urlscan.io logo urlscan.io
SecurityTrails logo

www.hrandpayroll.com Open in urlscan Pro
2606:4700::6812:2ac  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.cpeclubs1.srv1.senderexpert.com/21ao22e/4d28v2bej24d/6e9q417.html
Effective URL: https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
Submission: On July 19 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 15 domains to perform 87 HTTP transactions. The main IP is 2606:4700::6812:2ac, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hrandpayroll.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 31st 2022. Valid for: a year.
This is the only time www.hrandpayroll.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    107.181.162.98 (United States)

ASN46562 (PERFORMIVE, US)
PTR: cpeclubs1.srv1.senderexpert.com
www.cpeclubs1.srv1.senderexpert.com
10    2606:4700::6812:2ac (United States)

ASN13335 (CLOUDFLARENET, US)
www.hrandpayroll.com
37    99.86.1.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-13.fra6.r.cloudfront.net
d36ai2hkxl16us.cloudfront.net
8    2a04:4e42:600::622 (United States)

ASN54113 (FASTLY, US)
fast.wistia.com
3    99.86.4.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-122.fra6.r.cloudfront.net
js.stripe.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2600:9000:206f:5a00:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
3    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
2    2600:9000:2057:2a00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    3.248.86.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-86-207.eu-west-1.compute.amazonaws.com
d.adroll.com
1    2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.25.10.74 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-10-74.us-west-2.compute.amazonaws.com
m.stripe.com
3    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    143.204.215.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-27.fra53.r.cloudfront.net
qisfh7zwi8.execute-api.us-east-1.amazonaws.com
1    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
embed-ssl.wistia.com
2    2.21.20.143 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-143.deploy.static.akamaitechnologies.com
embedwistia-a.akamaihd.net
1    54.225.146.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-146-152.compute-1.amazonaws.com
distillery.wistia.com
Apex Domain
Subdomains		 Transfer
37 cloudfront.net
d36ai2hkxl16us.cloudfront.net
1 MB
10 wistia.com
fast.wistia.com — Cisco Umbrella Rank: 5592
embed-ssl.wistia.com — Cisco Umbrella Rank: 9889
distillery.wistia.com — Cisco Umbrella Rank: 8132
349 KB
10 hrandpayroll.com
www.hrandpayroll.com
26 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2072
q.stripe.com — Cisco Umbrella Rank: 15477
m.stripe.com — Cisco Umbrella Rank: 1734
81 KB
6 adroll.com
s.adroll.com — Cisco Umbrella Rank: 2518
d.adroll.com — Cisco Umbrella Rank: 1676
78 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
4 KB
3 gstatic.com
fonts.gstatic.com
76 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 69
21 KB
2 akamaihd.net
embedwistia-a.akamaihd.net — Cisco Umbrella Rank: 17631
778 KB
2 amazonaws.com
qisfh7zwi8.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 117804
778 B
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2241
16 KB
2 senderexpert.com
www.cpeclubs1.srv1.senderexpert.com
734 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 138
443 B
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 164
89 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 81
1 KB
87 15
Domain Requested by
37 d36ai2hkxl16us.cloudfront.net www.hrandpayroll.com
d36ai2hkxl16us.cloudfront.net
10 www.hrandpayroll.com 1 redirects www.cpeclubs1.srv1.senderexpert.com
www.hrandpayroll.com
d36ai2hkxl16us.cloudfront.net
8 fast.wistia.com www.hrandpayroll.com
fast.wistia.com
5 s.adroll.com 1 redirects www.hrandpayroll.com
s.adroll.com
3 www.facebook.com connect.facebook.net
3 fonts.gstatic.com fonts.googleapis.com
3 q.stripe.com www.cpeclubs1.srv1.senderexpert.com
3 www.google-analytics.com www.hrandpayroll.com
www.google-analytics.com
3 js.stripe.com www.hrandpayroll.com
js.stripe.com
2 embedwistia-a.akamaihd.net fast.wistia.com
2 qisfh7zwi8.execute-api.us-east-1.amazonaws.com d36ai2hkxl16us.cloudfront.net
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.cpeclubs1.srv1.senderexpert.com 1 redirects
1 distillery.wistia.com fast.wistia.com
1 embed-ssl.wistia.com
1 m.stripe.com m.stripe.network
1 stats.g.doubleclick.net www.google-analytics.com
1 d.adroll.com s.adroll.com
1 connect.facebook.net www.hrandpayroll.com
1 fonts.googleapis.com www.hrandpayroll.com
87 20
Subject Issuer Validity Valid
cpeclubs1.srv1.senderexpert.com
R3		 2022-07-16 -
2022-10-14		 3 months crt.sh
www.hrandpayroll.com
Cloudflare Inc ECC CA-3		 2022-03-31 -
2023-03-30		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-05-20 -
2022-09-25		 4 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-28 -
2022-07-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
s.adroll.com
Amazon		 2022-07-03 -
2023-08-01		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-25 -
2022-09-08		 4 months crt.sh
adroll.mgr.consensu.org
Amazon		 2021-09-09 -
2022-10-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-11 -
2022-10-19		 3 months crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon		 2022-01-06 -
2023-02-04		 a year crt.sh
embed-ssl.wistia.com
R3		 2022-05-21 -
2022-08-19		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.wistia.com
Amazon		 2022-03-02 -
2023-03-31		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
Frame ID: 65E678F81AEB03259865481E48141566
Requests: 75 HTTP requests in this frame

Frame: https://d36ai2hkxl16us.cloudfront.net/ti-embed-widget/v2/dist/widget-89fc846a.html
Frame ID: 82107745803209BF84D78B6742DFB5E5
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-b264dce0f6b368bd152098cad6b3c755.html
Frame ID: 9F4BDAD3195E81ED69A2A2C64DE5A8ED
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 58C3EC6AA47A3028B15995969FEBB19A
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

An Employer’s Guide to Multi-State Employment Tax Issues - HR and Payroll Academy

Page URL History Show full URLs

  1. http://www.cpeclubs1.srv1.senderexpert.com/21ao22e/4d28v2bej24d/6e9q417.html HTTP 301
    https://www.cpeclubs1.srv1.senderexpert.com/21ao22e/4d28v2bej24d/6e9q417.html Page URL
  2. https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues?utm_source=M... HTTP 301
    https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

87
Requests

99 %
HTTPS

50 %
IPv6

15
Domains

20
Subdomains

21
IPs

4
Countries

2592 kB
Transfer

8729 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.cpeclubs1.srv1.senderexpert.com/21ao22e/4d28v2bej24d/6e9q417.html HTTP 301
    https://www.cpeclubs1.srv1.senderexpert.com/21ao22e/4d28v2bej24d/6e9q417.html Page URL
  2. https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues?utm_source=MaxMail_071222&utm_medium=email&utm_content=MSE HTTP 301
    https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.cpeclubs1.srv1.senderexpert.com/21ao22e/4d28v2bej24d/6e9q417.html HTTP 301
  • https://www.cpeclubs1.srv1.senderexpert.com/21ao22e/4d28v2bej24d/6e9q417.html
Request Chain 48
  • https://s.adroll.com/j/exp/QMAWFZCIVFCUTEXCXINWCM/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js

87 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
6e9q417.html
www.cpeclubs1.srv1.senderexpert.com/21ao22e/4d28v2bej24d/
Redirect Chain
  • http://www.cpeclubs1.srv1.senderexpert.com/21ao22e/4d28v2bej24d/6e9q417.html
  • https://www.cpeclubs1.srv1.senderexpert.com/21ao22e/4d28v2bej24d/6e9q417.html
247 B
436 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cpeclubs1.srv1.senderexpert.com/21ao22e/4d28v2bej24d/6e9q417.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.181.162.98 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
cpeclubs1.srv1.senderexpert.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
247
Content-Type
text/html; charset=UTF-8
Date
Tue, 19 Jul 2022 19:14:02 GMT
Keep-Alive
timeout=5, max=100
Server
Apache

Redirect headers

Connection
Keep-Alive
Content-Length
285
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 19 Jul 2022 19:14:01 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.cpeclubs1.srv1.senderexpert.com/21ao22e/4d28v2bej24d/6e9q417.html
Server
Apache
Primary Request an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
www.hrandpayroll.com/courses/
Redirect Chain
  • https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues?utm_source=MaxMail_071222&utm_medium=email&utm_content=MSE
  • https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
62 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
Requested by
Host: www.cpeclubs1.srv1.senderexpert.com
URL: https://www.cpeclubs1.srv1.senderexpert.com/21ao22e/4d28v2bej24d/6e9q417.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2deac148b924c5083224e7c2ba6a53250c2b2db13f4992593a42a1df13e4b2e0
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cpeclubs1.srv1.senderexpert.com/21ao22e/4d28v2bej24d/6e9q417.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
72d5c72e1c7b92b9-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
csrftoken
4T54Gemb-x_TeLvDtb3yo69uZX7vnA-3YEOk
date
Tue, 19 Jul 2022 19:14:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nonce
t305ryrv9tejlavxjtyfean9
server
cloudflare
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=Edge,chrome=1
x-xss-protection
1; mode=block

