22%5C%22%2C%5C%22promo%5C%22%3A%5C%22%5C%22%7D%22%5D%7D&cookie=1&res=1600x1200&_cvar=%7B%225%22%3A%5B%22session%22%2C%22%7B%5C%22user%5C%22%3A%5C%22SP-TVS%5C%22%7D%22%5D%7D&gt_ms=3465
Requested by: Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.116.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-116-44.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 15:31:03 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP='OTI DSP COR NID STP UNI OTPa OUR'

GET
H2 200 /
www.google.com/pagead/1p-user-list/1072465258/ 42 B
110 B 19ms
19ms Image
image/gif 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1072465258/?random=1580830263371&cv=9&fst=1580828400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&tiba=Citi%20Banker%20%7C%20SurePayroll&async=1&fmt=3&is_vtc=1&random=3445098833&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 15:31:03 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1072465258/ 42 B
110 B 20ms
20ms Image
image/gif 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1072465258/?random=1580830263371&cv=9&fst=1580828400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&tiba=Citi%20Banker%20%7C%20SurePayroll&async=1&fmt=3&is_vtc=1&random=3445098833&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 15:31:03 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK t_.htm
t.sharethis.com/a/ Frame 4767 0
0 24ms
23ms Document
text/html 23.37.48.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t.sharethis.com/a/t_.htm?ver=0.365.18106&cid=c010&cls=B
Requested by: Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=B&dmn=www.surepayroll.com&gdpr_domain=.consensu.org&rnd=1580830263339
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.48.116 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-48-116.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: t.sharethis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.surepayroll.com/citgbanker
Accept-Encoding: gzip, deflate, br
Cookie: __stid=CiAABl45jjcAAAASCMtMAw==; __stidv=2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.surepayroll.com/citgbanker

Response headers

Content-Length: 1084
Cache-Control: max-age=604800
Expires: Tue, 11 Feb 2020 15:31:03 GMT
Date: Tue, 04 Feb 2020 15:31:03 GMT
Connection: keep-alive
Content-Encoding: gzip
P3P: policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Content-Type: text/html
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK pixel;r=1024665078;source=gtm;labels=_fp.event.Default;rf=0;a=p-0zw96-V5Rcpk6;url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker;fpan=1;fpa=P0-848285017-1580830263501;ns=0;ce=1;qjs=1;qv=0e9a7da-201...
pixel.quantserve.com/ 35 B
796 B 27ms
26ms Image
image/gif 91.228.74.193
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1024665078;source=gtm;labels=_fp.event.Default;rf=0;a=p-0zw96-V5Rcpk6;url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker;fpan=1;fpa=P0-848285017-1580830263501;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1580830263501;tzo=-60;ogl=title.Citi%20Banker%20%7C%20SurePayroll%2Cdescription.Citi%20Banker%20%26%20SurePayroll%20Page%2Curl.%2Fcitgbanker%2Cimage.https%3A%2F%2Fwww%252Esurepayroll%252Ecom%2Fglobalassets%2Fimages%2Fhomepage%2Fpayroll-hero%252Ejpg

Requested by

Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.193 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Feb 2020 15:31:03 GMT
Server: QS
Strict-Transport-Security: max-age=86400
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK vms.js Show response
vmss.boldchat.com/aid/6500264634829510686/bc.vms4/ 36 KB
13 KB 646ms
155ms Script
text/javascript 67.217.81.25
GOTO-PRIMARY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vmss.boldchat.com/aid/6500264634829510686/bc.vms4/vms.js
Requested by: Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.217.81.25 , United States, ASN16815 (GOTO-PRIMARY-AS, US),
Reverse DNS: b-app12-09.boldchat.com
Software: BoldChat/8006 /
Resource Hash: 3db99661de0be62cb4f2c8a284a2f814972a6be1000d21fce94b0420eddb3b18

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 15:31:04 GMT
Content-Encoding: gzip
Server: BoldChat/8006
Cache-Control: max-age=172800, public
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM", policyref="http://my.boldchat.com/w3c/p3p.xml"
Content-Length: 13052
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 418ms
104ms Script
application/javascript 18.232.28.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.surepayroll.com
URL: https://www.surepayroll.com/citgbanker
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-6-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: f6652dacc3641651bf842bb18861c6fbb66581a3dd2c41dde3226764740684b6

