jh.staging-worklayer.com Open in urlscan Pro
35.222.6.218 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://jh.staging-worklayer.com/
Submission: On September 30 via manual (September 30th 2020, 1:25:45 pm UTC) from US

Summary HTTP 66 Redirects Behaviour Indicators

Summary

This website contacted 36 IPs in 7 countries across 24 domains to perform 66 HTTP transactions. The main IP is 35.222.6.218, located in United States and belongs to GOOGLE, US. The main domain is jh.staging-worklayer.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 1st 2020. Valid for: 3 months.

This is the only time jh.staging-worklayer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	35.222.6.218 35.222.6.218	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81b::2010	15169 (GOOGLE) (GOOGLE)
1	151.101.112.176 151.101.112.176	54113 (FASTLY) (FASTLY)
2	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:10c... 2a02:26f0:10c:58e::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	147.75.33.131 147.75.33.131	54825 (PACKET) (PACKET)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:21f... 2600:9000:21f3:c000:13:c079:7880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.99.83 143.204.99.83	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	147.75.80.95 147.75.80.95	54825 (PACKET) (PACKET)
2	54.213.165.90 54.213.165.90	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:e0:... 2606:4700:e0::ac40:6402	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	147.75.102.13 147.75.102.13	54825 (PACKET) (PACKET)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2	34.240.31.203 34.240.31.203	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
2	52.41.92.51 52.41.92.51	16509 (AMAZON-02) (AMAZON-02)
1	54.189.150.4 54.189.150.4	16509 (AMAZON-02) (AMAZON-02)
4	18.233.176.127 18.233.176.127	14618 (AMAZON-AES) (AMAZON-AES)
2	18.232.28.189 18.232.28.189	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:c12e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
66	36

1 35.222.6.218 (United States)

ASN15169 (GOOGLE, US)
PTR: 218.6.222.35.bc.googleusercontent.com

jh.staging-worklayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81b::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

checkout.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:10c:58e::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.33.131 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress9

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:c000:13:c079:7880:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.99.83 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-99-83.fra50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.80.95 (Parsippany, United States)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress16

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.213.165.90 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-165-90.us-west-2.compute.amazonaws.com

gw.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e0::ac40:6402 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-ingest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.lr-ingest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.194.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.13 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress3

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.240.31.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.41.92.51 (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.189.150.4 (Boardman, United States)

ASN16509 (AMAZON-02, US)

taxfyle-staging.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.233.176.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.232.28.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-6-ue1.aws.pardot.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:c12e (United States)

ASN13335 (CLOUDFLARENET, US)

assets.themuse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	googleapis.com storage.googleapis.com fonts.googleapis.com	1 MB
8	launchdarkly.com app.launchdarkly.com events.launchdarkly.com	2 KB
5	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	74 KB
5	googletagmanager.com www.googletagmanager.com	47 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	google.de ampcid.google.de www.google.de	694 B
3	lr-ingest.io cdn.lr-ingest.io r.lr-ingest.io	111 KB
3	google.com ampcid.google.com www.google.com	765 B
3	oribi.io cdn.oribi.io gw.oribi.io	35 KB
3	google-analytics.com www.google-analytics.com	51 KB
2	pardot.com pi.pardot.com	4 KB
2	segment.io api.segment.io	176 B
2	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	1 KB
2	bing.com bat.bing.com	8 KB
2	licdn.com snap.licdn.com	3 KB
2	polyfill.io cdn.polyfill.io	391 B
1	gstatic.com fonts.gstatic.com	36 KB
1	themuse.com assets.themuse.com	19 KB
1	auth0.com taxfyle-staging.auth0.com
1	segment.com cdn.segment.com
1	googleadservices.com www.googleadservices.com	11 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
1	stripe.com checkout.stripe.com	27 KB
1	staging-worklayer.com jh.staging-worklayer.com	3 KB
66	24

	Domain	Requested by
8	storage.googleapis.com	jh.staging-worklayer.com storage.googleapis.com
5	www.googletagmanager.com	jh.staging-worklayer.com
4	events.launchdarkly.com	storage.googleapis.com
4	app.launchdarkly.com	storage.googleapis.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	r.lr-ingest.io	cdn.lr-ingest.io
2	pi.pardot.com	jh.staging-worklayer.com pi.pardot.com
2	api.segment.io	storage.googleapis.com
2	in.hotjar.com	script.hotjar.com storage.googleapis.com
2	www.google.de	jh.staging-worklayer.com
2	www.google.com	jh.staging-worklayer.com
2	px.ads.linkedin.com	1 redirects jh.staging-worklayer.com
2	gw.oribi.io	cdn.oribi.io storage.googleapis.com
2	bat.bing.com	www.googletagmanager.com jh.staging-worklayer.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	fonts.googleapis.com	storage.googleapis.com
2	cdn.polyfill.io	jh.staging-worklayer.com
1	fonts.gstatic.com	fonts.googleapis.com
1	assets.themuse.com
1	taxfyle-staging.auth0.com	storage.googleapis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.linkedin.com	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	ampcid.google.de	www.google-analytics.com
1	cdn.lr-ingest.io	storage.googleapis.com
1	script.hotjar.com	static.hotjar.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	ampcid.google.com	www.google-analytics.com
1	cdn.segment.com	jh.staging-worklayer.com
1	cdn.oribi.io	jh.staging-worklayer.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	maxcdn.bootstrapcdn.com	storage.googleapis.com
1	checkout.stripe.com	jh.staging-worklayer.com
1	jh.staging-worklayer.com
66	35

This site contains no links.

Subject Issuer	Validity	Valid
staging-worklayer.com Let's Encrypt Authority X3	`2020-09-01` - `2020-11-30`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2020-09-22` - `2021-02-03`	4 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-21` - `2021-04-17`	7 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-08-16` - `2020-11-14`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
oribi.io Amazon	`2020-07-16` - `2021-08-16`	a year	crt.sh
*.segment.com DigiCert SHA2 Secure Server CA	`2020-06-12` - `2021-07-27`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-08-17` - `2020-11-15`	3 months	crt.sh
*.oribi.io Amazon	`2020-06-15` - `2021-07-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-10` - `2021-07-10`	a year	crt.sh
c3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-23` - `2021-04-20`	7 months	crt.sh
*.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-08-15` - `2020-11-13`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.hotjar.com Amazon	`2020-08-29` - `2021-09-28`	a year	crt.sh
*.auth0.com Amazon	`2020-06-25` - `2021-07-25`	a year	crt.sh
pi.pardot.com DigiCert SHA2 Secure Server CA	`2019-12-26` - `2020-12-26`	a year	crt.sh
*.launchdarkly.com Gandi Pro SSL CA 2	`2018-09-12` - `2020-10-30`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://jh.staging-worklayer.com/
Frame ID: AFB9C2D7D3E45D55B15C38FC99B13C38
Requests: 59 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 1DA0A8E6D94FC2365813AF6E62599013
Requests: 1 HTTP requests in this frame