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
72d5c72acf1c92b9-FRA
content-type
text/html; charset=utf-8
csrftoken
4T54Gemb-x_TeLvDtb3yo69uZX7vnA-3YEOk
date
Tue, 19 Jul 2022 19:14:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
nonce
wo2z3c8a8b1m06s5ofz2d0sc
server
cloudflare
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=Edge,chrome=1
x-xss-protection
1; mode=block
6800-51627c447a22c37755a7.css
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		717 KB
116 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/6800-51627c447a22c37755a7.css
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a56b4ce1ea704f194ee4ff14784c9eb78a621b937a9fb2d7228b29d633947986

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 20:32:43 GMT
content-encoding
gzip
last-modified
Mon, 11 Jul 2022 20:21:12 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:a99a33d2996f0d2700cd0c9a005efdb2
age
600083
etag
W/"a99a33d2996f0d2700cd0c9a005efdb2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
ivimD6VUzSL5-lK57ZPbuUC9qVyQDnwYbVjSC_u7EbK7p1d-Hp_Q7g==
1412-6298661bc1aebf198616.css
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/1412-6298661bc1aebf198616.css
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cfe5d71da6ba913aa3a64ce3cae7f9ee611c2eb63b0addfb4433d9629b9d36bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:25:36 GMT
content-encoding
gzip
last-modified
Mon, 18 Jul 2022 15:18:08 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:7bc750e6ef3eab4677f22aa77b695a93
age
24510
etag
W/"7bc750e6ef3eab4677f22aa77b695a93"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
AMRIYuxaFHJSzVJmJ9T_LdzEgr0lKkJ7SvSrKuS1SzCEfCE1CennwA==
7f70b6a0-3ce8-4775-bc3e-c5befada0e1b--787fec0016--v2.css
www.hrandpayroll.com/appearance/company/ 		1 KB
832 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hrandpayroll.com/appearance/company/7f70b6a0-3ce8-4775-bc3e-c5befada0e1b--787fec0016--v2.css
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab234adc92ea337872db6e6d549047dfddddf61dba9e7f0730c16c0fe48c79fd
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 19:14:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
nonce
xmdqie9unhttqwxs6irhouj8
age
31711
csrftoken
XIL9fZ49-dI2du6XbE_833bPU9yYZfktopy0
cf-cache-status
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 19 Jul 2022 10:25:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
72d5c72f3e3392b9-FRA
expires
Wed, 19 Jul 2023 19:14:05 GMT
vendor.gulp.bundle.77916b16.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		1 MB
297 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.77916b16.js
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
155b4a07ae94dcdb24b5005d9a619928bb8e6ba15f69df4f7a4b824cfec25ac0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 03:50:20 GMT
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 17:32:01 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:77916b168ef0d5a13834a07897a7c5ba
age
2993026
etag
W/"77916b168ef0d5a13834a07897a7c5ba"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
jwI6AFuKJpqpiSGnZBVeSJzDNGprOip1LPasbLkYQnWBLgdzrHTQLA==
E-v1.js
fast.wistia.com/assets/external/ 		624 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
98f89d4b3d44aaf5829e7adb779f18a60ff068260e1a3593686892d1d66fbb34
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 19:14:05 GMT
content-encoding
br
vary
Accept-Encoding
age
1598
x-cache
HIT, HIT
content-length
115822
x-served-by
cache-iad-kjyo7100070-IAD, cache-hhn4028-HHN
access-control-allow-origin
*
x-browser-version
103
last-modified
Mon, 18 Jul 2022 18:11:29 GMT
x-timer
S1658258045.355556,VS0,VE0
etag
"62d5a251-1c46e"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 387
/
js.stripe.com/v3/ 		319 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ee72ec2aeaf4009aafbdd583f50b0b12919156aba4b5935a4574b2841c545bdb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
46
x-cache
Hit from cloudfront
date
Tue, 19 Jul 2022 19:13:20 GMT
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
last-modified
Tue, 19 Jul 2022 18:23:54 GMT
server
Cloudfront
etag
W/"3781334316fbc9452884ce0c9afad8b5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
x-amz-cf-id
Lnv2b1xs1hbK4ofF4XEr-Pqig7SYDuq74M8UF52v3QZBtVvDwTIEDw==
8923-3ebb3b4d8fa406b59ef3.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		352 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/8923-3ebb3b4d8fa406b59ef3.bundle.js
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbcb897448de5507a87b61a1516b4fcdc3a0bbc401fd5c1316cde087f148462b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 18:34:25 GMT
content-encoding
gzip
last-modified
Mon, 27 Jun 2022 14:31:05 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:4749a824373cd64cd40a21bf846038be
age
1211981
etag
W/"4749a824373cd64cd40a21bf846038be"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
HnnX64J4a_5hGCYmjw1MiHQMLX8PKyF6OOgfcDLLTx0kNPaZzoSteQ==
1412-df73cdfcd48d6b9e8bd4.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		102 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/1412-df73cdfcd48d6b9e8bd4.bundle.js
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b24b5d0312cc95f04b1c6175d126943adc16bfee3584ea11026193a7504e713

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 05:42:00 GMT
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jul 2021 17:52:57 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:dbf1d68f372ebb4fcf7a4e14e55ac43a
age
3418326
etag
"dbf1d68f372ebb4fcf7a4e14e55ac43a"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
102
x-amz-cf-id
646xdW4Gv9MfgOdHR4OQek_OcrMjbY_glE4IDU_fwHnXPhhjsjLzrw==
6800-86283bce0169430f3b05.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		354 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/6800-86283bce0169430f3b05.bundle.js
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef80e5a7692e225b3e4386957e881726d995d187c1c5d9a6ad6e1455aa720098

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:25:36 GMT
content-encoding
gzip
last-modified
Mon, 18 Jul 2022 14:37:37 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:f9837f4c758d51bd2d1703fc20f6f16f
age
24510
etag
W/"f9837f4c758d51bd2d1703fc20f6f16f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
qYilVFXO1Wg3lCHFVn8qUALwenBPgReI92S3_Mw4PFU69lBptC1HZg==
app-f3479487bab9ffa525d1.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f214ca51f9a1502fa787f6e0c3599ed528116adf6daed3499a45ebe43b8ff3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:25:36 GMT
content-encoding
gzip
last-modified
Mon, 18 Jul 2022 17:37:46 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:d8d42d954bf190a5ec15c15ab6b47799
age
24510
etag
W/"d8d42d954bf190a5ec15c15ab6b47799"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
ggiOADTXPwYMAvs2nmy08y-wOv0ccdWYUUfqwhHqUVVPTD9pO3b1lg==
ti-embed.production.umd.js
d36ai2hkxl16us.cloudfront.net/ti-embed-widget/v2/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/ti-embed-widget/v2/dist/ti-embed.production.umd.js
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c61e097c1bd5e9160581b703b01d5f890ccea5fffce2582eeb09e09be685b2bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 25 May 2022 21:04:00 GMT
content-encoding
gzip
last-modified
Tue, 20 Jul 2021 14:59:05 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:704431fb2cffec2ede920d03a73cef2f
age
4745406
etag
W/"704431fb2cffec2ede920d03a73cef2f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
lgF-ARqJR6-pWOPoIoEfrdAKiRxLiScIS_Q0TKoYI6uPQxO7cJRhtA==
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Bitter:300,400,700|Sintony:300,400,700|Inter:300,400,500,600
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/appearance/company/7f70b6a0-3ce8-4775-bc3e-c5befada0e1b--787fec0016--v2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
474e9e03a780582e116b08150451e2fbf0f416d6eb2a2a2b15a352c481d978c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 19:14:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 19 Jul 2022 19:14:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 Jul 2022 19:14:05 GMT
zazd71fdlwwp9ucucoac.jpg
d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/v1499701412/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/v1499701412/zazd71fdlwwp9ucucoac.jpg
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/appearance/company/7f70b6a0-3ce8-4775-bc3e-c5befada0e1b--787fec0016--v2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
Cloudinary /
Resource Hash
446eb45445ebc42055caeb49fc288b1e93498311bf7ef4673a9e2db57171409d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 17 May 2022 05:00:47 GMT
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
5494398
x-cache
Hit from cloudfront
content-length
44049
last-modified
Mon, 10 Jul 2017 15:43:33 GMT
server
Cloudinary
etag
"2777382f5229810b5d5f660b94b47485"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
y50Q9fSMPSH_JBhEUbC4qnHCj_O4UomKtBKvGq1UQ0r-4Off-ozPWw==
xfbml.customerchat.js
connect.facebook.net/en_US/sdk/ 		308 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
70f8b9ef21f8d505e1f65f014487eff0fb89d2587c693cfd3768b913e616f7bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ko563qJwSvaZJhdtonPbow==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 19 Jul 2022 19:31:51 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89890
x-fb-rlafr
0
x-fb-debug
qp6uGXMyXYNisjoGpJUajL4uFo0Q9/WtA17+jhT6bIII2a+4YhjV4tKk0uJlkGnWJqLcQAfdIfESDsF5i+3BmA==
x-fb-trip-id
686109401
x-fb-content-md5
f966f697a9c011b916a54e06b5213a71
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 19 Jul 2022 19:14:05 GMT
x-frame-options
DENY
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"044cea692db3bd4789e9050b0a95cc29"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
725
date
Tue, 19 Jul 2022 19:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 19 Jul 2022 21:02:00 GMT
widget-89fc846a.html
d36ai2hkxl16us.cloudfront.net/ti-embed-widget/v2/dist/ Frame 8210 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/ti-embed-widget/v2/dist/widget-89fc846a.html
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/ti-embed-widget/v2/dist/ti-embed.production.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
277c0920764518413acb9540e42586a79c5e31e4a2a3fe54ad835b49d4990450