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 15:31:04 GMT
Content-Encoding: gzip
X-Pardot-Route: ea50fcd3dcf777490e1499615b883deb
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
Last-Modified: Mon, 29 Oct 2018 21:17:36 GMT
Server: PardotServer
ETag: "13e7-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 1817
Expires: Thu, 03 Feb 2022 15:31:04 GMT

GET
H2 200 bf506cfa-b006-4806-5f7d-810298f1ff59
app.pendo.io/data/ptm.gif/ 42 B
283 B 155ms
133ms Image
image/gif 2a00:1450:4001:809::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.pendo.io/data/ptm.gif/bf506cfa-b006-4806-5f7d-810298f1ff59?v=2.39.1_prod&ct=1580830263782&jzb=eJzFkE9v6jAQxL8K8jkkweGFPzcaOHABKsipqiyTWMHC2JazIaKU78760UaVqvbam7Wemf3tvFwJXKwgU3ISwElA9s60tXAM5Amng3_jeJzENE1GozQgZ1lLMI7JEg1ss1jN12zH3o5yW-3SQ-ZKDOBFYRoND80sy9b5atfPV8vnfNFfzlHQOIU_BwBbT6Oobduwbpyw_OKMUmFhTlEhodpzfRQO5dYZW5Pp9XO5f_62X3FdNbzyJwnN8i25dUyd9TsWiix3QsOsk-Ko5OBz4mEU04jGNMb8s3C1NBrHNEwm4YAhYOn9-wsIBE3o5BZ0rSrDPdTPrY7-uFUP-IFFk0k6DghIUB49kyB7T_8NvffeFtM2j7Qvx1I6vL3eARqhurE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
status: 200
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
content-length: 42

GET
H2 200 bf506cfa-b006-4806-5f7d-810298f1ff59 Show response
app.pendo.io/data/guide.js/ 44 KB
9 KB 369ms
352ms Script
application/javascript 2a00:1450:4001:809::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.pendo.io/data/guide.js/bf506cfa-b006-4806-5f7d-810298f1ff59?jzb=eJx9jjFvgzAQhf_LzQmmblWpbBHJwEJaBWbrCpZjhdjoOILaiv-eSwcvlbqd3vvuvfcDNz95jlT1UIB5P9T7o2nM98WfXPN6LqmHDWDXxTnwL7Iry2NbN9u2rj7aw7baiz_TIM6ZeZwKpZZlyaaZ7IhfFIch6-JVdZ7dJ4aLJcGvlrFHRihS--P0_ywYMLgZnRXCBtOeYE2r0uvfZQKNSDbwLqEiSfUjJ39RuVY617nk3yxNPgaRdfb8lj2ZkWIP63oHQT9cYw&v=2.39.1_prod&ct=1580830263787

Requested by

Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/bf506cfa-b006-4806-5f7d-810298f1ff59/pendo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

b492460cb9f96e7bfae6fa01484e0a35ef002375f588cda62b929a55ab499630

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
status: 200
access-control-max-age: 600
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
via: 1.1 google

GET
H2 200 /
www.facebook.com/tr/ 44 B
106 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=379850526121944&ev=Microdata&dl=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&rl=&if=false&ts=1580830263815&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Citi%20Banker%20%7C%20SurePayroll%22%2C%22meta%3Adescription%22%3A%22Citi%20Banker%20%26%20SurePayroll%20Page%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Citi%20Banker%20%7C%20SurePayroll%22%2C%22og%3Adescription%22%3A%22Citi%20Banker%20%26%20SurePayroll%20Page%22%2C%22og%3Aurl%22%3A%22%2Fcitgbanker%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.surepayroll.com%2Fglobalassets%2Fimages%2Fhomepage%2Fpayroll-hero.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1580830263312.970192716&it=1580830263224&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:03 GMT, Tue, 04 Feb 2020 15:31:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 04 Feb 2020 15:31:03 GMT

OPTIONS
H/1.1 200
OK track Show response
dc.services.visualstudio.com/v2/ 0
311 B 113ms
27ms XHR
text/plain 51.140.6.23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: POST
Origin: https://www.surepayroll.com
Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Access-Control-Request-Headers: content-type,sdk-context

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 04 Feb 2020 15:31:03 GMT
X-Content-Type-Options: nosniff
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length: 0
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST

POST
H/1.1 200
OK track Show response
dc.services.visualstudio.com/v2/ 96 B
519 B 254ms
254ms XHR
application/json 51.140.6.23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6d84e39cac7974bc959fd57f4e7daf63c183d43068f22e669dc73b8f8f2ff3f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
Origin: https://www.surepayroll.com
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: BD47CE1B-5E44-4229-8692-BCFC3C092A94
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 04 Feb 2020 15:31:03 GMT
Access-Control-Max-Age: 3600
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length: 96

GET
H/1.1 200
OK guide.css
cdn.pendo.io/agent/releases/2.39.1/ 16 KB
4 KB 21ms
21ms Stylesheet
text/css 143.204.214.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/releases/2.39.1/guide.css?ct=1580830264164
Requested by: Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/bf506cfa-b006-4806-5f7d-810298f1ff59/pendo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-33.fra53.r.cloudfront.net
Software: UploadServer /
Resource Hash: ecc37e01ea37e3b466592107b3d727fe4a0b4d0bbdca98a65016c41192218396

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 15:30:42 GMT
Content-Encoding: gzip
Age: 440
X-GUploader-UploadID: AEnB2UqDiTBk7iqWvD9LwVq9jW2D7cQ2AQvr7SJDClZNlJc95RPjA2Z2BuvcQQyK0pnVGcXnlALgwHNdOlMDuxXbmkcj6cF89g
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 2742
Via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
Last-Modified: Tue, 28 Jan 2020 18:33:03 GMT
Server: UploadServer
ETag: "79ebf9d034d448be5a3e5511f22b1af5"
Vary: Accept-Encoding
x-goog-hash: crc32c=lKQ+Eg==, md5=eev50DTUSL5aPlUR8isa9Q==
x-goog-generation: 1580236383657396
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-cache
x-goog-stored-content-length: 2742
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Type: text/css
X-Amz-Cf-Id: OzszZ2pJ4zO7oTfjgTrkPlZfEbZwGrCiJyS2uQl-42AkbTEi0ebs-A==
Expires: Wed, 03 Feb 2021 15:23:44 GMT

GET
H2 200 guide.-323232.1578335896649.css
pendo-static-4707293416390656.storage.googleapis.com/ 5 KB
5 KB 174ms
126ms Stylesheet
text/css 2a00:1450:4001:81c::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pendo-static-4707293416390656.storage.googleapis.com/guide.-323232.1578335896649.css?ct=1580830264164
Requested by: Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/bf506cfa-b006-4806-5f7d-810298f1ff59/pendo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e014dda516e383861cdc4dadff005002d9497e93ac27d9336e12a610b58807ec

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:04 GMT
status: 200
x-guploader-uploadid: AEnB2UqrpswPO3_Os0uo9KzpSF49iTVwhuc5SyYU7FraAusVj_1F7jcpKSt7ixQ6BtRUIqT8rr4z4jliQk8c4oRWgVDAhL-jtA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5162
last-modified: Mon, 06 Jan 2020 18:38:17 GMT
server: UploadServer
etag: "5e365415cf430b01592360d2da8247d0"
x-goog-hash: crc32c=7QL0+A==, md5=XjZUFc9DCwFZI2DS2oJH0A==
x-goog-generation: 1578335897378771
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 5162
accept-ranges: bytes
content-type: text/css
expires: Tue, 04 Feb 2020 16:31:04 GMT

GET
H2 200 YgX14BAl5x7d_qk6yzIdufImm5k.guide.js Show response
pendo-static-4707293416390656.storage.googleapis.com/guide-content/_kF_-0rFy5D1hKjDsauwbsY5tp8/fqDBhUZ5hIIlSRWDgxc4M4qhqbk/ 14 KB
4 KB 55ms
10ms Script
application/javascript 2a00:1450:4001:81c::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pendo-static-4707293416390656.storage.googleapis.com/guide-content/_kF_-0rFy5D1hKjDsauwbsY5tp8/fqDBhUZ5hIIlSRWDgxc4M4qhqbk/YgX14BAl5x7d_qk6yzIdufImm5k.guide.js
Requested by: Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/bf506cfa-b006-4806-5f7d-810298f1ff59/pendo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5138c8e9e02d952aba7f3926bf3c70cad32b6e34e20a48b165491e21c3ded740