Frame: https://taxfyle-staging.auth0.com/authorize?client_id=JdncTDKTMeX0mHHN53wLYjvLz4Mf3VFs&audience=https%3A%2F%2Fapi.worklayer.com&redirect_uri=https%3A%2F%2Fjh.staging-worklayer.com&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=web_message&state=VGM3LmJOM2hLdXhwWldpOWg4ZjVadmJiOTNEVmdDZDB3M1dyUFIyeURoVg%3D%3D&nonce=LkFnb25rLWFwZDNXa002ZkFIak5vLmk0Vm1Ia2hoNVdGSUhmUjlaUDM3WQ%3D%3D&code_challenge=-5s__qI69OYhR1Mmn1UPbY4EDwnFaH3-H8eJaiwchXw&code_challenge_method=S256&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTIuMSJ9
Frame ID: 4F4CB7EE4399B9791FEE6DD824C411EB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /^https?:\/\/cdn\.polyfill\.io\//i
script /\/polyfill\.min\.js/i

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.segment\.com\/analytics\.js/i

Page Statistics

66
Requests

97 %
HTTPS

61 %
IPv6

24
Domains

35
Subdomains

36
IPs

7
Countries

1663 kB
Transfer

6744 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=568810&time=1601472328345&url=https%3A%2F%2Fjh.staging-worklayer.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D568810%26time%3D1601472328345%26url%3Dhttps%253A%252F%252Fjh.staging-worklayer.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=568810&time=1601472328345&url=https%3A%2F%2Fjh.staging-worklayer.com%2F&liSync=true

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
jh.staging-worklayer.com/ 11 KB
3 KB 447ms
184ms Document
text/html 35.222.6.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jh.staging-worklayer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.222.6.218 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

218.6.222.35.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

164ea4fc6e8eb4b2c2d8359b479697885c72190656124fc163c00917e37ac61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: jh.staging-worklayer.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept-Encoding, Origin
content-type: text/html; charset=utf-8
content-encoding: br
date: Wed, 30 Sep 2020 13:25:27 GMT
x-envoy-upstream-service-time: 57
server: istio-envoy

GET
H2 200 bundle.css
storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/ 174 KB
21 KB 150ms
129ms Stylesheet
text/css 2a00:1450:4001:81b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/bundle.css
Requested by: Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 81d4a50e1751feb179b7ceaf6c5850f4481c07d44abff36192c27fbdff7d7232

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:25:27 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABg5-UwcCwutm5a5ij2FGB8Mki5q0srN9MsdLh9K2R7ypmnOkiRohMSqtuQNPTpvWS8VACAlFktjnxZfrSNb_eFkk4c
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21128
last-modified: Mon, 28 Sep 2020 19:07:42 GMT
server: UploadServer
etag: "c17972828795cd6f980261870d652f65"
vary: Accept-Encoding
x-goog-hash: crc32c=SNItVg==, md5=wXlygoeVzW+YAmGHDWUvZQ==
x-goog-generation: 1601320062830097
cache-control: public, max-age=172800
x-goog-stored-content-length: 21128
accept-ranges: bytes
content-type: text/css
expires: Fri, 02 Oct 2020 13:25:27 GMT

GET
H2 200 checkout.js Show response
checkout.stripe.com/ 101 KB
27 KB 101ms
24ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.stripe.com/checkout.js

Requested by

Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

49c1c191416354506ac7fdfc0a72b4225219761c34e33f2c33a1f3be91b41699

Security Headers

Name

Value

Content-Security-Policy

connect-src 'self' https://api.stripe.com wss://verificator.stripe.com wss://verificator-main.stripe.com https://*.stripecdn.com https://errors.stripe.com; default-src 'self'; font-src 'none'; frame-src 'self' stripecheckout: bitcoin: https://*.stripecdn.com https://js.stripe.com; img-src * data:; media-src 'none'; object-src 'self' https://*.stripecdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.stripe.com https://*.stripecdn.com https://stripecdn.com https://api.stripe.com https://maps.googleapis.com https://maps.gstatic.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.stripecdn.com

Strict-Transport-Security

max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:25:27 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 298
x-cache: HIT
status: 200
content-length: 26571
x-amz-id-2: rehcF0KyY5ZJM3BcffxBSTI8gpMtPk1Zj/xVrOXu22uFzFIKuxQcpbWJCWFvjLCikmu2ctpyYOk=
x-served-by: cache-hhn4066-HHN
timing-allow-origin: *
last-modified: Wed, 23 Sep 2020 19:56:10 GMT
server: AmazonS3
x-timer: S1601472328.890911,VS0,VE0
etag: "ccca41b57af13305be04d6adfeddc0e8"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: E2E2D62E4E0FE7FD
via: 1.1 varnish
cache-control: no-cache
content-security-policy: connect-src 'self' https://api.stripe.com wss://verificator.stripe.com wss://verificator-main.stripe.com https://*.stripecdn.com https://errors.stripe.com; default-src 'self'; font-src 'none'; frame-src 'self' stripecheckout: bitcoin: https://*.stripecdn.com https://js.stripe.com; img-src * data:; media-src 'none'; object-src 'self' https://*.stripecdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.stripe.com https://*.stripecdn.com https://stripecdn.com https://api.stripe.com https://maps.googleapis.com https://maps.gstatic.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.stripecdn.com
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 66

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 222 B
222 B 7ms
6ms Script
text/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.en

Requested by

Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 12180046
detected-user-agent: Chrome Mobile/83.0.4103
status: 200
request_came_from_shield: FRA
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Tue, 12 May 2020 13:13:15 GMT
date: Wed, 30 Sep 2020 13:25:27 GMT
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/83.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 vendor.js Show response
storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/ 4 MB
1 MB 152ms
132ms Script
application/javascript 2a00:1450:4001:81b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/vendor.js
Requested by: Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 58c37db242ff853108e1540675ace742a02dc9b7bfbd38c567ae7a97e6832a7f

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:25:27 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABg5-UxzHcTiGgKvdVMezAK3xp81cCRmen6jrLzeOkMfzoXiqQrXhia2NCfkg2r5axHrDOllWXzw4hu1KUqhFG_I1xc
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1064196
last-modified: Mon, 28 Sep 2020 19:07:43 GMT
server: UploadServer
etag: "bb660b37fc349ebe620648a49af9c68d"
vary: Accept-Encoding
x-goog-hash: crc32c=IutXog==, md5=u2YLN/w0nr5iBkikmvnGjQ==
x-goog-generation: 1601320063657413
cache-control: public, max-age=172800
x-goog-stored-content-length: 1064196
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 02 Oct 2020 13:25:27 GMT

GET
H3-Q050 200 app.js Show response
storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/ 173 KB
33 KB 156ms
141ms Script
application/javascript 2a00:1450:4001:81b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/app.js
Requested by: Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 42db0ec829b31c78e2fd81cffcc7f4a48787ce4364b47ab1715048e39fd4aed1

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:25:28 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABg5-UxgSFw9ZPCAr9hlFGiSRzgyorgoWhRajAYOShItcs-vDo2-bW-OKmI4hv4kiVIaL_TNA3LqGqeS0z9Qd8U9dHQ
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33006
last-modified: Mon, 28 Sep 2020 19:07:42 GMT
server: UploadServer
etag: "f6e664b04d7ec372a9ebda48e13a3d96"
vary: Accept-Encoding
x-goog-hash: crc32c=tuw65A==, md5=9uZksE1+w3Kp69pI4To9lg==
x-goog-generation: 1601320062878027
cache-control: public, max-age=172800
x-goog-stored-content-length: 33006
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 02 Oct 2020 13:25:28 GMT