Request headers

Referer
https://www.hrandpayroll.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3842997
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 05 Jun 2022 07:44:09 GMT
etag
W/"89fc846a71761e7294bf3e29be8def2b"
last-modified
Tue, 20 Jul 2021 12:29:19 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
x-amz-cf-id
H66b4ZwLMHSImHpZv0q0DWCLKGTC9u6gBPed-860tw-4T9eZiJcHxQ==
x-amz-cf-pop
FRA6-C1
x-amz-meta-s3cmd-attrs
md5:89fc846a71761e7294bf3e29be8def2b
x-cache
Hit from cloudfront
roundtrip.js
s.adroll.com/j/QMAWFZCIVFCUTEXCXINWCM/ 		63 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/QMAWFZCIVFCUTEXCXINWCM/roundtrip.js
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
69bbf450ff20e3ea364fdd147dee2326c93e59bdfb9c6aa3f71fc4cbfac6e52a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id
VQ6vIaQY90ysMD0fX6IZsNG4gk2SIWB7
Content-Encoding
gzip
Etag
W/"f65b2c0df7c68ba332497b0bc2fe1b89"
Age
411
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Jul 2022 03:11:42 GMT
Server
AmazonS3
Date
Tue, 19 Jul 2022 19:07:15 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
M4fzHRJDgED3jrj73kZsYGzw2epUFprUGfAsr3q3iETxhSuL8EQMzA==
m-outer-b264dce0f6b368bd152098cad6b3c755.html
js.stripe.com/v3/ Frame 9F4B 		240 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-b264dce0f6b368bd152098cad6b3c755.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
d5f0a30a2c5379450755929935a74d46cae420e9310098e66e6755e655b03ba5
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hrandpayroll.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1162
cache-control
max-age=31536000
content-length
240
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 19 Jul 2022 18:54:51 GMT
etag
"b264dce0f6b368bd152098cad6b3c755"
last-modified
Tue, 19 Jul 2022 17:52:48 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
x-amz-cf-id
eZpdrO-MTFCN0mI6VA3Kp34y4vZ5aVSjO44QvuASmXsM0aRS_8H9Kg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
5815-ffa3b58b63b7be037c8c.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/5815-ffa3b58b63b7be037c8c.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21c84abf8d30b7bfb1e6e6019b517278a1f63f16da0f5d7aa0a9c6d0da29c8f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 19:23:56 GMT
content-encoding
gzip
last-modified
Mon, 06 Jun 2022 13:29:34 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:f85024b47c1cb64779f741a5a684039e
age
3541810
etag
W/"f85024b47c1cb64779f741a5a684039e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
GFNXwcUG1KvxbLCZxcKz5Cp7KH2Elvo5ePzuWr3EQZJPQdbSYjm-Sw==
1372-03605f004d9c8472010f.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		19 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/1372-03605f004d9c8472010f.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e825048139cae8b7a54967ca69fc00a3de08745ffe105d5b4f1bca2dd0bc8071

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 19:23:56 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 19:13:37 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:6f82ea9e2e26ab501470276c200c0180
age
3541810
etag
W/"6f82ea9e2e26ab501470276c200c0180"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
8L_D9mejBxgUWNrpcK5jyAf15efcV3iBMQ_f5UgS8hq6re3mjzITuw==
1193-e91163b0c6e6b5167a37.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/1193-e91163b0c6e6b5167a37.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
236bf587c39454ce8e742d33a310dafc7addf3772a457213df1b89abaa81071a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 19:23:56 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 15:01:18 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:033a096902e42a84f43c83ef3206daf4
age
3541810
etag
W/"033a096902e42a84f43c83ef3206daf4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
Mn57qEWTQHHy7qDlBftK44RahcHneu_-I9XV1lC6Y7101n31jFUJhA==
8893-f5fba3d1eaabeea8fef6.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/8893-f5fba3d1eaabeea8fef6.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0f9b791cc7cfa7843c8bf6ee43177038d8359348df9946d262449a47f4c6caa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 00:38:38 GMT
content-encoding
gzip
last-modified
Mon, 06 Dec 2021 21:58:50 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:696819444087e38455744b5b991d49b7
age
3522928
etag
W/"696819444087e38455744b5b991d49b7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
mlGRE0LdPmOA9HkvN-R6x2qYSDO-rlkDCZSOdByOFFGqy01BJ6wV5A==
2603-5cca79099441a52dfb39.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/2603-5cca79099441a52dfb39.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb45b8c6611a5d9626c3f8107533e9efed7bf7e4ffca5eb592e9592279879564

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 19:23:57 GMT
content-encoding
gzip
last-modified
Mon, 06 Dec 2021 21:58:21 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:2ffbb11d337ac9a3337a6f0aee345f53
age
3541809
etag
W/"2ffbb11d337ac9a3337a6f0aee345f53"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
ZEs0hd7aEtJt174kTzwF1NmCjuBlShLkkcXOj7vjQkNnxjjvQPLQCg==
800-514352c8138736f36966.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		41 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/800-514352c8138736f36966.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f3f8bdf93d54564a383931a487d330f0d41f4ad0894dc1d4517b0c47b9a62fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 22:00:04 GMT
content-encoding
gzip
last-modified
Wed, 06 Jul 2022 16:52:33 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:8bdd11f8022e501b49180b48ca0a2459
age
422042
etag
W/"8bdd11f8022e501b49180b48ca0a2459"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
VtJB81gDHewKT6oXCilasOG131P5gLJf0lX3_Fr3lh-XgO5sGxC9rA==
729-e2523d398b51faa4a9ff.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		29 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/729-e2523d398b51faa4a9ff.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8367edfc920ec8f288c7739102b0e3a0046de822dbde230b44e3203db50580ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 01:13:20 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 22:30:32 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:29c823814cd7fad9c9ff6733b2c87acf
age
1533646
etag
W/"29c823814cd7fad9c9ff6733b2c87acf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
O7X9Xh0hOrefE0vfbJulpxFo4KFRtaLJzSSiGWH0Csz-GLQw1ArrDQ==
8282-9558a10c80906b9d27e4.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		89 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/8282-9558a10c80906b9d27e4.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2822743c90b9c8e54732ba7e89ed95ebccd906b079d4628bac55b05261c61471

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 22:17:10 GMT
content-encoding
gzip
last-modified
Fri, 03 Jun 2022 20:40:30 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:68c542f75a95ed556ab1efe0322971b2
age
1976216
etag
W/"68c542f75a95ed556ab1efe0322971b2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
vzSgGMWqLOFQLsUttyE3n6E1xcv8Zdnu7XT0DfQmsdE0SzesXt9zXQ==
4017-e455bbc0306c50b01863.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/4017-e455bbc0306c50b01863.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec296183ce6cf33a4a18bd53c3d7813799bf1119cfe641b78bc43589315fe256

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:41:55 GMT
content-encoding
gzip
last-modified
Mon, 21 Mar 2022 20:58:46 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:77ad2778cb8bf27380cf00766c148288
age
1423931
etag
W/"77ad2778cb8bf27380cf00766c148288"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
XaU1gWu6ynf7SuKfdT3Hki_yo5woK2h8iuuy9LuB2Dw2HKoKsG2dpg==
3889-f510b1d3654d742d840e.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		158 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/3889-f510b1d3654d742d840e.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23dfc8c09181898488ea85e9b4b9994b2f0a16ee038fa1daff11dbe99794b863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 00:38:38 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2022 21:07:46 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:8d040a9e829ddf7d9705ca74175fd608
age
3522928
etag
W/"8d040a9e829ddf7d9705ca74175fd608"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
nm1GdqAdUaM5rqBHB_AXI331sVwL0Jm_81nDnj3YN-IcpzLkRCHIIQ==
6263-12b4c725b8f95970568b.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		104 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/6263-12b4c725b8f95970568b.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ed977391dabf7fff63c13cba0156ddc26dc833c78463bfdaff3d579b2f256cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 19:23:58 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 17:06:42 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:97f7b4ed2439a5db131e3de74a892a1e
age
3541808
etag
W/"97f7b4ed2439a5db131e3de74a892a1e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
G2o2vWnR4DEKyaqPf8bDYBIMcp4CLP8zvRQiyEsvJv0TYxY9E15DcA==
1798-6b84fc8ed45c904208a7.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		31 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/1798-6b84fc8ed45c904208a7.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
565273e0db80a9ea1ca91be34562443e5765aa02085983c8cf3d4a4bb29b0305