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:30:52 GMT
content-encoding: gzip
age: 12
status: 200
x-guploader-uploadid: AEnB2Uokv1YE32X2ef8RZUXwbkzskHYfBbwiZDWFjVOxRDTqfqj9UgRI0IKISDGs0IHn5hnYZew2i2lstZhpA6fQfONXHjcL5A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2970
last-modified: Fri, 24 Jan 2020 21:24:53 GMT
server: UploadServer
etag: "88e4b9e7c45787debfbcf3b895b27e35"
vary: Accept-Encoding
x-goog-hash: crc32c=Ko52zA==, md5=iOS558RXh96/vPO4lbJ+NQ==
x-goog-generation: 1579901093624800
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 2970
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
expires: Tue, 04 Feb 2020 16:30:52 GMT

GET
H/1.0 200
OK analytics Show response
pi.pardot.com/ 1 KB
2 KB 2264ms
2264ms Script
text/javascript 18.232.28.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&pi_opt_in=&campaign_id=1810&account_id=36372&title=Citi%20Banker%20%7C%20SurePayroll&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-6-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: e9f3c7aefa36adb5822ff66679ffdc1e7cf6400f72a3a1e302e823c1568ae8d9

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Feb 2020 15:31:04 GMT
Content-Encoding: gzip
X-Pardot-Route: 13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
X-Pardot-Rsp: 16/93/247
Vary: Accept-Encoding,User-Agent
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 539
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af2b5460d5c4b685752470ee1d2ffd830025438013102325b32fde10ec91407f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 launcherBadge_custom_706e9027bc0a92f6258a69cd2f52c7ca
pendo-static-4707293416390656.storage.googleapis.com/ 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:81c::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pendo-static-4707293416390656.storage.googleapis.com/launcherBadge_custom_706e9027bc0a92f6258a69cd2f52c7ca
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 59a2c29cd430eb5ab3f020a72cb6e259775b27a5eb8d6ec7b58f08d65f852354

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:22:20 GMT
age: 524
status: 200
x-guploader-uploadid: AEnB2UovtmtZwa0oTQ0i1IBUGpk_cV9jy8fNLNE3ZjwiTMraU-8CmyI1MQvCN1w2iHwD7YtqtfVA3iYMpm9l45obn53pR_0rTg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2051
last-modified: Thu, 29 Mar 2018 20:16:44 GMT
server: UploadServer
etag: "ade74172c083927fee9e182670570f8c"
x-goog-hash: crc32c=4p0fZA==, md5=redBcsCDkn/unhgmcFcPjA==
x-goog-generation: 1522354604870506
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 2051
accept-ranges: bytes
content-type: image/png
expires: Tue, 04 Feb 2020 16:22:20 GMT

GET
H/1.1 200
OK bc.pv Show response
vms.boldchat.com/aid/6500264634829510686/ 1 KB
2 KB 907ms
458ms Script
text/javascript 67.217.81.34
GOTO-PRIMARY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vms.boldchat.com/aid/6500264634829510686/bc.pv?script=true&securevm=true&&blur=false&vm=true&poll=65000&swidth=1600&sheight=1200&sdpi=96&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&wdid=3216640478842440047&idid=6437482367040859663&1580830264424&_bcvm_vrid_=true&_bcvm_vid_3216640478842440047=1580830264424Sundefined&_bcvm_vrid_3216640478842440047=1580830264424Sundefined&&hasbutton=false&fcbdid=6437482367605500557
Requested by: Host: vmss.boldchat.com
URL: https://vmss.boldchat.com/aid/6500264634829510686/bc.vms4/vms.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.217.81.34 , United States, ASN16815 (GOTO-PRIMARY-AS, US),
Reverse DNS: b-app12-12.boldchat.com
Software: BoldChat/8006 /
Resource Hash: bfa7d2ec9b69cf060770490d541d26185adcbf9979061978d9ee9fef2d369059

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Boldcenter-VisitID: 6437742332891619366
Date: Tue, 04 Feb 2020 15:31:05 GMT
Server: BoldChat/8006
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM", policyref="http://my.boldchat.com/w3c/p3p.xml"
Transfer-Encoding: chunked
X-Boldcenter-PageViewID: 6437742332638928942
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK setup Show response
vms.boldchat.com/aid/743443407650141616/api/v1/extendedvisitorinfo/ 24 B
201 B 619ms
159ms XHR
application/json 67.217.81.34
GOTO-PRIMARY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vms.boldchat.com/aid/743443407650141616/api/v1/extendedvisitorinfo/setup
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.217.81.34 , United States, ASN16815 (GOTO-PRIMARY-AS, US),
Reverse DNS: b-app12-12.boldchat.com
Software: BoldChat/8007 /
Resource Hash: ab23e5ef2389cf1539e1ad4dc3ff1cbd09a452482157ee899fd27f83239d9360