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
949 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/bundle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e7eeb692a7dcfef1ad0f563e530ad4a3d9aaaf5f3a5cd7bdf825a3ba07b3db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/bundle.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 30 Sep 2020 13:05:13 GMT
server: ESF
date: Wed, 30 Sep 2020 13:25:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Sep 2020 13:25:27 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/ 28 KB
7 KB 9ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/bundle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/bundle.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 6591

GET
H2 200 icon
fonts.googleapis.com/ 574 B
465 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/bundle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f43ed67b5dbe01a3b359d5af3077afe6543a88bc32088c322171335e09b39e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/bundle.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 30 Sep 2020 13:25:27 GMT
server: ESF
date: Wed, 30 Sep 2020 13:25:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Sep 2020 13:25:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 145 KB
47 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TZ57NXB

Requested by

Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39695a90778db77f2535efc3cba2794a9930aeaef149ed83a444124b067ed290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:25:28 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
last-modified: Wed, 30 Sep 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Sep 2020 13:25:28 GMT

GET
H2 200 polyfill.min.js
cdn.polyfill.io/v2/ 222 B
169 B 7ms
6ms Other
text/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.en

Requested by

Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 12180046
detected-user-agent: Chrome Mobile/83.0.4103
status: 200
request_came_from_shield: FRA
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Tue, 12 May 2020 13:13:15 GMT
date: Wed, 30 Sep 2020 13:25:27 GMT
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/83.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZ57NXB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 3107
date: Wed, 30 Sep 2020 12:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Wed, 30 Sep 2020 14:33:41 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
11 KB 32ms
32ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZ57NXB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11311
x-xss-protection: 0
server: cafe
etag: 12833363978352728442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 30 Sep 2020 13:25:28 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 9ms
9ms Script
application/x-javascript 2a02:26f0:10c:58e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZ57NXB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Sep 2020 13:25:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=48334
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 hotjar-1180126.js Show response
static.hotjar.com/c/ 8 KB
3 KB 70ms
36ms Script
application/javascript 147.75.33.131
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1180126.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZ57NXB

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.33.131 Amsterdam, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress9

Software

Resource Hash

7b704847c980231dda8924a6f0f5e820e43a388400a3101292239e02ebdcf771

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:25:28 GMT
content-encoding: br
x-content-type-options: nosniff
section-io-tag: hotjarjs
age: 0
status: 200
section-io-cache: Miss
vary: Accept-Encoding
content-length: 2790
cache-control: max-age=60
etag: W/85422b409e565773c63a0e7f13572945
access-control-max-age: 600
section-io-origin-status: 200
access-control-allow-origin: *
x-cache-hit: 1
section-io-origin-time-seconds: 0.019
section-io-id: 76f424868e39aac58cc97df162742906
accept-ranges: bytes
content-type: application/javascript
section-origin-responded: true

GET
H2 200 bat.js Show response
bat.bing.com/ 26 KB
8 KB 29ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZ57NXB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:25:27 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 20:00:00 GMT
x-msedge-ref: Ref A: 0D4AD57B188C4341BA8EE0304E95ED55 Ref B: FRAEDGE1516 Ref C: 2020-09-30T13:25:28Z
status: 200
etag: "0e0bdafab5bd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8022

GET
H2 200 oribi.js Show response
cdn.oribi.io/XzM3MDY1ODk1Mw/ 107 KB
34 KB 68ms
32ms Script
application/javascript 2600:9000:21f3:c000:13:c079:7880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.oribi.io/XzM3MDY1ODk1Mw/oribi.js
Requested by: Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:13:c079:7880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c727be3b5698d432f6d2ba6af4c7af21570c0f65df6704e03035eb950dce6590

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:24:59 GMT
content-encoding: gzip
age: 29
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
status: 200
cache-control: public, max-age=60
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: A93gAhe2-OCm5A7RTsdMvx1RCxkJhwsMAOcGczRtdElOhsP5zXsZ7w==
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-application-context: application

GET
H2 404 analytics.min.js
cdn.segment.com/analytics.js/v1/9sT8NdGpaGOmOEiw3iEYOOIjqv1H1N7w/ 0
0 660ms
607ms Script
text/plain 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/9sT8NdGpaGOmOEiw3iEYOOIjqv1H1N7w/analytics.min.js
Requested by: Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.99.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
etag: "328257380186d550f96adf638ff85092"
age: 163
x-cache: Error from cloudfront
status: 404
content-length: 49
last-modified: Mon, 25 Jun 2018 17:54:06 GMT
server: AmazonS3
date: Wed, 30 Sep 2020 13:23:02 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: L75RyBBrvYmbkKWS5aTCcg-f2WrzZWtcnh0_8a0t00C8OhUbeGk0xA==

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
117 B 26ms
25ms Image
image/gif 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-TZ57NXB&cv=59&v=3&t=t&pid=272023545&rv=9g1&es=1&e=gtm.js&eid=1&tc=38&tr=1gclidw.1ua.1sp.1bzi.1hjtc.1opt.1baut.1cvt.7cvt.1cl.1cl.1cl.1cl.1html.5html.1html.5html.5gclidw.5cl.5cl.5cl.5cl&ti=1gclidw.1ua.1sp.2bzi.2hjtc.1opt.1baut.2cvt.2cvt.1cl.1cl.1cl.1cl.1html.1html.1html.1html.1gclidw.1cl.1cl.1cl.1cl&z=0

Requested by

Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Sep 2020 13:25:28 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:10c:58e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Sep 2020 13:25:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=56892
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
571 B 35ms
13ms XHR
application/json 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Sep 2020 13:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://jh.staging-worklayer.com
access-control-expose-headers: content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 204 0
bat.bing.com/action/ 0
93 B 128ms
127ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25030145&Ver=2&mid=4e871988-584d-4850-e553-63c6decd959d&sid=fa90da058dbb7bc9cf7274080984b402&vid=75ba8ca22d2ac8029db34d7bd5afc4bc&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Tax%20Pro%20From%20Home%20by%20Jackson%20Hewitt&kw=taxfyle,tax%20return,accounting,mobile%20app&p=https%3A%2F%2Fjh.staging-worklayer.com%2F&r=&lt=741&evt=pageLoad&msclkid=N&sv=1&rn=493595
Requested by: Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Wed, 30 Sep 2020 13:25:27 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 795C56E178164F24B0BC7EE492C20631 Ref B: FRAEDGE1516 Ref C: 2020-09-30T13:25:28Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
20 B 25ms
25ms Image
image/gif 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-TZ57NXB&cv=59&v=3&t=t&pid=272023545&rv=9g1&es=1&e=gtm.dom&eid=4&tc=38&z=0

Requested by

Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Sep 2020 13:25:28 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/938580557/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/938580557/?random=1601472328163&cv=9&fst=1601472328163&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9g1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fjh.staging-worklayer.com%2F&tiba=Tax%20Pro%20From%20Home%20by%20Jackson%20Hewitt&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb975e45de3945f42ecf04215d9f598ecbba3caa982cb353171cc96b6654ffba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Sep 2020 13:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1020
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.8c9f7a4fca3b8ef02840.js Show response
script.hotjar.com/ 355 KB
70 KB 55ms
16ms Script
application/javascript 147.75.80.95
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.8c9f7a4fca3b8ef02840.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1180126.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.80.95 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress16
Software: /
Resource Hash: e819a94846634dbdeb4b5c9b045eafc80f62549c246b2e44e8f498355ed63524