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 19:18:22 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 17:22:25 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:abb2c51d38af97beada6978628baf288
age
3455744
etag
W/"abb2c51d38af97beada6978628baf288"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
GojHQNcbElyi6jDCW8hEcbsQwUcB6wgci2URMfvg5KV_FMOdmmh8lw==
7750-e365108e5c3825c128fb.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		84 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/7750-e365108e5c3825c128fb.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bbfb88be631e7b15d1d9ff9365a26981355886ede5cbdd5200cdeac8d063d2d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 09:15:59 GMT
content-encoding
gzip
last-modified
Mon, 06 Dec 2021 21:58:46 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:7c2450f6e564de15f091d44717759dc5
age
3405486
etag
W/"7c2450f6e564de15f091d44717759dc5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
ohWsC2PVxZ7JJGbRy6JFDtb-MfRCOhbTcvSNFQpGeHauVTRANqCIiQ==
8955-01e3e4367e91cffb56cd.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		50 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/8955-01e3e4367e91cffb56cd.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3986b6b8520f7271dd0518c630b6a205d9f7d17194f80059da359a1078a9f95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 19:23:58 GMT
content-encoding
gzip
last-modified
Mon, 06 Dec 2021 21:58:50 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:36a87bccda0ac71e75686e6ce628f2af
age
3541808
etag
W/"36a87bccda0ac71e75686e6ce628f2af"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
L4x1BXtQXB6h-TyaAOjyJsX8LyA5GiMVYKPiVmdtWOm3gd_mOyzcuA==
4097-af21a64864d1e25ada20.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		80 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/4097-af21a64864d1e25ada20.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94b3c16ca061d154bc8cb38bddc8f921ee2bb09243d83d713e49f82ce6c48de7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 04:59:38 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 19:13:53 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:688463d8ec816f022b92c93153639760
age
656068
etag
W/"688463d8ec816f022b92c93153639760"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
d3w8ARZ1eS8XbXq27czFSV0UdTljyMH-MjSBLv9JqiKLlZ5osV5ecw==
1988-3339eb3080262ed408ea.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		2 MB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/1988-3339eb3080262ed408ea.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d63bdf4cc27fcda10d211b40754e2d92d0d402d85f9c87d5fc93d8117047795

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:52:30 GMT
content-encoding
gzip
last-modified
Mon, 11 Jul 2022 17:07:41 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:39bb31924a03272e467a55e4686d2029
age
688895
etag
W/"39bb31924a03272e467a55e4686d2029"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
A_i6PB64FkeBMQXf3RtL70QUxsgmPRUFTdTxAT8ALA6yEAQ71-QBug==
2345-64635b3f085888711878.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/2345-64635b3f085888711878.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f72867d2c2e2298c5069864944d4cb075130aa365b8f3b64f76d086ac1814d25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 19:24:14 GMT
content-encoding
gzip
last-modified
Mon, 06 Dec 2021 21:58:20 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:efdf4fed70adbe50392a3dedcdc0e8de
age
3541792
etag
W/"efdf4fed70adbe50392a3dedcdc0e8de"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
4BxkkV7NnFTuok4XQgI62f2yXOXToNkratIwtunbbg4Uhc0rjNTUyg==
9564-6decf21673d7117024dc.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		47 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/9564-6decf21673d7117024dc.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
749b3b758612be39b9778f6e4c4d83f118af4b98d7270491c90a62b03ee5acc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 18:24:51 GMT
content-encoding
gzip
last-modified
Thu, 23 Jun 2022 20:09:52 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:00a3044be30bef4174de1ea80aefafb0
age
1817355
etag
W/"00a3044be30bef4174de1ea80aefafb0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
q5yT_sPdxjn9nvqAsz4VOYH6JBVWoFNfcWVS01yOceIDp6GcWw8j4g==
2178-565d2e70d728626c2858.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		43 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/2178-565d2e70d728626c2858.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a12ba73e4d905fccee9b43c611830bb08ef381bd502d4b85937b1b4a7ece99af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 22:00:11 GMT
content-encoding
gzip
last-modified
Wed, 06 Jul 2022 16:52:28 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:7c3103cf31952134cabcaa126e8eae11
age
422035
etag
W/"7c3103cf31952134cabcaa126e8eae11"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
m9T6zWvoJ-yQKb3hBN-Z_Timi1SnXspuT9JZWo8IL4bTheqV5nnDXQ==
7291-07e8b2af60408b826dc4.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		19 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/7291-07e8b2af60408b826dc4.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
902591f0113e29d03ca9445094e884f8eb3c88d38ec7c40db470b7c615ff047d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 05:55:54 GMT
content-encoding
gzip
last-modified
Mon, 06 Dec 2021 21:58:44 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:c864c061329f21b06749dc1c759d56d0
age
1948692
etag
W/"c864c061329f21b06749dc1c759d56d0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
gse8xMSXMuYUuC2gZdKrEPIvxwFy9uEQvanZR3u39oanMQFCPMErpA==
2775-10a8a23c781973983b93.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		20 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/2775-10a8a23c781973983b93.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9dcd31c74b47139425ad335c9f96c66f6d1f444778bdb3819b9cc6eee59d3431

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 06:07:43 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 22:06:37 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:cf40cbcaed50510427b8b3da4969896f
age
2034383
etag
W/"cf40cbcaed50510427b8b3da4969896f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
AGakNVc3wGQ2tXL2L5VmmS7GowU8e2U9_uPrRibzMC7NX8f3KCffoA==
4935-ea1685c3bcb4d10d80e4.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/4935-ea1685c3bcb4d10d80e4.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-f3479487bab9ffa525d1.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dcd1111104a8775eda44821f9ddc57f223b473bc0c0ed5f9683610c037f64087

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 06:33:13 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2022 21:07:48 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:e958526318de4bb014472b885bc3a071
age
3328853
etag
W/"e958526318de4bb014472b885bc3a071"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
bDGkJ-voGQmcr4yFJJvGOScPqf3KBVcEjTwp5WC0H7MtWhEzkT7BUA==
csp-report
q.stripe.com/ Frame 9F4B 		0
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.cpeclubs1.srv1.senderexpert.com
URL: https://www.cpeclubs1.srv1.senderexpert.com/21ao22e/4d28v2bej24d/6e9q417.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 19 Jul 2022 19:14:06 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
12
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 9F4B 		0
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.cpeclubs1.srv1.senderexpert.com
URL: https://www.cpeclubs1.srv1.senderexpert.com/21ao22e/4d28v2bej24d/6e9q417.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 19 Jul 2022 19:14:06 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
widget.b3de7138.js
d36ai2hkxl16us.cloudfront.net/ti-embed-widget/v2/dist/assets/ Frame 8210 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/ti-embed-widget/v2/dist/assets/widget.b3de7138.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/ti-embed-widget/v2/dist/widget-89fc846a.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39688d364d029dfe2019edc20068a4c558fcf02fcc63b52fd95fe69cd2fa347b

Request headers

Referer
https://d36ai2hkxl16us.cloudfront.net/ti-embed-widget/v2/dist/widget-89fc846a.html
Origin
https://d36ai2hkxl16us.cloudfront.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 30 May 2022 00:26:30 GMT
content-encoding
gzip
age
4387656
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 20 Jul 2021 12:29:17 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:8498f419dd38cb514332e6b6eb015b19
etag
W/"8498f419dd38cb514332e6b6eb015b19"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
SmNjZFkndZ8sBQw17pKyEZa0eqm-6uLcUshrJZCnCu2kTpr7-5W5Ug==
vendor.25768e58.js
d36ai2hkxl16us.cloudfront.net/ti-embed-widget/v2/dist/assets/ Frame 8210 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/ti-embed-widget/v2/dist/assets/vendor.25768e58.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/ti-embed-widget/v2/dist/widget-89fc846a.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
584e2aaf6eab0a0bf6051e3e5932d66a7b53c9eb7446a4e315dfdfbd24b373ff

Request headers

Referer
https://d36ai2hkxl16us.cloudfront.net/ti-embed-widget/v2/dist/widget-89fc846a.html
Origin
https://d36ai2hkxl16us.cloudfront.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 03:01:56 GMT
content-encoding
gzip
age
490330
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 07 Jun 2021 15:12:37 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:d14f87105417f771c2b36a651b8b3a44
etag
W/"d14f87105417f771c2b36a651b8b3a44"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
yMNmE6tRfcdlhSqCc2OoSJw8dHKFQrOV4eA6dVVK98zzZBPgqxH6NQ==
widget.6ce431fa.css
d36ai2hkxl16us.cloudfront.net/ti-embed-widget/v2/dist/assets/ Frame 8210 		1 KB
959 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/ti-embed-widget/v2/dist/assets/widget.6ce431fa.css
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/ti-embed-widget/v2/dist/widget-89fc846a.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
add5b52a045d79f41e18bab7b356873d8ee7f5c9f9792b7288773e0e60121d7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d36ai2hkxl16us.cloudfront.net/ti-embed-widget/v2/dist/widget-89fc846a.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 01:16:39 GMT
content-encoding
gzip
last-modified
Tue, 20 Jul 2021 12:29:18 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:e2c016d0dbfb0bc2b8cf95d0fbccfb37
age
3175047
etag
W/"e2c016d0dbfb0bc2b8cf95d0fbccfb37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
cmdO2MQMXDT4a0RoVgCmlQdeNEYlUbzZx_JunhVADfu_F4zWosSAMA==
m-outer-1f270b8fd2c2e3cf8410a1ea3ccb1934.js
js.stripe.com/v3/fingerprinted/js/ Frame 9F4B 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-1f270b8fd2c2e3cf8410a1ea3ccb1934.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-b264dce0f6b368bd152098cad6b3c755.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-b264dce0f6b368bd152098cad6b3c755.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
14
x-cache
Hit from cloudfront
date
Tue, 19 Jul 2022 19:13:54 GMT
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
last-modified
Tue, 19 Jul 2022 17:52:47 GMT
server
Cloudfront
etag
W/"77711798ecf99b8bb8207cf88a10d73c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
x-amz-cf-id
ZhTxJ43cYyAWrEcunWiviO8PZoacNgRZZ-r_4TlxDUkkcDeKaA2Kgg==
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 19:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
686
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 19 Jul 2022 20:02:39 GMT
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/QMAWFZCIVFCUTEXCXINWCM/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
Protocol
HTTP/1.1
Server
2600:9000:206f:5a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id
BTP2rshxaRFWPNdrItPYEau9DI6Y8oce
Via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
Etag
"5816cced8568d223aa09d889f300692b"
Age
38038
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
28
Last-Modified
Wed, 06 Jul 2022 18:15:57 GMT
Server
AmazonS3
Date
Tue, 19 Jul 2022 08:40:12 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
kGKjZf4jWr8hAg28fd4gFEHKW9zCD_VSL1GU8tN0ss3uZDzmlzMV5Q==