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.surepayroll.com/citgbanker
Origin: https://www.surepayroll.com

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 04 Feb 2020 15:31:04 GMT
Server: BoldChat/8007
Content-Length: 24
Content-Type: application/json;charset=UTF-8

GET
H2 200 ButtonIconNoBorderRightGreen-JustChat.png
www.surepayroll.com/globalassets/images/buttons/ 882 B
1 KB 28ms
28ms Image
image/webp 2606:4700::6811:936b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.surepayroll.com/globalassets/images/buttons/ButtonIconNoBorderRightGreen-JustChat.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:936b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8421dca9756ad89375e1432fdc19fbb0b70112285e9887d96006ab31c7a654f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 15:31:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8993
cf-polished: origFmt=png, origSize=1682
status: 200
content-disposition: inline; filename="ButtonIconNoBorderRightGreen-JustChat.webp"
cf-bgj: imgq:85
vary: Accept
content-length: 882
request-context: appId=cid-v1:449e1aa4-e4bc-483f-aa21-99c2ea4d96e9
last-modified: Tue, 06 Aug 2019 13:32:31 GMT
server: cloudflare
etag: "1D54C5B65BE4180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
access-control-expose-headers: Request-Context
cache-control: public, max-age=34207
accept-ranges: bytes
cf-ray: 55fdb0865d1c6431-FRA
expires: Wed, 05 Feb 2020 01:01:12 GMT

GET
H/1.0 200
OK analytics Show response
easy.surepayroll.com/ 50 B
1 KB 778ms
452ms Script
text/javascript 52.202.69.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://easy.surepayroll.com/analytics?conly=true&visitor_id=344457939&pi_opt_in=&campaign_id=1810&account_id=36372&title=Citi%20Banker%20%7C%20SurePayroll&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&referrer=&visitor_id_sign=a77823701add2f8e491fbdd96c78757cbf53cf62b201c88ae8091f6935c5743637fb2f1606ca5fc9f0d11bce2849475912ba4069
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&pi_opt_in=&campaign_id=1810&account_id=36372&title=Citi%20Banker%20%7C%20SurePayroll&url=https%3A%2F%2Fwww.surepayroll.com%2Fcitgbanker&referrer=
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.69.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-1-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

Referer: https://www.surepayroll.com/citgbanker
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Feb 2020 15:31:06 GMT
X-Pardot-Route: 13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB: 4208770abb36eec2b2f3a1c951758cc1
X-Pardot-Rsp: 16/89/198
Vary: User-Agent
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 50
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/embed/I-smf_JAQic