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:25:28 GMT
content-encoding: br
age: 26449
status: 200
section-io-cache: Hit
content-length: 71611
last-modified: Tue, 29 Sep 2020 17:52:23 GMT
etag: "1efeca42bb81d81f42769eaf172cd936"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.101
section-io-id: 866f00c07c59fe09d6d16eb67dfd6b1d
accept-ranges: bytes
content-type: application/javascript
section-origin-responded: true

POST
H2 202 event Show response
gw.oribi.io/ 0
414 B 553ms
184ms XHR
text/plain 54.213.165.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.oribi.io/event
Requested by: Host: cdn.oribi.io
URL: https://cdn.oribi.io/XzM3MDY1ODk1Mw/oribi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.165.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-165-90.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 30 Sep 2020 13:25:28 GMT
status: 202
vary: Origin
content-type: text/plain
access-control-allow-origin: https://jh.staging-worklayer.com
access-control-allow-credentials: true
content-length: 0
x-application-context: application

GET
H2 200 logger-1.min.js Show response
cdn.lr-ingest.io/ 593 KB
109 KB 62ms
44ms Script
text/javascript 2606:4700:e0::ac40:6402
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-ingest.io/logger-1.min.js

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/vendor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6402 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce2f21031c7967ee814084ad77a35ad2d51c51207c072d2d5a48c7957ccd3b2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:25:28 GMT
content-encoding: br
vary: x-fh-requested-host, accept-encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 178
x-cache: MISS
status: 200
cf-request-id: 0580c98a8c0000dff393066200000001
x-served-by: cache-fra19153-FRA
last-modified: Tue, 29 Sep 2020 19:37:24 GMT
server: cloudflare
x-timer: S1601408317.198514,VS0,VE435
etag: W/"d9fe757118e262a0f2eb5bda3c6761cf02e02ec7b22a9aeae7650dd077039183"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31556926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601472328"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 5dae4524192adff3-FRA
x-cache-hits: 0

OPTIONS
H2 200 5db0a6c71b0bf608a1d431e2
app.launchdarkly.com/sdk/goals/ Frame 0
0 144ms
103ms Other
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5db0a6c71b0bf608a1d431e2

Protocol

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-launchdarkly-user-agent
Origin: https://jh.staging-worklayer.com
Sec-Fetch-Mode: cors

Response headers

status: 200
content-type: application/json
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
accept-ranges: bytes
date: Wed, 30 Sep 2020 13:25:28 GMT
via: 1.1 varnish
x-served-by: cache-ams21020-AMS
x-cache: MISS
x-cache-hits: 0
x-timer: S1601472328.385183,VS0,VE88
vary: Accept-Encoding
strict-transport-security: max-age=300
age: 0

OPTIONS
H2 200 eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9
app.launchdarkly.com/sdk/evalx/5db0a6c71b0bf608a1d431e2/users/ Frame 0
0 142ms
101ms Other 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5db0a6c71b0bf608a1d431e2/users/eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9

Protocol

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-launchdarkly-user-agent
Origin: https://jh.staging-worklayer.com
Sec-Fetch-Mode: cors

Response headers

status: 200
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 300
allow: GET, OPTIONS, HEAD
ld-region: us-east-1
accept-ranges: bytes
date: Wed, 30 Sep 2020 13:25:28 GMT
via: 1.1 varnish
x-served-by: cache-ams21020-AMS
x-cache: MISS
x-cache-hits: 0
x-timer: S1601472328.385399,VS0,VE86
strict-transport-security: max-age=300
age: 0
content-length: 0

GET
H2 200 5db0a6c71b0bf608a1d431e2 Show response
app.launchdarkly.com/sdk/goals/ 2 B
214 B 107ms
107ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5db0a6c71b0bf608a1d431e2

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/vendor.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

X-LaunchDarkly-User-Agent: JSClient/2.18.1
Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:25:28 GMT
content-encoding: gzip
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: MISS
status: 200
access-control-max-age: 300
strict-transport-security: max-age=300
content-length: 26
x-served-by: cache-ams21020-AMS
access-control-allow-origin: *
x-timer: S1601472328.488776,VS0,VE92
etag: "d751713988987e9331980363e24189ce"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: OPTIONS, HEAD, GET
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits: 0

GET
H2 200 eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9 Show response
app.launchdarkly.com/sdk/evalx/5db0a6c71b0bf608a1d431e2/users/ 756 B
375 B 105ms
105ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5db0a6c71b0bf608a1d431e2/users/eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/vendor.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ca741f3d1bfbb974cab26ce17768a4ba0a1ea56555e8de9f6f78c27fad0ae2b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

X-LaunchDarkly-User-Agent: JSClient/2.18.1
Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:25:28 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding, Authorization
age: 0
x-cache: MISS
status: 200
access-control-max-age: 300
x-served-by: cache-ams21020-AMS
access-control-allow-origin: *
ld-region: us-east-1
x-timer: S1601472328.487363,VS0,VE90
etag: "196ca"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
500 B 34ms
14ms XHR
application/json 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Sep 2020 13:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://jh.staging-worklayer.com
access-control-expose-headers: content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
BLOB 200
OK 9e5af011-a5ef-4752-963b-b2b5b82773ee
https://jh.staging-worklayer.com/ 28 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://jh.staging-worklayer.com/9e5af011-a5ef-4752-963b-b2b5b82773ee
Requested by: Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f124a8528655147aa44cc0d9aa366705aa8fd737cbff8a0a725d4dbfc9ce52b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 28416
Content-Type: application/javascript

GET
H3-Q050 200 43e6878740ec832ee808e9490d74b7f7.mp3
storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/ 1 KB
2 KB 146ms
146ms Media
audio/mpeg 2a00:1450:4001:81b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/43e6878740ec832ee808e9490d74b7f7.mp3
Requested by: Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a4d3d6a473fd2f5d73cd6563520c136573b600d1423a3a5a718cd1393dae9f2d

Request headers

Referer: https://jh.staging-worklayer.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 30 Sep 2020 13:25:28 GMT
x-guploader-uploadid: ABg5-UzAyAdR3mNmr-2Sa1W8ST5emi0UTry-O1QiI32AqiHCCZw_joRHC6YBZ_95RBcS-d2DHoPWKVhjYY4xIkcqDR4OFwf4sA
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1460
last-modified: Mon, 28 Sep 2020 19:07:42 GMT
server: UploadServer
etag: "d5327099487df746f402c30466ae6e5b"
x-goog-hash: crc32c=ABaQAw==, md5=1TJwmUh990b0AsMEZq5uWw==
x-goog-generation: 1601320062585784
cache-control: public, max-age=172800
x-goog-stored-content-length: 1460
accept-ranges: bytes
content-type: audio/mpeg
expires: Fri, 02 Oct 2020 13:25:28 GMT

GET
H3-Q050 200 d7fc92a9c33ab6bfdc6498fdd84ca21c.mp3
storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/ 1 KB
2 KB 252ms
251ms Media
audio/mpeg 2a00:1450:4001:81b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/d7fc92a9c33ab6bfdc6498fdd84ca21c.mp3
Requested by: Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 13296f316f035197ec46c570d08b211a6ed894ada34dc954990b6f5b29131d43