Redirect headers

Date
Tue, 19 Jul 2022 04:00:26 GMT
Via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
Age
54818
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
R6VioznD-LDV9WcHGrqptgm-W6ZtW3ZZOJtUUnsjIDy8bLuzVI_y2A==
inner.html
m.stripe.network/ Frame 58C3 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-1f270b8fd2c2e3cf8410a1ea3ccb1934.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
298
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 19 Jul 2022 19:09:08 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-id
y9pZmJ4v6rhuV9r7xScSjnz6bmXujiUI5kQUj1PPUdNtC9qfS9dDSA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 58C3 		0
344 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.cpeclubs1.srv1.senderexpert.com
URL: https://www.cpeclubs1.srv1.senderexpert.com/21ao22e/4d28v2bej24d/6e9q417.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 19:14:06 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
x-robots-tag
none
content-length
0
x-content-type-options
nosniff
expires
0
QMAWFZCIVFCUTEXCXINWCM
d.adroll.com/consent/check/ 		439 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/QMAWFZCIVFCUTEXCXINWCM?arrfrr=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fan-employers-guide-to-multi-state-employment-tax-issues-rec-2022&_s=5e3c082c954e126816f347618bd8d385&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/QMAWFZCIVFCUTEXCXINWCM/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.86.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-86-207.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
5467dce65d5fa7030dadbad5cbfb6dff1b43e334a49cdaa6fcc3466f15e12349

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 19:14:06 GMT
server
nginx/1.20.0
content-length
439
content-type
application/javascript
cart
www.hrandpayroll.com/orders/ 		37 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hrandpayroll.com/orders/cart
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.77916b16.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef7f208ee05b21c55a88213ab9fe90d3fa3a8fc6349b46bb576d31dc3150909c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
nonce
t305ryrv9tejlavxjtyfean9
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
authToken

Response headers

date
Tue, 19 Jul 2022 19:14:06 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
Accept-Encoding
content-length
37
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/json; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
72d5c7348efa92b9-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
7f70b6a0-3ce8-4775-bc3e-c5befada0e1b
www.hrandpayroll.com/learn/appearanceBlocks/ 		741 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hrandpayroll.com/learn/appearanceBlocks/7f70b6a0-3ce8-4775-bc3e-c5befada0e1b
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.77916b16.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8303421758d9720b4552cc702e378b97cca347f16236cf46bdbfb43e4a420ec
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
nonce
t305ryrv9tejlavxjtyfean9
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
authToken

Response headers

date
Tue, 19 Jul 2022 19:14:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
nonce
146wti62g8u497itlqdotn46
server
cloudflare
csrftoken
4T54Gemb-x_TeLvDtb3yo69uZX7vnA-3YEOk
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cf-cache-status
DYNAMIC
strict-transport-security
max-age=604800
cf-ray
72d5c7348f0292b9-FRA
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
a61ba6d5-8e84-458c-99d4-390ccdc78b46
www.hrandpayroll.com/learn/micrositeFooterBlocks/ 		320 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hrandpayroll.com/learn/micrositeFooterBlocks/a61ba6d5-8e84-458c-99d4-390ccdc78b46
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.77916b16.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee685f9d7cb5b597ec3e74bbff5f3dd31ab69cf9315ddcb9cdfe991b2da649f6
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
nonce
t305ryrv9tejlavxjtyfean9
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
authToken

Response headers

date
Tue, 19 Jul 2022 19:14:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
nonce
yaufal81z0hr44zwgpp2zr19
server
cloudflare
csrftoken
4T54Gemb-x_TeLvDtb3yo69uZX7vnA-3YEOk
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cf-cache-status
DYNAMIC
strict-transport-security
max-age=604800
cf-ray
72d5c7349f0892b9-FRA
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
288d778f-8c4f-42fe-8342-9ed9842f2da8
www.hrandpayroll.com/learn/micrositeHeaderBlocks/ 		704 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hrandpayroll.com/learn/micrositeHeaderBlocks/288d778f-8c4f-42fe-8342-9ed9842f2da8?
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.77916b16.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28e1e90c593f98d206628d3a7b392177ec249e422877abb7157834ad4c9a599e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
nonce
t305ryrv9tejlavxjtyfean9
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
authToken

Response headers

date
Tue, 19 Jul 2022 19:14:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
nonce
b18wada42ykrfyq1w0dinyw3
server
cloudflare
csrftoken
4T54Gemb-x_TeLvDtb3yo69uZX7vnA-3YEOk
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cf-cache-status
DYNAMIC
strict-transport-security
max-age=604800
cf-ray
72d5c7349f0b92b9-FRA
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
keep_alive
www.hrandpayroll.com/learn/ 		22 B
106 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hrandpayroll.com/learn/keep_alive
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.77916b16.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769d05e66129d07f000aaa2857f96cb208ceb8e9a65175430ee3e747bde97abd
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
nonce
t305ryrv9tejlavxjtyfean9
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
authToken