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sharethis.com/	1970-01-19 15:54:12	Name: __stidv Value: 2
.youtube.com/	1970-01-19 11:26:22	Name: VISITOR_INFO1_LIVE Value: 8HwWjZKmtO4
.sharethis.com/	1970-01-19 15:54:12	Name: __stid Value: CiAABl45jjcAAAASCMtMAw==
www.surepayroll.com/	1970-01-20 00:38:22	Name: _tq_id.TV-81725472-1.4492 Value: 5a89ee799eb64f82.1580830263.0.1580830263..
www.surepayroll.com/	1970-01-19 07:50:22	Name: __ctmid Value: 5e398e37000319b928948c9b
.surepayroll.com/	1970-01-19 09:16:46	Name: _vwo_ds Value: 3%3Aa_0%2Ct_0%3A0%241580830262%3A72.11786065%3A%3A%3A11_0%2C8_0%3A1
.surepayroll.com/	1970-01-19 09:16:46	Name: _fbp Value: fb.1.1580830263312.970192716
.surepayroll.com/	1970-01-20 00:38:22	Name: _mkto_trk Value: id:635-BFF-282&token:_mch-surepayroll.com-1580830263270-94439
.surepayroll.com/	1970-01-19 16:31:39	Name: __qca Value: P0-848285017-1580830263501
.surepayroll.com/	1970-01-19 15:39:48	Name: _hjid Value: 5ba06012-61c4-4ce7-853f-0eed2a18403b
.surepayroll.com/	1970-01-19 07:07:12	Name: _vwo_sn Value: 0%3A1
www.surepayroll.com/	1970-01-19 07:07:11	Name: livemonitorUserId Value: 300b07c4-cd7f-47be-b2d2-6d579b6ecbdd
.t.sharethis.com/	1970-01-19 07:50:22	Name: pxcelPage_c010_B Value: 0_7_1580830263488
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: gtiHHJ91wSY
www.surepayroll.com/	1970-01-19 15:52:46	Name: ai_user Value: 11kLT\|2020-02-04T15:31:03.127Z
.surepayroll.com/	1970-01-19 07:50:22	Name: __cfduid Value: d4405a4ad65462d40a20267f29a31cbd61580830263
.surepayroll.com/	1970-01-19 07:07:10	Name: _gat_UA-610453-59 Value: 1
.surepayroll.com/	1970-01-19 07:07:10	Name: _gat_UA-610453-1 Value: 1
.surepayroll.com/	1970-01-19 07:08:36	Name: _gid Value: GA1.2.546588581.1580830263
.surepayroll.com/	1970-01-19 07:50:22	Name: __ctmid Value: 5e398e37000319b928948c9b
.youtube.com/	1970-01-19 07:07:12	Name: GPS Value: 1
.surepayroll.com/	1970-01-20 00:38:22	Name: _ga Value: GA1.2.973427276.1580830263
.surepayroll.com/	1970-01-22 22:43:10	Name: _vwo_uuid Value: J3AD276217C64FA58D22B275698F64AB9
www.surepayroll.com/	1970-01-19 07:07:12	Name: ai_session Value: ArGE+\|1580830263337.36\|1580830263337.36
.www.surepayroll.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 3bcbf7c1061aa23e012422ac827fee19fa1c3ed83aefce9ab285fe438bad1af1
www.surepayroll.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: wmaicqd501owzlo0ndglnzja
.surepayroll.com/	1970-01-19 09:16:46	Name: _gcl_au Value: 1.1.141390742.1580830263
.surepayroll.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.surepayroll.com/	1970-01-19 15:54:12	Name: _vwo_uuid_v2 Value: D95C0698B1A75BF9B4A2E4568E72239A4\|13252920adf1d6d054030e1be6302e75
.surepayroll.com/	1970-01-19 09:31:10	Name: _vis_opt_s Value: 1%7C

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://203193.tctm.co/t.js(Line 21) Message: localStorage error use cookies
console-api	error	URL: https://203193.tctm.co/t.js(Line 21) Message: cookies are unavailable
console-api	error	URL: https://203193.tctm.co/t.js(Line 21) Message: localStorage error use cookies
console-api	error	URL: https://203193.tctm.co/t.js(Line 21) Message: cookies are unavailable