Request headers

Referer: https://jh.staging-worklayer.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 30 Sep 2020 13:25:28 GMT
x-guploader-uploadid: ABg5-UwWxiIYGveMBE6S8oUcGYn2KO6_EUaom5TnHkIUDDqYhQenncRCXIjLozgwRXTGeglMAPMF8YFCMHdp5E5poLG5_tQu-Q
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1356
last-modified: Mon, 28 Sep 2020 19:07:42 GMT
server: UploadServer
etag: "6a7090c10c130bab16aaaec901064a60"
x-goog-hash: crc32c=rlSxEw==, md5=anCQwQwTC6sWqq7JAQZKYA==
x-goog-generation: 1601320062582053
cache-control: public, max-age=172800
x-goog-stored-content-length: 1356
accept-ranges: bytes
content-type: audio/mpeg
expires: Fri, 02 Oct 2020 13:25:28 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 1DA0 0
0 52ms
15ms Document
text/html 147.75.102.13
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1180126.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.13 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress3
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://jh.staging-worklayer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://jh.staging-worklayer.com/

Response headers

status: 200
date: Wed, 30 Sep 2020 13:25:28 GMT
content-type: text/html
content-length: 851
last-modified: Tue, 29 Sep 2020 17:52:10 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.046
section-origin-responded: true
age: 23079
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: a8cab1cdd15c85c40eaff7e41cccf24e

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=568810&time=1601472328345&url=https%3A%2F%2Fjh.staging-worklayer.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D568810%26time%3D1601472328345%26url%3Dhttps%253A%252F%252Fjh.staging-worklayer.co...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=568810&time=1601472328345&url=https%3A%2F%2Fjh.staging-worklayer.com%2F&liSync=true

0
41 B

173ms
173ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=568810&time=1601472328345&url=https%3A%2F%2Fjh.staging-worklayer.com%2F&liSync=true
Requested by: Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:25:28 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: ddX5GpmSORZwy7GelCsAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: 0rDQEZmSORaApeOO/ioAAA==
pragma: no-cache
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: AA393635A14F4532B2C499E9D8261D36 Ref B: FRAEDGE1519 Ref C: 2020-09-30T13:25:28Z
x-frame-options: sameorigin
date: Wed, 30 Sep 2020 13:25:27 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=568810&time=1601472328345&url=https%3A%2F%2Fjh.staging-worklayer.com%2F&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/938580557/ 42 B
107 B 20ms
19ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/938580557/?random=1601472328163&cv=9&fst=1601470800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9g1&sendb=1&frm=0&url=https%3A%2F%2Fjh.staging-worklayer.com%2F&tiba=Tax%20Pro%20From%20Home%20by%20Jackson%20Hewitt&async=1&fmt=3&is_vtc=1&random=594432075&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Sep 2020 13:25:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/938580557/ 42 B
107 B 20ms
20ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/938580557/?random=1601472328163&cv=9&fst=1601470800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9g1&sendb=1&frm=0&url=https%3A%2F%2Fjh.staging-worklayer.com%2F&tiba=Tax%20Pro%20From%20Home%20by%20Jackson%20Hewitt&async=1&fmt=3&is_vtc=1&random=594432075&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Sep 2020 13:25:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
74 B 14ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1731067116&t=pageview&_s=1&dl=https%3A%2F%2Fjh.staging-worklayer.com%2F&ul=en-us&de=UTF-8&dt=Tax%20Pro%20From%20Home%20by%20Jackson%20Hewitt&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEADQAQCAC~&jid=156407548&gjid=1934119226&cid=149006580.1601472328&tid=UA-65860030-1&_gid=428112098.1601472328&_r=1&gtm=2wg9g1TZ57NXB&z=394470976

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Sep 2020 13:25:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://jh.staging-worklayer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 84 KB
33 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-W4C2NBW&t=gtm3&cid=149006580.1601472328

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

feff09c32b088553672fd3b3438642df2feb5ab0f7ace6235a89b34acb35a5d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:25:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33241
x-xss-protection: 0
expires: Wed, 30 Sep 2020 13:25:28 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
94 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-65860030-1&cid=149006580.1601472328&jid=156407548&gjid=1934119226&_gid=428112098.1601472328&_u=aEBAAEACQAQCAC~&z=489453774

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 30 Sep 2020 13:25:28 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://jh.staging-worklayer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 11ebaacc-398c-433b-879d-dae63c8f35a7
https://jh.staging-worklayer.com/ 408 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://jh.staging-worklayer.com/11ebaacc-398c-433b-879d-dae63c8f35a7
Requested by: Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7f194c6eb560025d7cf42a2cb771976d2df2e692046ffe5b112fb8555ac2e52

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 417720

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1180126/ 178 B
321 B 103ms
39ms XHR
application/json 34.240.31.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1180126/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8c9f7a4fca3b8ef02840.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.31.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 30 Sep 2020 13:25:28 GMT
content-encoding: br
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
87 B 30ms
29ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-65860030-1&cid=149006580.1601472328&jid=156407548&_u=aEBAAEACQAQCAC~&z=765013896

Requested by

Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Sep 2020 13:25:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
87 B 31ms
30ms Image
image/gif 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-65860030-1&cid=149006580.1601472328&jid=156407548&_u=aEBAAEACQAQCAC~&z=765013896

Requested by

Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jh.staging-worklayer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Sep 2020 13:25:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 batch
api.segment.io/v1/ Frame 0
0 536ms
178ms Other 52.41.92.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/batch
Protocol: H2
Server: 52.41.92.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://jh.staging-worklayer.com
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Wed, 30 Sep 2020 13:25:29 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://jh.staging-worklayer.com
access-control-max-age: 604800
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 batch Show response
api.segment.io/v1/ 21 B
176 B 179ms
179ms XHR
application/json 52.41.92.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/batch
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/vendor.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.92.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Accept: application/json, text/plain, */*
Referer: https://jh.staging-worklayer.com/
Authorization: Basic OXNUOE5kR3BhR09tT0VpdzNpRVlPT0lqcXYxSDFON3c6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

status: 200
date: Wed, 30 Sep 2020 13:25:29 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://jh.staging-worklayer.com
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 authorize
taxfyle-staging.auth0.com/ Frame 4F4C 0
0 569ms
202ms Document
text/html 54.189.150.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://taxfyle-staging.auth0.com/authorize?client_id=JdncTDKTMeX0mHHN53wLYjvLz4Mf3VFs&audience=https%3A%2F%2Fapi.worklayer.com&redirect_uri=https%3A%2F%2Fjh.staging-worklayer.com&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=web_message&state=VGM3LmJOM2hLdXhwWldpOWg4ZjVadmJiOTNEVmdDZDB3M1dyUFIyeURoVg%3D%3D&nonce=LkFnb25rLWFwZDNXa002ZkFIak5vLmk0Vm1Ia2hoNVdGSUhmUjlaUDM3WQ%3D%3D&code_challenge=-5s__qI69OYhR1Mmn1UPbY4EDwnFaH3-H8eJaiwchXw&code_challenge_method=S256&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTIuMSJ9