Response headers

date
Tue, 19 Jul 2022 19:14:06 GMT
x-content-type-options
nosniff
nonce
ybr4kyijsqh94suu1g5x5f26
server
cloudflare
csrftoken
4T54Gemb-x_TeLvDtb3yo69uZX7vnA-3YEOk
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cf-cache-status
DYNAMIC
strict-transport-security
max-age=604800
cf-ray
72d5c734bf5692b9-FRA
vary
Accept-Encoding
content-length
22
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
collect
stats.g.doubleclick.net/j/ 		1 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-186820055-1&cid=81111248.1658258046&jid=2144747107&gjid=1668491865&_gid=1624995734.1658258046&_u=KGBAgEIRAAAAAE~&z=711861869
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hrandpayroll.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 19 Jul 2022 19:14:06 GMT
content-type
text/plain
access-control-allow-origin
https://www.hrandpayroll.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1773436187&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fan-employers-guide-to-multi-state-employment-tax-issues-rec-2022&dr=https%3A%2F%2Fwww.cpeclubs1.srv1.senderexpert.com%2F&dp=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fan-employers-guide-to-multi-state-employment-tax-issues-rec-2022&ul=en-us&de=UTF-8&dt=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fan-employers-guide-to-multi-state-employment-tax-issues-rec-2022&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgEIR~&jid=2144747107&gjid=1668491865&cid=81111248.1658258046&tid=UA-186820055-1&_gid=1624995734.1658258046&z=92640740
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 03:50:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
55401
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
rax8HiqOu8IVPmn7f4xp.woff2
fonts.gstatic.com/s/bitter/v28/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bitter/v28/rax8HiqOu8IVPmn7f4xp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:300,400,700|Sintony:300,400,700|Inter:300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c470360f2548fb327562d8ce35185a96f59ab6daeb56c0d45ab712b63de848da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.hrandpayroll.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:16 GMT
x-content-type-options
nosniff
age
548750
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30896
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 18:46:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 10:48:16 GMT
out-4.5.42.js
m.stripe.network/ Frame 58C3 		86 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
age
81
date
Tue, 19 Jul 2022 19:12:52 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
DmNNk_5WGehfZRD4RBQVjwOjS_pMNglcQqBgwDusIQMTGUERxczNyg==
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
6
m.stripe.com/ Frame 58C3 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.10.74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-10-74.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b3087994f47c66723d65700afaafa03ce74e34498cff8aee4de4fedaa6beba3e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 19 Jul 2022 19:14:06 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
consent_tcfv2.js
s.adroll.com/j/ 		410 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/consent_tcfv2.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/QMAWFZCIVFCUTEXCXINWCM/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id
44sIT20LqRj70wQHqyIoOw7etYYdjkbK
Content-Encoding
gzip
Etag
W/"0a7d0ea8d7d31b07e925fe340acf431b"
Age
169
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
Last-Modified
Wed, 04 May 2022 19:41:48 GMT
Server
AmazonS3
Date
Tue, 19 Jul 2022 19:12:22 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
xopQyMU6By_ewZV30KWDCAnQevC3vcW2AguXxbnmPXGsC5T4vUFnDQ==
nextroll-32x32.png
s.adroll.com/i/favicon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id
eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
Etag
"403a0a7dcf2d617e7ea852bfb9d11945"
Age
72970
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1615
Last-Modified
Mon, 28 Jun 2021 18:19:21 GMT
Server
AmazonS3
Date
Tue, 19 Jul 2022 01:23:34 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
uJmQErkN4XMVlDzknb_wamleZRIp3yES1WO_LapqQJz7Z5YZY0wFSw==
/
www.facebook.com/plugins/customer_chat/SDK/ 		0
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2202d21746359c%26domain%3Dwww.hrandpayroll.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.hrandpayroll.com%252Ff26ba9637aed204%26relation%3Dparent.parent&current_url=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fan-employers-guide-to-multi-state-employment-tax-issues-rec-2022&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=83dc40c0-a4ad-4fa4-89a3-e5bd7ef267be&page_id=102735085197227&request_time=1658258046449&sdk=joey&suppress_http_code=1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.hrandpayroll.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
puIPiKf9YauzvdKqEySst4ygZJE+h+arwxdFy2eLEQ54SyymfrdBwX69bXh9zEZoLw6HQ9j7atFDvMq2KqA3WA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 19 Jul 2022 19:14:06 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.hrandpayroll.com
x-xss-protection
0
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/plugins/customer_chat/facade/ 		1 KB
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2202d21746359c%26domain%3Dwww.hrandpayroll.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.hrandpayroll.com%252Ff26ba9637aed204%26relation%3Dparent.parent&current_url=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fan-employers-guide-to-multi-state-employment-tax-issues-rec-2022&is_loaded_by_facade=true&locale=en_US&log_id=83dc40c0-a4ad-4fa4-89a3-e5bd7ef267be&page_id=102735085197227&request_time=1658258046449&sdk=joey&suppress_http_code=1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e4d1c023f59d599e8987a6572987efe4bb9c4057daa02282bbf0060854273a88
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.hrandpayroll.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
pragma
no-cache
x-fb-debug
Gz7bkqi7/JIsnxu60qhBt1PboPoLQHLvoiUG4BleOVliqAysWVzDf5Mpt7jvsPoOD/+mHJvjTrtPBu1Omub9tQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 19 Jul 2022 19:14:06 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hrandpayroll.com
vary
Accept-Encoding
cache-control
private, no-cache, no-store, must-revalidate
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/plugins/customer_chat/SDK/ 		0
31 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2202d21746359c%26domain%3Dwww.hrandpayroll.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.hrandpayroll.com%252Ff26ba9637aed204%26relation%3Dparent.parent&current_url=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fan-employers-guide-to-multi-state-employment-tax-issues-rec-2022&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=118&locale=en_US&log_id=83dc40c0-a4ad-4fa4-89a3-e5bd7ef267be&page_id=102735085197227&request_time=1658258046567&sdk=joey&suppress_http_code=1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.hrandpayroll.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
2zcersduwvHt8YSsMT99/Athh9xQjkTe5u5YDYrSybgg+PVbabbqVzPM5yOYOkhG1p3j8k1XJijfhkL/ObdaIA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 19 Jul 2022 19:14:06 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.hrandpayroll.com
x-xss-protection
0
cache-control
private, no-cache, no-store, must-revalidate
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
5llxd77gvkzi-HRPayrollLogoFINAL_pngfilecopy.png
d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/a_exif,c_lfill,h_150,dpr_2.0/v1/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/a_exif,c_lfill,h_150,dpr_2.0/v1/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/5llxd77gvkzi-HRPayrollLogoFINAL_pngfilecopy.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
Cloudinary /
Resource Hash
9d5cbdf75290ae029f8a68d1200a897133c3ea59884eb331d919b47978d8b1b8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 14:10:01 GMT
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2869445
x-cache
Hit from cloudfront
content-length
13847
last-modified
Sun, 06 Feb 2022 07:54:27 GMT
server
Cloudinary
etag
"ed74dadab5b6ce8f9720a8af8b812c90"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
3OCmFV245mLXfEwt_Mq3BEqrS1y2nyimdMPWLVy61GwyYlLihYMFpA==
graphql
www.hrandpayroll.com/ 		11 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.hrandpayroll.com/graphql
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/8923-3ebb3b4d8fa406b59ef3.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa45c1b62bcfe83949cc25386c6d54a4d1c92b97bb411fe2a0466dce6c267e64
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
nonce
b18wada42ykrfyq1w0dinyw3
authToken
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 19 Jul 2022 19:14:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
nonce
miczjd5s698aicbpxem67bx1
server
cloudflare
csrftoken
4T54Gemb-x_TeLvDtb3yo69uZX7vnA-3YEOk
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
cf-cache-status
DYNAMIC
strict-transport-security
max-age=604800
cf-ray
72d5c737ccfd92b9-FRA
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
views
qisfh7zwi8.execute-api.us-east-1.amazonaws.com/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://qisfh7zwi8.execute-api.us-east-1.amazonaws.com/latest/views
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-27.fra53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,nonce
Access-Control-Request-Method
POST
Origin
https://www.hrandpayroll.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Api-Version,X-CSRF-Token,Authentication,nonce,authToken
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-max-age
0
content-length
0
content-type
application/json
date
Tue, 19 Jul 2022 19:14:07 GMT
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
x-amz-apigw-id
Vh1T5Gn6oAMFV6g=
x-amz-cf-id
3cCPEeZlHq8-iV-nzE3okDqReJKDXd5tmmX8VUx9lPWXwK5SyHItoA==
x-amz-cf-pop
FRA53-C1
x-amzn-requestid
c9c36abc-e4d6-4c59-a41d-4814bc00e405
x-amzn-trace-id
Root=1-62d7027f-305180833ce85051558e9a2a;Sampled=0
x-cache
Miss from cloudfront
views
qisfh7zwi8.execute-api.us-east-1.amazonaws.com/latest/ 		224 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://qisfh7zwi8.execute-api.us-east-1.amazonaws.com/latest/views
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.77916b16.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-27.fra53.r.cloudfront.net
Software
/
Resource Hash
1f75c37f259a7eef3e17051710a35430acf75f90a9b1ddc30ba2f630f77120bc

Request headers

Accept
*/*
Referer
https://www.hrandpayroll.com/
nonce
b18wada42ykrfyq1w0dinyw3
accept-language
de-DE,de;q=0.9
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
authToken

Response headers

date
Tue, 19 Jul 2022 19:14:07 GMT
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amzn-requestid
2e2cd42d-855e-4d35-9874-742956faba0a
access-control-max-age
0
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62d7027f-22d944d47f50a74853e9e45a;Sampled=0
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-amz-apigw-id
Vh1T8GEAoAMFU6g=
content-length
224
x-amz-cf-id
KyBFvb8jxD5I0G_1XEHn9cVjmbys7CgA3QPzOqNryGl4QcTJg8XmZg==
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Api-Version,X-CSRF-Token,Authentication,nonce,authToken
XoHj2YDqR7-98cVUGYgIr9AJkw.woff2
fonts.gstatic.com/s/sintony/v13/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sintony/v13/XoHj2YDqR7-98cVUGYgIr9AJkw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:300,400,700|Sintony:300,400,700|Inter:300,400,500,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62d9677e1cab571817f6eba7b4049477a251e1321112e78595cff375409f32c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.hrandpayroll.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 23:36:56 GMT
x-content-type-options
nosniff
age
502630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8348
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:45:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 23:36:56 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:300,400,700|Sintony:300,400,700|Inter:300,400,500,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.hrandpayroll.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 16:54:37 GMT
x-content-type-options
nosniff
age
94769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 16:54:37 GMT
ti-icons-rev2.2.6.ttf
d36ai2hkxl16us.cloudfront.net/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d36ai2hkxl16us.cloudfront.net/fonts/ti-icons-rev2.2.6.ttf
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/6800-51627c447a22c37755a7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9377ac882a4e9b858aacee6d8451768b9d851a4aab5ac966ead2b1470f3b8e24