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

203193.tctm.co
635-bff-282.mktoresp.com
app.pendo.io
az416426.vo.msecnd.net
bat.bing.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn.getambassador.com
cdn.pendo.io
cdnjs.cloudflare.com
citibusinesspayroll.com
collector-1242.tvsquared.com
connect.facebook.net
dc.services.visualstudio.com
dev.visualwebsiteoptimizer.com
dl.episerver.net
easy.surepayroll.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
l.sharethis.com
mbsy.co
munchkin.marketo.net
pendo-static-4707293416390656.storage.googleapis.com
pi.pardot.com
pixel.quantserve.com
platform-api.sharethis.com
px.ads.linkedin.com
rules.quantcount.com
s.yimg.com
script.hotjar.com
secure.quantserve.com
snap.licdn.com
stackpath.bootstrapcdn.com
static.hotjar.com
stats.g.doubleclick.net
t.sharethis.com
vars.hotjar.com
vms.boldchat.com
vmss.boldchat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.lps.surepayroll.com
www.surepayroll.com
www.youtube.com
www.youtube.com
143.204.214.33
147.75.33.131
147.75.33.229
151.101.114.133
152.199.19.160
159.122.87.153
172.217.21.226
18.232.28.189
184.73.210.203
192.28.147.68
2001:4de0:ac19::1:b:3b
23.37.48.116
2600:9000:2057:1200:c:abe:f440:93a1
2600:9000:2057:b600:c:a9b7:ddc0:93a1
2600:9000:2057:c800:6:44e3:f8c0:93a1
2600:9000:214f:ce00:1c:8a07:5e80:93a1
2606:4700::6811:4104
2606:4700::6811:936b
2606:4700::6812:1276
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:4001:806::200e
2a00:1450:4001:808::200e
2a00:1450:4001:809::2013
2a00:1450:4001:818::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:81c::2010
2a00:1450:4001:81f::2002
2a00:1450:4001:81f::2003
2a00:1450:4001:820::200a
2a00:1450:4001:824::2008
2a00:1450:400c:c00::9c
2a02:26f0:10c:39e::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
2a05:f500:11:101::b93f:9005
3.124.133.106
34.248.116.44
51.140.6.23
52.202.69.186
52.57.19.198
63.240.144.198
63.240.144.205
67.217.81.25
67.217.81.34
91.228.74.193
91.228.74.197
95.101.176.176
013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e
01a05b63d3b62e8d3732323b97d2048dc4b12f510349811285186ef8143de1b0
085c4afa303b843dc6a6b1860c156c86d7d2163d3884e32afc1f304b59c2d6a1
0a9aa75388f20120607c9ca759ff9be8076260ee661c01ca367dada52c8f36a0
0ddba7b029e4e5e85674320c58e072badc84885efbd38e7f5407c29b600f349d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
19ece2daf3aade1705797690a471d5e3c50d1e342749373b4a123aa9f8c41267
1aa537344fa28b1060dd72cdf0d2765508ffd804984c65de95b0388a4aa30c53
1b394506bc1433f485a9a6d2b8df6282032cb4cf57e11797e9042aea355d44fc
1c197ab56bf267f36d27a8bcdf6e317f916fdb952ca7dd7c5c0527545afe37db
222f94c6e80f0b3b650ebddaa7cabe92a4571777b82ed1eccfcdd7bc1e3087d1
22fa5e5d55c9012029ac6a56b000f79caae04413b99081935be8e90a49e5a42f
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe
338dcbb3305bedccf6f4a34fcc8dd8acc4bf67cfe825f79d7734faaf27696098
345fc7c616056fb34b6c1f08c94b201291a8987fb42b0b6a4cad97784fbb7e41
34e0df2df263315f668d2c41c69904e98ca8418d713c26e0e86af04bc4af0452
35ecbd48276f3dec75c9f9c8f9f638ad2aeb5b74c387a731cefade25466e9ffb
3836e0bed2e5e2a6a702d318af4042cf8ac8a163ca70d5fd33a187e2e6512f98
3db99661de0be62cb4f2c8a284a2f814972a6be1000d21fce94b0420eddb3b18
4090d2f7bc4a888dffea063e8e4598fd028670517fb34276b6a9dbc69b1fba7d
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
42a7ca3b9a79083ab7317254a93a4980dc11649d7ae833bfc83517100a882136
43263e1a4e561dc8c93b62c926c01e776f0d216843be1b4bb1d56042929b3e7c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49cd92ccfacd2748c7ec362930e9de5251c1091b637400a2f547c27b27cbf075
50cd27879f03f1b1a0c173b14e4f30390362555145ecd8169d65d84e5fb6c055
5138c8e9e02d952aba7f3926bf3c70cad32b6e34e20a48b165491e21c3ded740
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
55db50c9721c11691d122bdbf106e5399777a7576da8b12033637f75cbaf5bb9
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
59a2c29cd430eb5ab3f020a72cb6e259775b27a5eb8d6ec7b58f08d65f852354
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5bab148520bb9b4b911f4da5ab8fd2c4a32333142fa835aaa645d6094396aab4
5ca4886256b91e6b49639211f92b0f7f19c689bd8198740fe2f8b58d04682650
5e2101318f20a45523f5acfdf3ae8246754317dda922b9370306bee6a220c5af
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
62c9cb4113ae6f7d27c252887e99b85342db6ed2824c953c1e6680dc7113d655
63de39b7cb45640fb5d0b035ef4f05cc4676619b02270939334abed407e9f3ec
65a8d01458ae2fc8b519ef48056ba6220c5835c9c40e9685a30046d44f773f0a
6c1472520b668aae52d693d940ccb27e6018a2b6034257eab0e3fa0635d6e05d
6c9094cac8fa542195988d92ed1705cf5c88cea911f55a85711ad27006041e75
6d84e39cac7974bc959fd57f4e7daf63c183d43068f22e669dc73b8f8f2ff3f2
6df9ff96634af9a2be5f7206fd25cbfeed18db008717541fd7e83b58fd528e2b
75db834dcf29f78fb5bec93666f7fc253fa5a2ee6a54222c92da44d6d393179a
7d2131a3a82a28076131fcc7129a68ab654cea11b3417d75b2749090dc1eec46
7f26039bc285692ece41166f9c171051da8e93c3bae29e9ee1b888335e394bce
81d9b781fec035f866e5dd73dac89e310fd4d2aa4c818fd45641c51cdb841288
82aa2c14460abbc8340d70ddd5ab8bc7661095e460f0f8eda6ddec3d4911d77d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8421dca9756ad89375e1432fdc19fbb0b70112285e9887d96006ab31c7a654f3
86be886f9b5e1eb0339ae88e5ae32eb35bdfb8ea2ba2c4934482d2c6ab34d7e7
878d31406d623d2f91d485f6816c9eadba4f96e6bb82d82cfe7d2bb163d344e1
89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7
8b9b662f650ee5329e023ed176b8060380813397f0376021d855da47b3c5b66f
92c062f0a84e8c42107abb82ee314f753632946ef08c1f6f070323c798951800
98a7b840c8cb2217f02ae508f724f5b136c2c28b80ab70b86937bb2e9bcd69c4
9c32b3d4705fa89a97df4adc7accf8802b1701e985ec846e8f88b147536dc402
9c8c2bd991b19902c8cb90bcc99a960a88a9efebaf022cd1d4f474510aa2a757
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
ab23e5ef2389cf1539e1ad4dc3ff1cbd09a452482157ee899fd27f83239d9360
af2b5460d5c4b685752470ee1d2ffd830025438013102325b32fde10ec91407f
b42793d9968e418f18cf1e0a5bf9a1ee3f900ea9bf423128ff2146ea6826ed30
b492460cb9f96e7bfae6fa01484e0a35ef002375f588cda62b929a55ab499630
bfa7d2ec9b69cf060770490d541d26185adcbf9979061978d9ee9fef2d369059
bfecbe118b9759404b3d766f6beffdf9ccbbbb21dd1123289eb1354d0ecb5b6d
c3ff71010ef86280fc58c30073925e289d896b69dfb32491c42efdeac39ca3b2
c5b595c4ca0c8a5c9b06021b7300e17d232cdb061302b98317c429bbfc86c632
c82e236ec4aac84e9fdf26b0c972f0d8f3d81a52d6c21b6646469da7ee54de16
c87077647d6688d0812550fe8eacdb87f380fa2ce76a849c6d7275b382dbbaa3
cefcfe18cb7a3466eb48a8e879a060e45d3450e1806b7b9001fa11ccd64335ff
dccdda3062baf6082eb9d1e8bc1e1e392410e777091e360187d23366bb11ee07
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
df3d8a838fc6f9d6412e3e8dbcbe46073d24e75a23f6275cc88217e0626d537c
e014dda516e383861cdc4dadff005002d9497e93ac27d9336e12a610b58807ec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6cf48bc1bfd904673cda470939d69e4c555779587d2361e65d03869b26eeebf
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
e9f3c7aefa36adb5822ff66679ffdc1e7cf6400f72a3a1e302e823c1568ae8d9
ecc37e01ea37e3b466592107b3d727fe4a0b4d0bbdca98a65016c41192218396
ecf4a6176a23634e19ed80b01b9c30bc7f9b754c55d4f3c220e46fbd3607a3b3
eef99fbd7bebd5d5b8e03e837e2d7b90c6203c6f3a53f0b4a1ba79190a995afe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13785c09e9abc1e36e3cf0893832df95878eef67a7a411bb2658cbe5642328a
f620166b1596afedcfb66dd4bf2d243f01f44d069dd315fd3f14989a562fa57b
f6652dacc3641651bf842bb18861c6fbb66581a3dd2c41dde3226764740684b6
f6980cd228111179ae58d43ca337cb5ad753bbc5bdf06f8a3e3366b384473aca
f7492d50b831345d36f5fdf42f9a23d18a5c0e0e3d66976b3652ac514070c74f

www.surepayroll.com Open in urlscan Pro 2606:4700::6811:936b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

109 Requests

99 %HTTPS

53 %IPv6

37 Domains

50 Subdomains

46 IPs

7 Countries

1251 kBTransfer

4196 kBSize

30 Cookies

0 Outgoing links

Page URL History

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.surepayroll.com Open in urlscan Pro
2606:4700::6811:936b Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

99 %
HTTPS

53 %
IPv6

37
Domains

50
Subdomains

46
IPs

7
Countries

1251 kB
Transfer

4196 kB
Size

30
Cookies

109 HTTP transactions
1 data transactions