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/vendor.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.189.150.4 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: taxfyle-staging.auth0.com
:scheme: https
:path: /authorize?client_id=JdncTDKTMeX0mHHN53wLYjvLz4Mf3VFs&audience=https%3A%2F%2Fapi.worklayer.com&redirect_uri=https%3A%2F%2Fjh.staging-worklayer.com&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=web_message&state=VGM3LmJOM2hLdXhwWldpOWg4ZjVadmJiOTNEVmdDZDB3M1dyUFIyeURoVg%3D%3D&nonce=LkFnb25rLWFwZDNXa002ZkFIak5vLmk0Vm1Ia2hoNVdGSUhmUjlaUDM3WQ%3D%3D&code_challenge=-5s__qI69OYhR1Mmn1UPbY4EDwnFaH3-H8eJaiwchXw&code_challenge_method=S256&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTIuMSJ9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://jh.staging-worklayer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://jh.staging-worklayer.com/

Response headers

status: 200
date: Wed, 30 Sep 2020 13:25:29 GMT
content-type: text/html;charset=UTF-8
server: nginx
vary: Accept-Encoding
ot-tracer-spanid: 40fb8e2b66935dae
ot-tracer-traceid: 2691f3ee7ce124ba
ot-tracer-sampled: true
ot-baggage-auth0-request-id: b257de1c53c6cb68081d6cc0
x-auth0-requestid: 7e3cd9584115518dcc1f
set-cookie: did=s%3Av0%3A6878b4f0-0320-11eb-81ad-376b689614d6.LiBffs4S4eT7RfZcBNbabjXEabmc4kkOaySa%2BN9j5Dw; Max-Age=31557600; Path=/; Expires=Thu, 30 Sep 2021 19:25:29 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A6878b4f0-0320-11eb-81ad-376b689614d6.LiBffs4S4eT7RfZcBNbabjXEabmc4kkOaySa%2BN9j5Dw; Max-Age=31557600; Path=/; Expires=Thu, 30 Sep 2021 19:25:29 GMT; HttpOnly; Secure
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1601472330
cache-control: no-cache, no-store
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip

POST
H2 202 event Show response
gw.oribi.io/ 0
413 B 185ms
184ms XHR
text/plain 54.213.165.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.oribi.io/event
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/vendor.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.165.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-165-90.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://jh.staging-worklayer.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 30 Sep 2020 13:25:29 GMT
status: 202
vary: Origin
content-type: text/plain
access-control-allow-origin: https://jh.staging-worklayer.com
access-control-allow-credentials: true
content-length: 0
x-application-context: application

GET
H3-Q050 200 login.css
storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/ 6 KB
2 KB 138ms
137ms Stylesheet
text/css 2a00:1450:4001:81b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/login.css
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/app.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4f86ff256a006e9e1d33f377306235cd5431a2d901bdd47abd150b6e7149afc6

Request headers

Referer: https://jh.staging-worklayer.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:25:29 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABg5-Uwn-3BEpY3mfjf5MJZE-I16VkVGGViF7iR9IpeWL8BgtSkUvcFafmxuB2zDiPck-495qLfleeXrbcL1MSogDhc
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1566
last-modified: Mon, 28 Sep 2020 19:07:42 GMT
server: UploadServer
etag: "5de8947950494e1fae434f28f23854a2"
vary: Accept-Encoding
x-goog-hash: crc32c=6VPJcA==, md5=XeiUeVBJTh+uQ08o8jhUog==
x-goog-generation: 1601320062608426
cache-control: public, max-age=172800
x-goog-stored-content-length: 1566
accept-ranges: bytes
content-type: text/css
expires: Fri, 02 Oct 2020 13:25:29 GMT

GET
H3-Q050 200 login.js Show response
storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/ 9 KB
4 KB 126ms
125ms Script
application/javascript 2a00:1450:4001:81b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/login.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/app.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3396d0ff81ac32ca4964252d8017897f06a0b8a0429774aac7a774494bb310d8

Request headers

Referer: https://jh.staging-worklayer.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:25:29 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABg5-Uyz40LzDxMn_nbrrRaVdjht3FJztyehFRMvLxeTc8EenLOnWDn0CJBVDo_JI66cJKqBncOJLU-rKdpyIIKyCVQ
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4245
last-modified: Mon, 28 Sep 2020 19:07:42 GMT
server: UploadServer
etag: "e77fd0fed35db57091d78bf6f3031dcb"
vary: Accept-Encoding
x-goog-hash: crc32c=R++SpQ==, md5=53/Q/tNdtXCR14v28wMdyw==
x-goog-generation: 1601320062741255
cache-control: public, max-age=172800
x-goog-stored-content-length: 4245
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 02 Oct 2020 13:25:29 GMT

OPTIONS
H/1.1 204
No Content 5db0a6c71b0bf608a1d431e2
events.launchdarkly.com/events/diagnostic/ Frame 0
0 299ms
99ms Other
application/json 18.233.176.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5db0a6c71b0bf608a1d431e2

Protocol

HTTP/1.1

Server

18.233.176.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent
Origin: https://jh.staging-worklayer.com
Sec-Fetch-Mode: cors

Response headers

Date: Wed, 30 Sep 2020 13:25:29 GMT
Content-Type: application/json
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date
Access-Control-Max-Age: 300
Strict-Transport-Security: max-age=300

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 399ms
101ms Script
application/javascript 18.232.28.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-6-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8

Request headers

Referer: https://jh.staging-worklayer.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Sep 2020 13:25:29 GMT
Content-Encoding: gzip
X-Pardot-Route: ea50fcd3dcf777490e1499615b883deb
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
Last-Modified: Fri, 13 Mar 2020 19:48:39 GMT
Server: PardotServer
ETag: "1442-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 1842
Expires: Fri, 30 Sep 2022 13:25:29 GMT

POST
H/1.1 202
Accepted 5db0a6c71b0bf608a1d431e2 Show response
events.launchdarkly.com/events/diagnostic/ 0
504 B 104ms
103ms XHR
application/json 18.233.176.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5db0a6c71b0bf608a1d431e2

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/vendor.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.233.176.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://jh.staging-worklayer.com/login
X-LaunchDarkly-User-Agent: JSClient/2.18.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 30 Sep 2020 13:25:29 GMT
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Content-Length: 0
Access-Control-Expose-Headers: Date

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1180126/ 178 B
320 B 39ms
39ms XHR
application/json 34.240.31.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1180126/visit-data?sv=7
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/vendor.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.31.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer: https://jh.staging-worklayer.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 30 Sep 2020 13:25:29 GMT
content-encoding: br
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H2 200 small_logo.png
assets.themuse.com/uploaded/companies/11695/ 18 KB
19 KB 759ms
741ms Image
image/png 2606:4700::6810:c12e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.themuse.com/uploaded/companies/11695/small_logo.png?v=fa0ffa402ee54f725184a219da7a16c1e2dbda2e35786584a06cc695beef35ed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c12e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa0ffa402ee54f725184a219da7a16c1e2dbda2e35786584a06cc695beef35ed

Request headers

Referer: https://jh.staging-worklayer.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:25:30 GMT
cf-cache-status: MISS
x-amz-request-id: 811DDEBF557A0072
cf-ray: 5dae452b1ac93244-FRA
status: 200
content-length: 18612
x-amz-id-2: cu0NOs7P2mPWiuEE3SfBsZtB4whFVnnxk4llxUe1t4xA35wmEcFlpjFUG3JJsXggVNeR+3F6pR0=
last-modified: Mon, 13 Aug 2018 19:19:00 GMT
server: cloudflare
etag: "9efce509c38db1b3473d365b38b35ad0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: DC.geyvyHVXqXZJ1aOc6oCJpEF91WEEA
cache-control: public, max-age=155520000
cf-request-id: 0580c98ef10000324437293200000001
accept-ranges: bytes
content-type: image/png
expires: Thu, 04 Sep 2025 13:25:30 GMT

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
43 B 25ms
25ms Image
image/gif 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-TZ57NXB&cv=59&v=3&t=t&pid=272023545&rv=9g1&es=1&e=*&eid=8&u=C&tc=38&z=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://jh.staging-worklayer.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Sep 2020 13:25:29 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 signup-graphic.svg
storage.googleapis.com/taxfyle-assets-public/taxfyle-workspace-assets/ 117 KB
118 KB 132ms
131ms Image
image/svg+xml 2a00:1450:4001:81b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/taxfyle-assets-public/taxfyle-workspace-assets/signup-graphic.svg
Requested by: Host: jh.staging-worklayer.com
URL: https://jh.staging-worklayer.com/login
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fae7e08e0d5cbe67ceaab52fbdd5aa574045c4c9557f5dac1237f5abb0c7a1a6

Request headers

Referer: https://jh.staging-worklayer.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:25:29 GMT
age: 0
x-guploader-uploadid: ABg5-UyE1Ks2_nrUWKTQLJCMKqLgucJre1rjm4TZtGdZvBO3pJD-9rPupPsZo7W3cOgfP9oVDJaU6x7aAQfbLMjExzQ
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120156
last-modified: Fri, 22 May 2020 15:28:27 GMT
server: UploadServer
etag: "7c57f0c8f2ad69ca7c9ac96739ea120e"
x-goog-hash: crc32c=GA9aVg==, md5=fFfwyPKtacp8mslnOeoSDg==
x-goog-generation: 1590161307698316
cache-control: public, max-age=3600
x-goog-stored-content-length: 120156
accept-ranges: bytes
content-type: image/svg+xml
expires: Wed, 30 Sep 2020 14:25:29 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v2/ 36 KB
36 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v2/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9bba27460b9836abf81fb74f66ce01b11aeebe183706bbc116ed2fdcb04433d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://jh.staging-worklayer.com
Referer: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 09:12:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:37:45 GMT
server: sffe
age: 187994
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36564
x-xss-protection: 0
expires: Tue, 28 Sep 2021 09:12:15 GMT

GET
H/1.0 200
OK analytics Show response
pi.pardot.com/ 1 KB
2 KB 337ms
336ms Script
text/javascript 18.232.28.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1605&account_id=604381&title=Tax%20Pro%20From%20Home%20by%20Jackson%20Hewitt&url=https%3A%2F%2Fjh.staging-worklayer.com%2Flogin&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-6-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 661ef89dfeb4f2b803c3f66e515a52ad22e71321fc81dfb8f9ae36a15fc20f2d

Request headers

Referer: https://jh.staging-worklayer.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Sep 2020 13:25:29 GMT
Content-Encoding: gzip
X-Pardot-Route: 13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
X-Pardot-Rsp: 16/73/217
Vary: Accept-Encoding,User-Agent
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 558
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
20 B 32ms
31ms Image
image/gif 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-TZ57NXB&cv=59&v=3&t=t&pid=272023545&rv=9g1&es=1&e=gtm.load&eid=10&u=C&tc=38&z=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://jh.staging-worklayer.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Sep 2020 13:25:29 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 204
No Content 5db0a6c71b0bf608a1d431e2
events.launchdarkly.com/events/bulk/ Frame 0
0 99ms
98ms Other
application/json 18.233.176.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5db0a6c71b0bf608a1d431e2

Protocol

HTTP/1.1

Server

18.233.176.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Origin: https://jh.staging-worklayer.com
Sec-Fetch-Mode: cors

Response headers

Date: Wed, 30 Sep 2020 13:25:31 GMT
Content-Type: application/json
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date
Access-Control-Max-Age: 300
Strict-Transport-Security: max-age=300

POST
H/1.1 202
Accepted 5db0a6c71b0bf608a1d431e2 Show response
events.launchdarkly.com/events/bulk/ 0
504 B 102ms
101ms XHR
application/json 18.233.176.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5db0a6c71b0bf608a1d431e2

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/vendor.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.233.176.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://jh.staging-worklayer.com/login
X-LaunchDarkly-Payload-ID: 69d2edc0-0320-11eb-a933-87c76a46d823
X-LaunchDarkly-Event-Schema: 3
X-LaunchDarkly-User-Agent: JSClient/2.18.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 30 Sep 2020 13:25:31 GMT
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Content-Length: 0
Access-Control-Expose-Headers: Date

POST
H2 201 i Show response
r.lr-ingest.io/ 109 B
947 B 289ms
263ms XHR
application/json 2606:4700:e0::ac40:6402
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-ingest.io/i?a=snksec%2Fcustomer-portal-staging&r=4-e9dac57c-2c15-44a3-822d-22539146e20f&t=2737c2bf-f660-447a-b32f-11512bb90566&ir=f&ht=f&s=0

Requested by

Host: cdn.lr-ingest.io
URL: https://cdn.lr-ingest.io/logger-1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6402 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

77f2937792b2ab29c3c863f1775f387e7cd722969e4331f2a3e8482c8ddf4b0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://jh.staging-worklayer.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:25:31 GMT
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
status: 201
content-length: 109
cf-request-id: 0580c997730000c2e0af8af200000001
server: cloudflare
etag: W/"6d-cxCbxObwDIZ94oBxpkzgY0+/jaY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601472332"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5dae4538b897c2e0-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret

POST
H2 200 i Show response
r.lr-ingest.io/ 0
313 B 235ms
235ms XHR
application/json 2606:4700:e0::ac40:6402
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-ingest.io/i?a=snksec%2Fcustomer-portal-staging&r=4-e9dac57c-2c15-44a3-822d-22539146e20f&t=2737c2bf-f660-447a-b32f-11512bb90566&ir=t&ht=f&s=0&u=6364f049-ac7c-4dff-be72-22abf474f74c

Requested by

Host: cdn.lr-ingest.io
URL: https://cdn.lr-ingest.io/logger-1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6402 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://jh.staging-worklayer.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 13:25:35 GMT
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
status: 200
content-length: 0
cf-request-id: 0580c9a4370000c2e0af973200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601472335"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5dae454d2b0ac2e0-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
jh.staging-worklayer.com/	1970-01-19 12:52:38	Name: _lr_hb_-snksec%2Fcustomer-portal-staging Value: {%22heartbeat%22:1601472328588}
jh.staging-worklayer.com/	1970-01-19 12:52:38	Name: _lr_tabs_-snksec%2Fcustomer-portal-staging Value: {%22sessionID%22:0%2C%22recordingID%22:%224-e9dac57c-2c15-44a3-822d-22539146e20f%22%2C%22lastActivity%22:1601472328588}
jh.staging-worklayer.com/	1970-01-19 12:51:12	Name: _hjIncludedInPageviewSample Value: 1
.staging-worklayer.com/	1970-01-20 06:22:24	Name: _ga Value: GA1.2.149006580.1601472328
.staging-worklayer.com/	1970-01-19 12:52:38	Name: _gid Value: GA1.2.428112098.1601472328
.staging-worklayer.com/	1970-01-19 12:51:15	Name: AMP_TOKEN Value: %24NOT_FOUND
.staging-worklayer.com/	1970-01-19 21:36:48	Name: _hjid Value: 9c9cf416-23e4-4276-a539-f150942a1715
.staging-worklayer.com/	1970-01-19 15:00:48	Name: _gcl_au Value: 1.1.449074869.1601472328
.staging-worklayer.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
jh.staging-worklayer.com/	1969-12-31 23:59:59	Name: _lr_uf_-snksec Value: ad9d6a2c-f85b-4164-a3fb-91fa0fe8f1c3
.staging-worklayer.com/	1970-01-19 12:51:19	Name: oribi_session Value: 9df9ca22-4f09-a936-e86b-a7945c14f7cc
.staging-worklayer.com/	1970-01-19 12:51:14	Name: _hjAbsoluteSessionInProgress Value: 0
.staging-worklayer.com/	1970-01-19 21:36:48	Name: oribi_user_guid Value: d3112ab5-e1ba-6a30-04e1-afc033f66853
.staging-worklayer.com/	1970-01-19 13:14:36	Name: _uetvid Value: 75ba8ca22d2ac8029db34d7bd5afc4bc
taxfyle-staging.auth0.com/	1970-01-19 21:37:09	Name: did Value: s%3Av0%3A6878b4f0-0320-11eb-81ad-376b689614d6.LiBffs4S4eT7RfZcBNbabjXEabmc4kkOaySa%2BN9j5Dw
.staging-worklayer.com/	1970-01-19 12:51:12	Name: _gat_UA-65860030-1 Value: 1
.staging-worklayer.com/	1970-01-19 12:52:38	Name: _uetsid Value: fa90da058dbb7bc9cf7274080984b402

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/vendor.js(Line 132) Message: "default export" is deprecated, please use "named LDClient export"
console-api	error	URL: https://storage.googleapis.com/taxfyle-assets-public/customer-portal/3.0.256-feature-DEV-3862/vendor.js(Line 99) Message: Error checking authentication: Error: Login required

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ampcid.google.com
ampcid.google.de
api.segment.io
app.launchdarkly.com
assets.themuse.com
bat.bing.com
cdn.lr-ingest.io
cdn.oribi.io
cdn.polyfill.io
cdn.segment.com
checkout.stripe.com
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gw.oribi.io
in.hotjar.com
jh.staging-worklayer.com
maxcdn.bootstrapcdn.com
pi.pardot.com
px.ads.linkedin.com
r.lr-ingest.io
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
storage.googleapis.com
taxfyle-staging.auth0.com
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
143.204.99.83
147.75.102.13
147.75.33.131
147.75.80.95
151.101.112.176
151.101.194.217
172.217.16.194
18.232.28.189
18.233.176.127
2001:4de0:ac19::1:b:1b
2600:9000:21f3:c000:13:c079:7880:93a1
2606:4700::6810:c12e
2606:4700:e0::ac40:6402
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:802::200e
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:809::2008
2a00:1450:4001:817::200a
2a00:1450:4001:818::2003
2a00:1450:4001:819::2004
2a00:1450:4001:819::200e
2a00:1450:4001:81a::2008
2a00:1450:4001:81b::2010
2a00:1450:4001:820::200e
2a00:1450:4001:825::2003
2a00:1450:400c:c0c::9d
2a02:26f0:10c:58e::25ea
2a04:4e42:3::621
2a05:f500:11:101::b93f:9005
34.240.31.203
35.222.6.218
52.41.92.51
54.189.150.4
54.213.165.90
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13296f316f035197ec46c570d08b211a6ed894ada34dc954990b6f5b29131d43
164ea4fc6e8eb4b2c2d8359b479697885c72190656124fc163c00917e37ac61d
3396d0ff81ac32ca4964252d8017897f06a0b8a0429774aac7a774494bb310d8
39695a90778db77f2535efc3cba2794a9930aeaef149ed83a444124b067ed290
42db0ec829b31c78e2fd81cffcc7f4a48787ce4364b47ab1715048e39fd4aed1
49c1c191416354506ac7fdfc0a72b4225219761c34e33f2c33a1f3be91b41699
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f86ff256a006e9e1d33f377306235cd5431a2d901bdd47abd150b6e7149afc6
58c37db242ff853108e1540675ace742a02dc9b7bfbd38c567ae7a97e6832a7f
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
661ef89dfeb4f2b803c3f66e515a52ad22e71321fc81dfb8f9ae36a15fc20f2d
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
77f2937792b2ab29c3c863f1775f387e7cd722969e4331f2a3e8482c8ddf4b0a
7b704847c980231dda8924a6f0f5e820e43a388400a3101292239e02ebdcf771
7e7eeb692a7dcfef1ad0f563e530ad4a3d9aaaf5f3a5cd7bdf825a3ba07b3db7
81d4a50e1751feb179b7ceaf6c5850f4481c07d44abff36192c27fbdff7d7232
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
a4d3d6a473fd2f5d73cd6563520c136573b600d1423a3a5a718cd1393dae9f2d
a7f194c6eb560025d7cf42a2cb771976d2df2e692046ffe5b112fb8555ac2e52
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
c727be3b5698d432f6d2ba6af4c7af21570c0f65df6704e03035eb950dce6590
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca741f3d1bfbb974cab26ce17768a4ba0a1ea56555e8de9f6f78c27fad0ae2b4
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
ce2f21031c7967ee814084ad77a35ad2d51c51207c072d2d5a48c7957ccd3b2c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e819a94846634dbdeb4b5c9b045eafc80f62549c246b2e44e8f498355ed63524
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f124a8528655147aa44cc0d9aa366705aa8fd737cbff8a0a725d4dbfc9ce52b4
f43ed67b5dbe01a3b359d5af3077afe6543a88bc32088c322171335e09b39e76
f9bba27460b9836abf81fb74f66ce01b11aeebe183706bbc116ed2fdcb04433d
fa0ffa402ee54f725184a219da7a16c1e2dbda2e35786584a06cc695beef35ed
fae7e08e0d5cbe67ceaab52fbdd5aa574045c4c9557f5dac1237f5abb0c7a1a6
fb975e45de3945f42ecf04215d9f598ecbba3caa982cb353171cc96b6654ffba
feff09c32b088553672fd3b3438642df2feb5ab0f7ace6235a89b34acb35a5d2

jh.staging-worklayer.com Open in urlscan Pro 35.222.6.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

66 Requests

97 %HTTPS

61 %IPv6

24 Domains

35 Subdomains

36 IPs

7 Countries

1663 kBTransfer

6744 kBSize

17 Cookies

0 Outgoing links

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

jh.staging-worklayer.com Open in urlscan Pro
35.222.6.218 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

97 %
HTTPS

61 %
IPv6

24
Domains

35
Subdomains

36
IPs

7
Countries

1663 kB
Transfer

6744 kB
Size

17
Cookies

66 HTTP transactions
0 data transactions