Request headers

Referer
https://d36ai2hkxl16us.cloudfront.net/v3/dist/6800-51627c447a22c37755a7.css
Origin
https://www.hrandpayroll.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:19:43 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
vary
Origin
age
712464
x-cache
Hit from cloudfront
content-length
66060
last-modified
Tue, 01 Dec 2020 00:22:43 GMT
server
AmazonS3
etag
"ce4a2dfa4b9fbe97aa8b16639b1c58e7"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT
x-amz-version-id
F4shChbtuwJP5Z37P_oK8MUpB6o8ptFI
access-control-allow-origin
*
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
binary/octet-stream
x-amz-cf-id
Ip4TMj61y2rWdVCmooCB2ivdxtm4nZTpCmPqK1uMZz95IKhC-i59DA==
nzquuhjc9w.json
fast.wistia.com/embed/medias/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/medias/nzquuhjc9w.json?callback=wistiajson1
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
85abe3eeb7544d74042b91cdd13906428405c4af0d5a749635cae5d00514fc8d
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 19:14:07 GMT
content-encoding
br
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
0
x-cache
HIT, HIT
p3p
CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length
1551
x-request-id
a3adcab750ec23196f3d673758fcf340
x-served-by
cache-iad-kjyo7100028-IAD, cache-hhn4028-HHN
x-runtime
0.071506
access-control-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
x-timer
S1658258047.936917,VS0,VE90
etag
W/"85abe3eeb7544d74042b91cdd1390642"
x-download-options
noopen
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
via
1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control
public, no-cache
x-browser
chrome
x-browser-version
103
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-player-privacy-mode
1
x-cache-hits
1, 1
wistia-mux.js
fast.wistia.com/assets/external/ 		127 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/wistia-mux.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
73460faf84573b2c35bfba8dd01a7579e06632decd9b78e96dba619cd42613f2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 19:14:06 GMT
content-encoding
br
vary
Accept-Encoding
age
1600
x-cache
HIT, HIT
content-length
32426
x-served-by
cache-iad-kjyo7100026-IAD, cache-hhn4028-HHN
access-control-allow-origin
*
x-browser-version
103
last-modified
Mon, 18 Jul 2022 18:11:29 GMT
x-timer
S1658258047.937038,VS0,VE0
etag
"62d5a251-7eaa"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 262
graphql
www.hrandpayroll.com/ 		131 B
239 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.hrandpayroll.com/graphql
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/8923-3ebb3b4d8fa406b59ef3.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c04be60df984e62aa4101fb513b643600ed37d5d1a9333db6b7e0ddf52547ac
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.hrandpayroll.com/courses/an-employers-guide-to-multi-state-employment-tax-issues-rec-2022
nonce
b18wada42ykrfyq1w0dinyw3
authToken
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 19 Jul 2022 19:14:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
nonce
48g2rsthfm8jdh88cfiyvhq2
server
cloudflare
csrftoken
4T54Gemb-x_TeLvDtb3yo69uZX7vnA-3YEOk
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
cf-cache-status
DYNAMIC
strict-transport-security
max-age=604800
cf-ray
72d5c739b88592b9-FRA
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
playPauseLoadingControl.js
fast.wistia.com/assets/external/ 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/playPauseLoadingControl.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
30718bfb492fe873505c2e6716a17ca5d9b964ba477c312a14c6b73fede6a161
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 19:14:07 GMT
content-encoding
br
vary
Accept-Encoding
age
1600
x-cache
HIT, HIT
content-length
15881
x-served-by
cache-iad-kiad7000141-IAD, cache-hhn4028-HHN
access-control-allow-origin
*
x-browser-version
103
last-modified
Mon, 18 Jul 2022 18:11:29 GMT
x-timer
S1658258047.049796,VS0,VE0
etag
"62d5a251-3e09"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 256
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Referer
Origin
https://www.hrandpayroll.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
30c05922822225b2356fb66f399e0141ff6728fe.webp
embed-ssl.wistia.com/deliveries/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed-ssl.wistia.com/deliveries/30c05922822225b2356fb66f399e0141ff6728fe.webp?image_crop_resized=1920x1080
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ac62036472faaf01a0fff57bbabb4fef459a49760ad68994a4a939fbdc152497

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 19:14:07 GMT
via
1.1 varnish, 1.1 varnish
age
467470
edge-cache-tag
30c05922822225b2356fb66f399e0141ff6728fe
access-control-request-method
*
x-cache-hits
1, 0
x-cache
HIT, MISS
content-length
69330
x-served-by
cache-iad-kcgs7200025-IAD, cache-hhn4021-HHN
last-modified
Thu, 14 Jul 2022 09:22:54 UTC
x-timer
S1658258047.142852,VS0,VE91
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/webp
access-control-allow-origin
*
content-disposition
inline
cache-control
max-age=31536000
accept-ranges
bytes
access-control-expose-headers
Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
hls_video.js
fast.wistia.com/assets/external/engines/ 		471 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/engines/hls_video.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0a9de140a4fb65ae94cc9f2f02c978431d049cf9f35a3737615d8b020f39000c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 19:14:07 GMT
content-encoding
br
vary
Accept-Encoding
age
2093
x-cache
HIT, HIT
content-length
111268
x-served-by
cache-iad-kiad7000171-IAD, cache-hhn4028-HHN
access-control-allow-origin
*
x-browser-version
103
last-modified
Mon, 18 Jul 2022 18:11:29 GMT
x-timer
S1658258047.294599,VS0,VE0
etag
"62d5a251-1b2a4"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
22, 93
nzquuhjc9w.m3u8
fast.wistia.com/embed/medias/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/medias/nzquuhjc9w.m3u8
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ea7c3f3b72edca239fdfe30682de0e792398dd55e931b21800477f1a8701adef
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 19:14:07 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
24325
x-cache
HIT, MISS
p3p
CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length
1065
x-request-id
106b88e08188d4363b6ae9a1a2d78c77
x-served-by
cache-iad-kiad7000160-IAD, cache-fra19132-FRA
x-runtime
0.026555
referrer-policy
strict-origin-when-cross-origin
x-timer
S1658258047.435889,VS0,VE103
etag
W/"ea7c3f3b72edca239fdfe30682de0e79"
x-download-options
noopen
strict-transport-security
max-age=0
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-browser-version
103
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-player-privacy-mode
1
x-cache-hits
1, 0
blank.gif
fast.wistia.com/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.wistia.com/assets/images/blank.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.hrandpayroll.com/
Origin
https://www.hrandpayroll.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 19:14:07 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
age
1600
x-cache
HIT, HIT
x-cache-hits
1, 61
content-length
1214
x-served-by
cache-iad-kcgs7200113-IAD, cache-fra19132-FRA
x-browser-version
103
last-modified
Tue, 19 Jul 2022 18:45:59 GMT
x-timer
S1658258047.435851,VS0,VE0
etag
"62d6fbe7-4be"
strict-transport-security
max-age=0
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
v2
embedwistia-a.akamaihd.net/deliveries/a8318526a0540b3affc51b5f777e9526556c748d.m3u8/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embedwistia-a.akamaihd.net/deliveries/a8318526a0540b3affc51b5f777e9526556c748d.m3u8/v2
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.21.20.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3f27c3bfa7266862c3424cdc623039cc73faa23d50c5d68033abbf72517998b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 19:14:07 GMT
Access-Control-Request-Method
*
surrogate-key
a8318526a0540b3affc51b5f777e9526556c748d-hls-segment a8ee986272912c6abaa46db5170162b457fb8132
Last-Modified
Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,Content-Length,Content-Range
Cache-Control
max-age=31427567
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1415
Expires
Tue, 18 Jul 2023 13:06:54 GMT
seg-1-v1-a1.ts
embedwistia-a.akamaihd.net/deliveries/a8318526a0540b3affc51b5f777e9526556c748d.m3u8/v2/ 		776 KB
776 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embedwistia-a.akamaihd.net/deliveries/a8318526a0540b3affc51b5f777e9526556c748d.m3u8/v2/seg-1-v1-a1.ts
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2.21.20.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cdbdbb157e061008d9078e6bba96fbc6be470a38226fec7b3c65519c723720f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 19:14:07 GMT
access-control-request-method
*
surrogate-key
a8318526a0540b3affc51b5f777e9526556c748d-hls-segment a8ee986272912c6abaa46db5170162b457fb8132
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range
cache-control
max-age=31424979
expires
Tue, 18 Jul 2023 12:23:46 GMT
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
794488
quic-version
Q050
x
distillery.wistia.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://distillery.wistia.com/x
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.146.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-146-152.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hrandpayroll.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 19 Jul 2022 19:14:07 GMT
cache-control
max-age=0, private, must-revalidate
allIntegrations.js
fast.wistia.com/assets/external/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/allIntegrations.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f4bff08eefad2499e70de194a62639e366424cc2b46d56d6bab3f2a0618e203c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 19:14:08 GMT
content-encoding
br
vary
Accept-Encoding
age
1601
x-cache
HIT, HIT
content-length
5601
x-served-by
cache-iad-kiad7000158-IAD, cache-hhn4028-HHN
access-control-allow-origin
*
x-browser-version
103
last-modified
Mon, 18 Jul 2022 18:11:29 GMT
x-timer
S1658258048.126816,VS0,VE0
etag
"62d5a251-15e1"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 85

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| chatbox function| fbAsyncInit string| GoogleAnalyticsObject function| ga string| audio5jsSwfPath object| EmberENV function| Flatpickr function| _flatpickr function| flatpickr undefined| CodeMirror function| jQuery function| toolbarFixedClass function| contextBarModule function| _extends function| _typeof object| Handlebars function| DateRange object| INTERVALS function| $ function| numeral object| Audio5js_flash function| Audio5js function| moment function| Sortable function| $R function| Redactor object| Foundation function| Idle object| LGTM object| CLDR function| picturefill function| Hammer object| Ember object| Em object| MetamorphENV object| DS object| ic object| EmberAudio function| StringParameterize object| __webpackStripeJSv3Jsonp function| Stripe object| Wistia string| _wistiaElemId object| _wq object| wistiaEmbeds string| stripePublishableKey object| CONF object| webpackChunk object| TI function| setImmediate function| clearImmediate object| __ROUTES function| setupAuthToken object| TiEmbedSettings function| __defProp function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __objRest object| TiEmbed string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| __adroll__ string| adroll_sid object| dataLayer object| __adroll function| __cmp function| __tcfapi boolean| adroll_sendrolling_cross_device object| adroll_form_fields function| adroll_tpc_callback object| __adroll_consent_data object| adroll_exp_list object| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| $jscomp string| BANNER_VERSION string| TCF_VERSION string| IABWRITE_NO_COOKIE object| __adroll_consent_banner object| __adroll_consent_prev_lastchild object| VIDEOS object| wistiajson1

11 Cookies

Domain/Path Name / Value
www.hrandpayroll.com/ Name: csrf-token
Value: 4T54Gemb-x_TeLvDtb3yo69uZX7vnA-3YEOk
www.hrandpayroll.com/ Name: csrf-token.sig
Value: w8TtMiUQj662BkbA2-1X8kwfmGs
www.hrandpayroll.com/ Name: visitId
Value: 0.9172476783132957
www.hrandpayroll.com/ Name: koa.sess
Value: eyJzZWNyZXQiOiJOMGNyR3pyUzItYkJ3OGRxUWt5RTB6YlciLCJfZXhwaXJlIjoxNjU4MzQ0NDQ0OTc3LCJfbWF4QWdlIjo4NjQwMDAwMH0=
www.hrandpayroll.com/ Name: koa.sess.sig
Value: Q-b25WtaZHN2-mIPKukEBORYBzo
.hrandpayroll.com/ Name: _ga
Value: GA1.2.81111248.1658258046
.hrandpayroll.com/ Name: _gid
Value: GA1.2.1624995734.1658258046
.hrandpayroll.com/ Name: _gat
Value: 1
m.stripe.com/ Name: m
Value: db666337-27f8-406b-9c34-c3724be54210afe240
.www.hrandpayroll.com/ Name: __stripe_mid
Value: e4338b2c-9516-4a60-92b4-e210a61daaa930ca2b
.www.hrandpayroll.com/ Name: __stripe_sid
Value: 10ecb6d3-eb62-4642-9e7e-6d48d32e648d306452

3 Console Messages

Source Level URL
Text
other warning URL: https://d36ai2hkxl16us.cloudfront.net/ti-embed-widget/v2/dist/ti-embed.production.umd.js
Message:
Unrecognized feature: 'speaker'.
other warning URL: https://d36ai2hkxl16us.cloudfront.net/ti-embed-widget/v2/dist/ti-embed.production.umd.js
Message:
Allow attribute will take precedence over 'allowfullscreen'.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
d.adroll.com
d36ai2hkxl16us.cloudfront.net
distillery.wistia.com
embed-ssl.wistia.com
embedwistia-a.akamaihd.net
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
qisfh7zwi8.execute-api.us-east-1.amazonaws.com
s.adroll.com
stats.g.doubleclick.net
www.cpeclubs1.srv1.senderexpert.com
www.facebook.com
www.google-analytics.com
www.hrandpayroll.com
107.181.162.98
143.204.215.27
151.101.2.133
2.21.20.143
2600:9000:2057:2a00:19:7d10:bd80:93a1
2600:9000:206f:5a00:6:9280:1080:93a1
2606:4700::6812:2ac
2a00:1450:4001:801::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::622
3.248.86.207
52.25.10.74
54.187.159.182
54.225.146.152
99.86.1.13
99.86.4.122
0a9de140a4fb65ae94cc9f2f02c978431d049cf9f35a3737615d8b020f39000c
0f214ca51f9a1502fa787f6e0c3599ed528116adf6daed3499a45ebe43b8ff3c
155b4a07ae94dcdb24b5005d9a619928bb8e6ba15f69df4f7a4b824cfec25ac0
1f75c37f259a7eef3e17051710a35430acf75f90a9b1ddc30ba2f630f77120bc
21c84abf8d30b7bfb1e6e6019b517278a1f63f16da0f5d7aa0a9c6d0da29c8f7
236bf587c39454ce8e742d33a310dafc7addf3772a457213df1b89abaa81071a
23dfc8c09181898488ea85e9b4b9994b2f0a16ee038fa1daff11dbe99794b863
277c0920764518413acb9540e42586a79c5e31e4a2a3fe54ad835b49d4990450
2822743c90b9c8e54732ba7e89ed95ebccd906b079d4628bac55b05261c61471
28e1e90c593f98d206628d3a7b392177ec249e422877abb7157834ad4c9a599e
2b24b5d0312cc95f04b1c6175d126943adc16bfee3584ea11026193a7504e713
2deac148b924c5083224e7c2ba6a53250c2b2db13f4992593a42a1df13e4b2e0
30718bfb492fe873505c2e6716a17ca5d9b964ba477c312a14c6b73fede6a161
39688d364d029dfe2019edc20068a4c558fcf02fcc63b52fd95fe69cd2fa347b
3f27c3bfa7266862c3424cdc623039cc73faa23d50c5d68033abbf72517998b0
446eb45445ebc42055caeb49fc288b1e93498311bf7ef4673a9e2db57171409d
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
474e9e03a780582e116b08150451e2fbf0f416d6eb2a2a2b15a352c481d978c5
4d63bdf4cc27fcda10d211b40754e2d92d0d402d85f9c87d5fc93d8117047795
5467dce65d5fa7030dadbad5cbfb6dff1b43e334a49cdaa6fcc3466f15e12349
565273e0db80a9ea1ca91be34562443e5765aa02085983c8cf3d4a4bb29b0305
584e2aaf6eab0a0bf6051e3e5932d66a7b53c9eb7446a4e315dfdfbd24b373ff
62d9677e1cab571817f6eba7b4049477a251e1321112e78595cff375409f32c2
69bbf450ff20e3ea364fdd147dee2326c93e59bdfb9c6aa3f71fc4cbfac6e52a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f3f8bdf93d54564a383931a487d330f0d41f4ad0894dc1d4517b0c47b9a62fb
70f8b9ef21f8d505e1f65f014487eff0fb89d2587c693cfd3768b913e616f7bf
73460faf84573b2c35bfba8dd01a7579e06632decd9b78e96dba619cd42613f2
749b3b758612be39b9778f6e4c4d83f118af4b98d7270491c90a62b03ee5acc1
769d05e66129d07f000aaa2857f96cb208ceb8e9a65175430ee3e747bde97abd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8367edfc920ec8f288c7739102b0e3a0046de822dbde230b44e3203db50580ef
85abe3eeb7544d74042b91cdd13906428405c4af0d5a749635cae5d00514fc8d
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
902591f0113e29d03ca9445094e884f8eb3c88d38ec7c40db470b7c615ff047d
91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b
9377ac882a4e9b858aacee6d8451768b9d851a4aab5ac966ead2b1470f3b8e24
94b3c16ca061d154bc8cb38bddc8f921ee2bb09243d83d713e49f82ce6c48de7
98f89d4b3d44aaf5829e7adb779f18a60ff068260e1a3593686892d1d66fbb34
9c04be60df984e62aa4101fb513b643600ed37d5d1a9333db6b7e0ddf52547ac
9d5cbdf75290ae029f8a68d1200a897133c3ea59884eb331d919b47978d8b1b8
9dcd31c74b47139425ad335c9f96c66f6d1f444778bdb3819b9cc6eee59d3431
9ed977391dabf7fff63c13cba0156ddc26dc833c78463bfdaff3d579b2f256cf
a12ba73e4d905fccee9b43c611830bb08ef381bd502d4b85937b1b4a7ece99af
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3986b6b8520f7271dd0518c630b6a205d9f7d17194f80059da359a1078a9f95
a56b4ce1ea704f194ee4ff14784c9eb78a621b937a9fb2d7228b29d633947986
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
aa45c1b62bcfe83949cc25386c6d54a4d1c92b97bb411fe2a0466dce6c267e64
ab234adc92ea337872db6e6d549047dfddddf61dba9e7f0730c16c0fe48c79fd
ac62036472faaf01a0fff57bbabb4fef459a49760ad68994a4a939fbdc152497
add5b52a045d79f41e18bab7b356873d8ee7f5c9f9792b7288773e0e60121d7c
b0f9b791cc7cfa7843c8bf6ee43177038d8359348df9946d262449a47f4c6caa
b3087994f47c66723d65700afaafa03ce74e34498cff8aee4de4fedaa6beba3e
bbfb88be631e7b15d1d9ff9365a26981355886ede5cbdd5200cdeac8d063d2d8
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
c470360f2548fb327562d8ce35185a96f59ab6daeb56c0d45ab712b63de848da
c61e097c1bd5e9160581b703b01d5f890ccea5fffce2582eeb09e09be685b2bd
cbcb897448de5507a87b61a1516b4fcdc3a0bbc401fd5c1316cde087f148462b
cdbdbb157e061008d9078e6bba96fbc6be470a38226fec7b3c65519c723720f5
cfe5d71da6ba913aa3a64ce3cae7f9ee611c2eb63b0addfb4433d9629b9d36bf
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
d5f0a30a2c5379450755929935a74d46cae420e9310098e66e6755e655b03ba5
dcd1111104a8775eda44821f9ddc57f223b473bc0c0ed5f9683610c037f64087
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d1c023f59d599e8987a6572987efe4bb9c4057daa02282bbf0060854273a88
e825048139cae8b7a54967ca69fc00a3de08745ffe105d5b4f1bca2dd0bc8071
ea7c3f3b72edca239fdfe30682de0e792398dd55e931b21800477f1a8701adef
eb45b8c6611a5d9626c3f8107533e9efed7bf7e4ffca5eb592e9592279879564
ec296183ce6cf33a4a18bd53c3d7813799bf1119cfe641b78bc43589315fe256
ee685f9d7cb5b597ec3e74bbff5f3dd31ab69cf9315ddcb9cdfe991b2da649f6
ee72ec2aeaf4009aafbdd583f50b0b12919156aba4b5935a4574b2841c545bdb
ef7f208ee05b21c55a88213ab9fe90d3fa3a8fc6349b46bb576d31dc3150909c
ef80e5a7692e225b3e4386957e881726d995d187c1c5d9a6ad6e1455aa720098
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f4bff08eefad2499e70de194a62639e366424cc2b46d56d6bab3f2a0618e203c
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f72867d2c2e2298c5069864944d4cb075130aa365b8f3b64f76d086ac1814d25
f8303421758d9720b4552cc702e378b97cca347f16236cf46bdbfb43e4a420ec
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf