online.adp.com Open in urlscan Pro
52.44.46.192 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tcs.adp.com/
Effective URL:
https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs...
Submission: On May 15 via api (May 15th 2024, 7:04:50 pm UTC) from US — Scanned from DE

Summary HTTP 83 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 4 domains to perform 83 HTTP transactions. The main IP is 52.44.46.192, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is online.adp.com. The Cisco Umbrella rank of the primary domain is 5963.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 6th 2023. Valid for: a year.

This is the only time online.adp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	170.146.93.133 170.146.93.133	14299 (ADP1) (ADP1)
21	52.44.46.192 52.44.46.192	14618 (AMAZON-AES) (AMAZON-AES)
31	2600:9000:275... 2600:9000:275d:b800:1e:d968:7dc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	107.162.179.174 107.162.179.174	55002 (DEFENSE-NET) (DEFENSE-NET)
16	91.235.134.25 91.235.134.25	30286 (THM) (THM)
1	34.36.213.229 34.36.213.229	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	34.107.204.85 34.107.204.85	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.238.93.48 34.238.93.48	14618 (AMAZON-AES) (AMAZON-AES)
1 3	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
83	10

2 170.146.93.133 (United States) 2 redirects

ASN14299 (ADP1, US)

tcs.adp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 52.44.46.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-46-192.compute-1.amazonaws.com

online.adp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2600:9000:275d:b800:1e:d968:7dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

synerg.adp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.162.179.174 (United States)

ASN55002 (DEFENSE-NET, US)

ponos.zeronaught.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 91.235.134.25 (United States)

ASN30286 (THM, US)

image.online.adp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.213.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.213.36.34.bc.googleusercontent.com

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.204.85 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 85.204.107.34.bc.googleusercontent.com

data.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.238.93.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-93-48.compute-1.amazonaws.com

dyn-msg-service.prod.adp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.235.132.130 (United States) 1 redirects

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

7dwbnfjpd366bbemi5ueczrgforf6kdi5tusofox5f24caccc1d0f2b4am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	adp.com 2 redirects tcs.adp.com — Cisco Umbrella Rank: 166489 online.adp.com — Cisco Umbrella Rank: 5963 synerg.adp.com — Cisco Umbrella Rank: 5947 image.online.adp.com — Cisco Umbrella Rank: 7790 dyn-msg-service.prod.adp.com — Cisco Umbrella Rank: 8080 Failed	1 MB
4	online-metrix.net 1 redirects h.online-metrix.net — Cisco Umbrella Rank: 2560 7dwbnfjpd366bbemi5ueczrgforf6kdi5tusofox5f24caccc1d0f2b4am1.e.aa.online-metrix.net	1 KB
4	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 761 data.pendo.io — Cisco Umbrella Rank: 773	152 KB
1	zeronaught.com ponos.zeronaught.com — Cisco Umbrella Rank: 4694	1 KB
83	4

	Domain	Requested by
31	synerg.adp.com	online.adp.com synerg.adp.com
21	online.adp.com	online.adp.com
16	image.online.adp.com	online.adp.com image.online.adp.com
3	h.online-metrix.net	1 redirects image.online.adp.com
3	data.pendo.io	cdn.pendo.io
2	dyn-msg-service.prod.adp.com	online.adp.com
2	tcs.adp.com	2 redirects
1	7dwbnfjpd366bbemi5ueczrgforf6kdi5tusofox5f24caccc1d0f2b4am1.e.aa.online-metrix.net
1	cdn.pendo.io	online.adp.com
1	ponos.zeronaught.com	online.adp.com
83	10

This site contains links to these domains. Also see Links.

Domain
www.adp.com

Subject Issuer	Validity	Valid
online.adp.com DigiCert SHA2 Extended Validation Server CA	`2023-08-06` - `2024-08-06`	a year	crt.sh
synerg.adp.com DigiCert SHA2 Extended Validation Server CA	`2023-09-20` - `2024-09-20`	a year	crt.sh
*.zeronaught.com Entrust Certification Authority - L1K	`2023-10-09` - `2024-11-09`	a year	crt.sh
image.online.adp.com DigiCert SHA2 Extended Validation Server CA	`2024-04-02` - `2025-04-24`	a year	crt.sh
cdn.pendo.io GTS CA 1D4	`2024-03-30` - `2024-06-28`	3 months	crt.sh
pendo.io GTS CA 1D4	`2024-03-27` - `2024-06-25`	3 months	crt.sh
dyn-msg-service.prod.adp.com DigiCert SHA2 Extended Validation Server CA	`2024-03-07` - `2025-03-07`	a year	crt.sh
online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2024-03-20` - `2024-10-21`	7 months	crt.sh
*.aa.online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2024-03-20` - `2024-10-21`	7 months	crt.sh

This page contains 6 frames:

Primary Page: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits
Frame ID: 7AB7ED8BED2CAB736D38B27235B091E8
Requests: 63 HTTP requests in this frame

Frame: https://image.online.adp.com/IuG5sxIDzRcWy9I2?900764987f1095c4=DS7zqrpegqCDz2I4kVcgqkMHueGGKZVjrxrHqSCuw-47e61tXUI1QrDOzfPwnIsjrI0BY7uEedv7NpGrAL158eiPXOMWDsiVJYk0MfjRAO25tTEHQJ2S0w1S-UihZc9JZIgJkRdge6KJKqTCo0Z4NXrKFtr8gUy7Ykb4z6NfuGDDWCpD_aSQqIwvVt11jynh&jb=35312e2e68736f753f57636e666f77712e627b673d5f696e64677f7b273230313326607360753d41607a6765652e6a7362354b60706f6d6527323a313034
Frame ID: 38CCEC7B3835674775B83738EE38FEC5
Requests: 11 HTTP requests in this frame

Frame: https://image.online.adp.com/0V0HxW-NaskWvIaO?e01a9ea941ab345f=28249MELzXcq4SleXai76xG3XiMGK4nrHad0E9gdku4ttAoBmNKEqdVE26iPflpexUlfO0DBgEp356OGF0MSKMgAveXgv4Pql8a0XfAZ_6Ws-OsEDXpQINXifUi0MgsogF_ta_3ezmM&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 83BCCC385DFC7671CDC5A2BC5322AE97
Requests: 3 HTTP requests in this frame

Frame: https://image.online.adp.com/Pjy-k2178cC49Gr2?8234a44af7df005f=9NvVVWFYAahCtzfOf4N8WNSqKoTTnOLTRtHLyS-UooMKXVNqWs-D9VguA5atKrh_Y6vRulFWLCA6z3C5euJvNY7i2bxYiZoMc_pFp9Kz9VvqAGSIpgQvJeqMGhyby9Kamaz107Dvh_fFzWCqEVQCAB4IQc7Y79aO-e0TCoQ9suLtG1FOVtxRSQebXRiNGtANrd0
Frame ID: A45107FE20B56B1E5D49772DA0881671
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/eRZrmvRdyXYba714?cc7bf983c8e8bf84=gu2L9wMOGA3k69fPqLSEGfqdBle82LgDuKSNsNbk9KoZK6pwSJlJGbWR99Tz6a7qyqTpPj48QeI3F0b0GaGLcOxQhY6lpOyoWiIgH7EiBt9MmRzViexneR5SjD_V2rW5ma98zxlrSCa_WrjlxH3x0JONuPc39vdaBwhbv5ZJCb5nb6bj2D1xso_BSHU1-wI_T1dY
Frame ID: 9B95A87CC962B9A8290253A161A9EB3A
Requests: 1 HTTP requests in this frame

Frame: https://image.online.adp.com/C7Cc1XlUTapV_X_E?894b34c0424ed197=IvjvnNci6ivMIVRCftrR1RAkCKVD6p_MJRyspe-gnu7Yr4Eq3tvcAnVF2LeohJKAU3_MIoo_MQH8A9uqY_nqcvJlaEYWYLkscw2H8ByRCvd2XrDN7WkyDqGb8AIkJnHcYWiftmymvt4khuSVOyScU1pcEBxCFdIV5xwIlSp020PkS14fzMWVGSAz8us5TFRWPUld
Frame ID: 013E8CF0BB50916286F36A6543226C29
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In | ADP TAXCREDITS

Page URL History Show full URLs

http://tcs.adp.com/ HTTP 307
https://tcs.adp.com/ HTTP 301
https://tcs.adp.com/public/index.htm HTTP 301
https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS Page URL
https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&r... Page URL

Page Statistics

83
Requests

93 %
HTTPS

10 %
IPv6

4
Domains

10
Subdomains

10
IPs

1
Countries

1664 kB
Transfer

6534 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.adp.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tcs.adp.com/ HTTP 307
https://tcs.adp.com/ HTTP 301
https://tcs.adp.com/public/index.htm HTTP 301
https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS Page URL
https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://tcs.adp.com/ HTTP 307
https://tcs.adp.com/ HTTP 301
https://tcs.adp.com/public/index.htm HTTP 301
https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS

Request Chain 69

https://h.online-metrix.net/uh49qtl8mU1lpFuQ?533e89f9d1cfe29c=ejSOwnG-nnWOyDgGMs5USIYy9CU9MV_OJJGfC4HjG_JwgHVQcedh1AtEQ74QOnqWubAgRfCzdwHwRFFs8fTsH0PP1aSUU25UpV7Rqku59KAoctOWa7sF1w1Vz6jwL6pYwZMeVY-UuacyMKfl9jzVCy0Lb2yo-Fc HTTP 302
https://h.online-metrix.net/uh49qtl8mU1lpFuQ?90a2e3fa39cc4409=ejSOwnG-nnWOyDgGMs5USIYy9CU9MV_OJJGfC4HjG_JwgHVQcedh1AtEQ74QOnqWubAgRfCzdwHwRFFs8fTsH0PP1aSUU25UpV7Rqku59KAoctOWa7sF18oOvRRVb_X9eoPq3i3V6pM&k=2

83 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

olplanding.html Show response
online.adp.com/olp/
Redirect Chain

http://tcs.adp.com/
https://tcs.adp.com/
https://tcs.adp.com/public/index.htm
https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS

5 KB
2 KB

921ms
122ms

Document
text/html

52.44.46.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.46.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-46-192.compute-1.amazonaws.com

Software

Resource Hash

71e37a4a28a6c98b61f8bfb3a4af995a01ecd2d1427aa4c7ebedae19ec01ac03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 15 May 2024 19:04:44 GMT
etag: W/"14ec-6185c2d496eee"
last-modified: Mon, 13 May 2024 21:00:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
transfer-encoding: chunked
vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 267
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 15 May 2024 19:04:43 GMT
Keep-Alive: timeout=15, max=447
Location: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Server: AIMServer
Strict-Transport-Security: max-age=315360000; includeSubDomains; preload
Vary: Accept-Encoding

GET
H/1.1 200
OK OlpLandingConfig.js Show response
online.adp.com/olp/ 39 KB
7 KB 122ms
122ms Script
application/javascript 52.44.46.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://online.adp.com/olp/OlpLandingConfig.js?211706

Requested by

Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.46.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-46-192.compute-1.amazonaws.com

Software

Resource Hash

860dd89046abef162a52351304a34ef2c9e152148c4508cdc3effddc5dcfb640

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:04:44 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 13 May 2024 21:00:36 GMT
etag: W/"9a68-6185c2d496eee"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK Primary Request / Show response
online.adp.com/signin/v1/ 6 KB
4 KB 124ms
124ms Document
text/html 52.44.46.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits

Requested by

Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.46.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-46-192.compute-1.amazonaws.com

Software

Resource Hash

ab6c5333b1196748771f7a382a966747cc1f21ea130a2c1b2368e221dab6e305

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'none';
content-type: text/html
date: Wed, 15 May 2024 19:04:44 GMT
etag: W/"6605ad96-1851"
expires: Thu, 02 Dec 2017 06:41:12 GMT
last-modified: Thu, 28 Mar 2024 17:49:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
transfer-encoding: chunked
vary: Accept-Encoding

GET
H/1.1 200
OK 6a8f894227f41759348779077d1e5851.js Show response
online.adp.com/inc/js/lib/ 1 KB
1 KB 198ms
198ms Script
application/javascript 52.44.46.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://online.adp.com/inc/js/lib/6a8f894227f41759348779077d1e5851.js

Requested by

Host: online.adp.com
URL: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.46.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-46-192.compute-1.amazonaws.com

Software

Resource Hash

5172acd46befc46ab786a1dbfb45000816b50be4f8b4a5e1d675dc98919dec5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 15 May 2024 19:04:44 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
transfer-encoding: chunked
x-ion-hop: 1
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
expires: 0

GET
H2 200 synerg-config-3.20.1.js Show response
synerg.adp.com/config/ 22 KB
7 KB 155ms
40ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/config/synerg-config-3.20.1.js
Requested by: Host: online.adp.com
URL: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db97a4db63cb690a494334cbb47f47e3176c6aa3134d4dc52e4bbb4357e25cbc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 14 Feb 2024 05:03:37 GMT
content-encoding: gzip
via: 1.1 92818640c38efb006e1c39f31234144c.cloudfront.net (CloudFront)
last-modified: Fri, 01 Sep 2023 14:52:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 7912868
etag: W/"a3ecb48ea9f36882199d208b799b5d3a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: g6SERThZ6icFNuYeGl3PDDEFfekta9wrP6tT-JpUwa4ne_gr_VnM7Q==

GET
H/1.1 200
OK envconfig.json Show response
online.adp.com/signin/v1/static/risk/ 6 KB
2 KB 475ms
122ms Script
application/json 52.44.46.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://online.adp.com/signin/v1/static/risk/envconfig.json

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.46.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-46-192.compute-1.amazonaws.com

Software

Resource Hash

bbdfe2ce24bf0a9ac1d5f9ef8f9c4aba1a69f8b4966d628cea2786ac51e7fd47

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:04:44 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-security-policy: frame-ancestors 'none';
last-modified: Sun, 07 Apr 2024 02:36:45 GMT
etag: W/"661206bd-1934"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: application/json

GET
H/1.1 200
OK hashtable.js Show response
online.adp.com/signin/v1/static/risk/ 13 KB
4 KB 122ms
122ms Script
application/javascript 52.44.46.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://online.adp.com/signin/v1/static/risk/hashtable.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.46.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-46-192.compute-1.amazonaws.com

Software

Resource Hash

ef62646b0b21053bd22e4069e956d629cd4a64b4e35aeaaca0b522123b242c29

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:04:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-security-policy: frame-ancestors 'none';
last-modified: Thu, 28 Mar 2024 17:33:18 GMT
etag: W/"6605a9de-3570"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK rsa.js Show response
online.adp.com/signin/v1/static/risk/ 35 KB
12 KB 126ms
125ms Script
application/javascript 52.44.46.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://online.adp.com/signin/v1/static/risk/rsa.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.46.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-46-192.compute-1.amazonaws.com

Software

Resource Hash

7a1e50d1786d26aa029aa0142df37416c1a9221e4adde8eeae7788cca74ea0c4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:04:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-security-policy: frame-ancestors 'none';
last-modified: Thu, 28 Mar 2024 17:33:18 GMT
etag: W/"6605a9de-8d47"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK 2.ca08d989.chunk.css
online.adp.com/static/css/ 44 KB
24 KB 322ms
123ms Stylesheet
text/css 52.44.46.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://online.adp.com/static/css/2.ca08d989.chunk.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.46.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-46-192.compute-1.amazonaws.com

Software

Resource Hash

d867ba644c158908ac46a9e94231adc080d185bacd3c01dd93e819f2d3365b9b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:04:44 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-security-policy: frame-ancestors 'none';
last-modified: Thu, 28 Mar 2024 17:48:55 GMT
etag: "6605ad87-5ffe"
content-type: text/css
content-length: 24574

GET
H/1.1 200
OK main.90204224.chunk.css
online.adp.com/static/css/ 247 KB
36 KB 473ms
122ms Stylesheet
text/css 52.44.46.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://online.adp.com/static/css/main.90204224.chunk.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.46.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-46-192.compute-1.amazonaws.com

Software

Resource Hash

80def75f48ccfd581ba4d738ba8ae14f27cf8c6ae92228fb9174df4f5a6987d1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:04:44 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-security-policy: frame-ancestors 'none';
last-modified: Thu, 28 Mar 2024 17:48:55 GMT
etag: "6605ad87-8e41"
content-type: text/css
content-length: 36417

GET
H/1.1 200
OK 2.78e747e1.chunk.js Show response
online.adp.com/static/js/ 1 MB
341 KB 476ms
122ms Script
application/javascript 52.44.46.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://online.adp.com/static/js/2.78e747e1.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.46.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-46-192.compute-1.amazonaws.com

Software

Resource Hash

1ce36de2e2e7e2cb206a31ce5811c2d16afef853e3eff4f52c877dc44c15d411

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:04:44 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-security-policy: frame-ancestors 'none';
last-modified: Thu, 28 Mar 2024 17:48:55 GMT
etag: "6605ad87-55267"
content-type: application/javascript
content-length: 348775

GET
H/1.1 200
OK main.68950a08.chunk.js Show response
online.adp.com/static/js/ 332 KB
77 KB 475ms
121ms Script
application/javascript 52.44.46.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://online.adp.com/static/js/main.68950a08.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.46.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-46-192.compute-1.amazonaws.com

Software

Resource Hash

8c5d2b56bc6086e5a66f1428410bfa985044f20e2cc7d563dffb672a78388a02

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:04:44 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-security-policy: frame-ancestors 'none';
last-modified: Thu, 28 Mar 2024 17:48:55 GMT
etag: "6605ad87-13249"
content-type: application/javascript
content-length: 78409

GET
H/1.1 200
OK 6a8f894227f41759348779077d1e5851.js Show response
online.adp.com/inc/js/lib/ 321 KB
183 KB 357ms
200ms Script
application/javascript 52.44.46.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://online.adp.com/inc/js/lib/6a8f894227f41759348779077d1e5851.js?cache=AIAroH2PAQAAHtczGpS8xHHwEA9yIxFi34w_90zTUV-FMOb22P2zX-yap-K_&X-zuY25QsG--z=q

Requested by

Host: online.adp.com
URL: https://online.adp.com/inc/js/lib/6a8f894227f41759348779077d1e5851.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.46.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-46-192.compute-1.amazonaws.com

Software

Resource Hash

abbc8442e6a195cbbb0c9860750e14f37ba751fce4eabf0974e2974bc4e7674f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: application/javascript; charset=UTF-8
date: Wed, 15 May 2024 19:04:44 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600, immutable
content-encoding: gzip
transfer-encoding: chunked
x-ion-hop: 1

GET
H/1.0 200
OK 1 Show response
ponos.zeronaught.com/ 921 B
1 KB 194ms
40ms XHR
text/plain 107.162.179.174
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ponos.zeronaught.com/1?a=7c40495cf1059cb0739ef63268c614d6debea06d&b=A-iCpH2PAQAABbRnYFJkPzYzdosGcFQdowjaBhpivq_6ju5HTW3l1mrVADEOAVD_B2WucgzkwH8AAEB3AAAAAA==&c=-583944288
Requested by: Host: online.adp.com
URL: https://online.adp.com/inc/js/lib/6a8f894227f41759348779077d1e5851.js?cache=AIAroH2PAQAAHtczGpS8xHHwEA9yIxFi34w_90zTUV-FMOb22P2zX-yap-K_&X-zuY25QsG--z=q
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.179.174 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: 8002a8df813d4cd0bdcc40573c60ebfe38755427fb9ef16ff6c37afd85c9d2e6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Via: HTTP/1.1 bit26008.fra1.defense.net
Connection: close
Content-Length: 921
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK fp-clientlib-v4.js Show response
online.adp.com/signin/v1/static/risk/ 2 KB
1 KB 122ms
121ms Script
application/javascript 52.44.46.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://online.adp.com/signin/v1/static/risk/fp-clientlib-v4.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.46.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-46-192.compute-1.amazonaws.com

Software

Resource Hash

1c4c1489cf2485b870342eea557799661a7d4a1a6f73fc10a41bdd3d59bd6aec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:04:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-security-policy: frame-ancestors 'none';
last-modified: Thu, 28 Mar 2024 17:33:18 GMT
etag: W/"6605a9de-972"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 synerg-web-components-3.20.1.esm.js Show response
synerg.adp.com/synerg-web-components/ 29 KB
8 KB 120ms
42ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/synerg-web-components-3.20.1.esm.js
Requested by: Host: synerg.adp.com
URL: https://synerg.adp.com/config/synerg-config-3.20.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e203c1980a309634e34c40a837825c7c0c75adfefc3395c9cb6a9341795b950e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:16:15 GMT
content-encoding: gzip
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
last-modified: Fri, 01 Sep 2023 14:53:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 7573711
etag: W/"e4a6ec29cd8b7003c8cab1eafc270dec"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amz-cf-id: kki7X4JCrEnubgcuupfodNHb9ysN3mFI3Jg6PEG3Y54-EmUNnBw8xw==

GET
H/1.1 200
OK brands Show response
online.adp.com/api/brand-service/v1/ 2 KB
1 KB 151ms
151ms XHR
application/json 52.44.46.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://online.adp.com/api/brand-service/v1/brands?callingAppId=TaxCredits

Requested by

Host: online.adp.com
URL: https://online.adp.com/inc/js/lib/6a8f894227f41759348779077d1e5851.js?cache=AIAroH2PAQAAHtczGpS8xHHwEA9yIxFi34w_90zTUV-FMOb22P2zX-yap-K_&X-zuY25QsG--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.46.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-46-192.compute-1.amazonaws.com

Software

/ Express

Resource Hash

7621d603e87b2ec681fff75b5cbe62ecd867991ff420359532dab93cbd4d334f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
consumer: OLP
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:04:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-powered-by: Express
etag: W/"628-WKx1DJWDGBUL2+s0R+cYyaZljyI"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK csrf Show response
online.adp.com/ 0
414 B 121ms
121ms XHR
text/plain 52.44.46.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://online.adp.com/csrf

Requested by

Host: online.adp.com
URL: https://online.adp.com/inc/js/lib/6a8f894227f41759348779077d1e5851.js?cache=AIAroH2PAQAAHtczGpS8xHHwEA9yIxFi34w_90zTUV-FMOb22P2zX-yap-K_&X-zuY25QsG--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.46.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-46-192.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 15 May 2024 19:04:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1 ; mode=block
expires: 0

POST
H/1.1 200
OK sign-in.start Show response
online.adp.com/api/sign-in-service/v1/ 2 KB
3 KB 124ms
124ms XHR
application/json 52.44.46.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://online.adp.com/api/sign-in-service/v1/sign-in.start

Requested by

Host: online.adp.com
URL: https://online.adp.com/inc/js/lib/6a8f894227f41759348779077d1e5851.js?cache=AIAroH2PAQAAHtczGpS8xHHwEA9yIxFi34w_90zTUV-FMOb22P2zX-yap-K_&X-zuY25QsG--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.46.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-46-192.compute-1.amazonaws.com

Software

Resource Hash

a7ab75faf22b4c8c35b43e7abcf66bd33e3de1ff93237d8faf035da7ccf8ea4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-XSRF-TOKEN: e5ab7679-4c66-4f4a-aa18-480f9bd62892
Accept-Language: en-US
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
UVPAA: false
Content-Type: application/json
ADP-Device-Token
olp-pilot-cookie
Referer: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:04:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-correlation-id: da453aaa-249f-4c13-b03c-ba3d3978d67c
x-content-type-options: nosniff
content-encoding: gzip
transfer-encoding: chunked
x-trans-id: a3232450-abdb-4000-9bc3-ab27ec420f90
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
access-control-max-age: 1000, 1800
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS, GET, PUT, POST, DELETE, OPTIONS, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://online.adp.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token, x-requested-with, authorization, Content-Type, Content-Length, Authorization, credential, X-XSRF-TOKEN, adp-device-fingerprint, adp-device-token, content-type, x-xsrf-token
x-frame-options: DENY
expires: 0

GET
H2 200 p-443d88df.js Show response
synerg.adp.com/synerg-web-components/ 15 KB
7 KB 42ms
41ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/p-443d88df.js
Requested by: Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14d480e7c58656fbb8cd031d3feb3a4c1d12c849d37211553437e426a7b6d4f2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/synerg-web-components-3.20.1.esm.js
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:16:16 GMT
content-encoding: gzip
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
last-modified: Wed, 20 Dec 2023 03:31:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 7573710
etag: W/"d3d285fc844a16d65706e874d5e20e66"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amz-cf-id: 6cQT6pcjkl83eQUKMTFzy4QU_7DnnNnlerQapDB0JNATlURQmfY70Q==

GET
BLOB 200
OK ca95f509-4597-452b-82d8-7839730b83eb
https://online.adp.com/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://online.adp.com/ca95f509-4597-452b-82d8-7839730b83eb
Requested by: Host: online.adp.com
URL: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 2479
Content-Type: text/javascript

GET
H2 200 manifest-3.20.1.json Show response
synerg.adp.com/themes/one/ 12 KB
3 KB 40ms
40ms Fetch
application/json 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/themes/one/manifest-3.20.1.json
Requested by: Host: online.adp.com
URL: https://online.adp.com/inc/js/lib/6a8f894227f41759348779077d1e5851.js?cache=AIAroH2PAQAAHtczGpS8xHHwEA9yIxFi34w_90zTUV-FMOb22P2zX-yap-K_&X-zuY25QsG--z=q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f647231bd77a3ce2a43dd7c7a8118c6ae82224b3297624a054fbc979da5dbcf8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:16:17 GMT
content-encoding: gzip
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
last-modified: Fri, 01 Sep 2023 14:53:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 7573709
etag: W/"354b6669c1b90a0a3ea340446154a27f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amz-cf-id: 98X-3n614sFgdgA30ng9SnHBWGoeNK8orXi3gEJvOb7mKRYReERExw==

GET
H/1.1 200
OK favicon.ico
online.adp.com/ 1 KB
607 B 121ms
121ms Other
image/x-icon 52.44.46.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://online.adp.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.46.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-46-192.compute-1.amazonaws.com

Software

Resource Hash

d4c7bde9e51770f84eedb2f86ef50df3fcce637a916f912208f2f06e2b517902

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:04:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 15:07:49 GMT
etag: W/"436-5b5e130781b40"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: image/x-icon

GET
H/1.1 200
OK whbvfnwz4cbouw0i.js Show response
image.online.adp.com/ 95 KB
13 KB 163ms
43ms Script
text/javascript 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://image.online.adp.com/whbvfnwz4cbouw0i.js?fmz2dq0hrs4yn1xy=7dwbnfjp&5ivfspmrhblrmvpy=4yxmwpuqfpk1715799885814&8i5z7dmpibj67e9l=2023

Requested by

Host: online.adp.com
URL: https://online.adp.com/signin/v1/static/risk/fp-clientlib-v4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

4bb5b859587d33e2711703d531479de076f97a369151c7ae07e5d17ce1e1b8c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 19:04:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/0b0bc73d-07f7-4cb4-693c-39672a1814b0/ 462 KB
151 KB 137ms
41ms Script
application/javascript 34.36.213.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pendo.io/agent/static/0b0bc73d-07f7-4cb4-693c-39672a1814b0/pendo.js

Requested by

Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

229.213.36.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

0d59594d6e8a2ec12ee1937cae157c8367e37c601f8cbfe796d9311eac725448

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:01:41 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
age: 184
x-guploader-uploadid: ABPtcPrFOIGCnZ1OCbXBgaSocb0MV2kRy9Wjq2OWMNqoH8U8AM7fMnfL-7juKQ6XBzWgNqcNTw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 154196
last-modified: Thu, 09 May 2024 18:16:25 GMT
server: UploadServer
etag: "bda916544ca8b0fd7c35d7f6f71e4e26"
vary: Accept-Encoding
x-goog-generation: 1715278585210962
x-goog-hash: crc32c=MEtDEw==, md5=vakWVEyosP18Ndf29x5OJg==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public,max-age=450
x-goog-stored-content-length: 154196
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 fonts-ba6f74759e.css
synerg.adp.com/synerg-web-components/circular-fonts/ 2 KB
887 B 39ms
39ms Stylesheet
text/css 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/circular-fonts/fonts-ba6f74759e.css
Requested by: Host: synerg.adp.com
URL: https://synerg.adp.com/config/synerg-config-3.20.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba6f74759eb054a514b87365e1a4383a0e8d2db92adb55c0633afc3dd3f58b2f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Jan 2024 08:27:51 GMT
content-encoding: gzip
via: 1.1 92818640c38efb006e1c39f31234144c.cloudfront.net (CloudFront)
last-modified: Wed, 24 Jan 2024 21:56:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 9283015
etag: W/"54e994ffa4978625eecaef7038a1dc97"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000,public
x-amz-cf-id: 3d74Vy7cvECwSycqNJy2ODRKWhJmi50Hae-lzVdpx1Q6BjjMUbhEXQ==

GET
H2 200 sdf-global.418360b87e.js Show response
synerg.adp.com/themes/one/ 2 KB
1 KB 151ms
151ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/themes/one/sdf-global.418360b87e.js
Requested by: Host: synerg.adp.com
URL: https://synerg.adp.com/config/synerg-config-3.20.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 418360b87ebccbfb0c9ced1b0d81150ff76268f27bc5f2da0402a0ab931e6924

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:16:17 GMT
content-encoding: gzip
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
last-modified: Wed, 20 Dec 2023 03:32:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 7573709
etag: W/"eca2e5a6660d5d72dab8458d78f9ddc1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amz-cf-id: P3TpVidV0wl0WCrBfK2UTg1741-VvfxqUEfel_I6zcMdkzsHi5LIng==

GET
H2 200 sdf-utilities.bebb85995f.js Show response
synerg.adp.com/themes/one/ 2 MB
201 KB 46ms
45ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/themes/one/sdf-utilities.bebb85995f.js
Requested by: Host: synerg.adp.com
URL: https://synerg.adp.com/config/synerg-config-3.20.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bebb85995f0e9efe38fddddd949facc4ec3c8d237dd55ea453fcea6d4e64fbf7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:16:17 GMT
content-encoding: gzip
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
last-modified: Wed, 20 Dec 2023 03:32:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 7573708
etag: W/"4ba3cccd6b91f4a7aa299ce4c0396c6c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amz-cf-id: B0BjcUbe_QgriWOAHo-ghHBUXatWySOWW20u9Zra7CaUPW-e-nU4UQ==

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS message
dyn-msg-service.prod.adp.com/api/dyn-msg-service/v1/ Frame 0
0

GET
H2 200 p-3a37de2e.entry.js Show response
synerg.adp.com/synerg-web-components/ 5 KB
2 KB 41ms
40ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/p-3a37de2e.entry.js
Requested by: Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c286dec985e3b7dbc191f8f763ded1b6db5be126927c818962478b07789a0e3c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/synerg-web-components-3.20.1.esm.js
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:16:20 GMT
content-encoding: gzip
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
last-modified: Fri, 01 Sep 2023 14:53:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 7573707
etag: W/"1e236bdbb484e7ad966e4fcce73a736f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amz-cf-id: fOmltMJqI3Hd4-QYXlwnxfnezIMG9HJoR6Ok11efEZ0nJlLwIzDB3A==

GET
H2 200 p-15a051fb.entry.js Show response
synerg.adp.com/synerg-web-components/ 187 KB
53 KB 42ms
42ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/p-15a051fb.entry.js
Requested by: Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9bab147e9897086b27b3f5f5c1af30be1fa3678b9c6bd0e71b2835a0c6884a55

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/synerg-web-components-3.20.1.esm.js
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:16:20 GMT
content-encoding: gzip
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
last-modified: Wed, 20 Dec 2023 03:31:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 7573707
etag: W/"2cecf710f26e4c8f227a7bdcfcf0ff24"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amz-cf-id: vqg3MNJAmIC1gd6MdpRlc0--n34XEY5BvFYD2y2vWQ0sr0k7epCEBg==

GET
H2 200 p-5ff82fb7.entry.js Show response
synerg.adp.com/synerg-web-components/ 4 KB
2 KB 41ms
41ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/p-5ff82fb7.entry.js
Requested by: Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44850de8652852512d7bb7625dbf80d6c74a7cb8de330ce306d9e18fe24cc4de

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/synerg-web-components-3.20.1.esm.js
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:16:22 GMT
content-encoding: gzip
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
last-modified: Wed, 20 Dec 2023 03:31:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 7573705
etag: W/"d718812c0688624f0541dc3a888f81df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amz-cf-id: imZ8t56JabBWi8YRsSAnEcRm3CQpg6q1eK3DENEm3jnieL4SGC9Bng==

GET
H2 200 Circular20Web-Bold.woff2
synerg.adp.com/synerg-web-components/circular-fonts/ 81 KB
81 KB 45ms
41ms Font
binary/octet-stream 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/circular-fonts/Circular20Web-Bold.woff2
Requested by: Host: synerg.adp.com
URL: https://synerg.adp.com/synerg-web-components/circular-fonts/fonts-ba6f74759e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 15d40cd99e2da27b2c90e7c31eb4e129c44f19170f9a8e64dd550a03ba0cc4d8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/circular-fonts/fonts-ba6f74759e.css
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:43:38 GMT
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 7572069
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 82748
last-modified: Thu, 15 Feb 2024 14:53:26 GMT
server: AmazonS3
etag: "a42037e48fe0b23e6bb4550587038957"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-cf-id: yE0TisRLRGTwXniTUallKE9zPCnpQAtEeUJoSdUweGd24O5dIrp-SA==

GET
H2 200 Circular20Web-Medium.woff2
synerg.adp.com/synerg-web-components/circular-fonts/ 78 KB
79 KB 55ms
51ms Font
binary/octet-stream 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/circular-fonts/Circular20Web-Medium.woff2
Requested by: Host: synerg.adp.com
URL: https://synerg.adp.com/synerg-web-components/circular-fonts/fonts-ba6f74759e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ed2855d30cd98894bbbf680af7bf98812e75ca8cbe94f1e4f68137946d5f4de4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/circular-fonts/fonts-ba6f74759e.css
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:43:38 GMT
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 7572069
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 80267
last-modified: Thu, 15 Feb 2024 14:53:26 GMT
server: AmazonS3
etag: "08044e81d754dc1bde123c7563e8bfae"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-cf-id: 67rUOw1SFGGAmw5d_xPLBr10wbQCYpT0ApDksfaw68QuAWb50Or-ow==

GET
H2 200 Circular20Web-Book.woff2
synerg.adp.com/synerg-web-components/circular-fonts/ 75 KB
76 KB 57ms
53ms Font
binary/octet-stream 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/circular-fonts/Circular20Web-Book.woff2
Requested by: Host: synerg.adp.com
URL: https://synerg.adp.com/synerg-web-components/circular-fonts/fonts-ba6f74759e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73ff5a527b54d6edc0055f4da2f5029f3222da5dd26ffeb6ae750932200e9d53

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/circular-fonts/fonts-ba6f74759e.css
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:43:38 GMT
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 7572069
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 77124
last-modified: Thu, 15 Feb 2024 14:53:26 GMT
server: AmazonS3
etag: "b0b416e3f2aad6b6981920e14064b3b6"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-cf-id: OOE9nzQwlzr0n6FDwYCain_2PNiIRHsvDZQW1nejFhd4C1VBifvs1Q==

GET
H/1.1 200
OK 23.e340293d.chunk.js Show response
online.adp.com/static/js/ 30 KB
8 KB 124ms
124ms Script
application/javascript 52.44.46.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://online.adp.com/static/js/23.e340293d.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.46.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-46-192.compute-1.amazonaws.com

Software

Resource Hash

1474e44b8753b545445ae863369e07fd9beac072410ea31743bd2c83f563af7a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:04:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-security-policy: frame-ancestors 'none';
last-modified: Thu, 28 Mar 2024 17:48:55 GMT
etag: "6605ad87-1e10"
content-type: application/javascript
content-length: 7696

GET message
dyn-msg-service.prod.adp.com/api/dyn-msg-service/v1/ 0
0

GET
H/1.1 200
OK image
online.adp.com/api/brand-service/v1/brands/ 11 KB
11 KB 145ms
145ms Image
image/png 52.44.46.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.adp.com/api/brand-service/v1/brands/image?productId=$default$&imageId=productLogo-red.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.46.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-46-192.compute-1.amazonaws.com

Software

/ Express

Resource Hash

033afcd324350b7a1701e0aaa793702aa3b34a72923db2624dfe7caefa34121e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:04:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-powered-by: Express
content-length: 10765
etag: W/"2a0d-LkB1fKxAWKNtmjqnuQDyRW4E8JA"
content-type: image/png

GET
H/1.1 200
OK logo-adp-fy19.299df579.svg
online.adp.com/static/media/ 1 KB
964 B 121ms
121ms Image
image/svg+xml 52.44.46.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.adp.com/static/media/logo-adp-fy19.299df579.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.46.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-46-192.compute-1.amazonaws.com

Software

Resource Hash

d34eb6787c5b2d7a7aa8337c8f7067fa74c773498b70dd3cb5cbaea81c3218f1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:04:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-security-policy: frame-ancestors 'none';
last-modified: Thu, 28 Mar 2024 17:48:55 GMT
etag: W/"6605ad87-426"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: image/svg+xml

GET
H/1.1 200
OK image
online.adp.com/api/brand-service/v1/brands/ 107 KB
108 KB 157ms
157ms Image
image/png 52.44.46.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.adp.com/api/brand-service/v1/brands/image?productId=$default$&imageId=ADP_default_background.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.46.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-46-192.compute-1.amazonaws.com

Software

/ Express

Resource Hash

df7069893e99a7ab00720402ec3249023ea35ef37fe7c20d856a8bfd31a0e1b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:04:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-powered-by: Express
content-length: 110000
etag: W/"1adb0-4rcOw7dZviq+M4Euny78N4/DeA8"
content-type: image/png

GET
H/1.1 200
OK IuG5sxIDzRcWy9I2 Show response
image.online.adp.com/ Frame 38CC 315 KB
58 KB 50ms
49ms Script
text/javascript 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://image.online.adp.com/IuG5sxIDzRcWy9I2?900764987f1095c4=DS7zqrpegqCDz2I4kVcgqkMHueGGKZVjrxrHqSCuw-47e61tXUI1QrDOzfPwnIsjrI0BY7uEedv7NpGrAL158eiPXOMWDsiVJYk0MfjRAO25tTEHQJ2S0w1S-UihZc9JZIgJkRdge6KJKqTCo0Z4NXrKFtr8gUy7Ykb4z6NfuGDDWCpD_aSQqIwvVt11jynh&jb=35312e2e68736f753f57636e666f77712e627b673d5f696e64677f7b273230313326607360753d41607a6765652e6a7362354b60706f6d6527323a313034

Requested by

Host: image.online.adp.com
URL: https://image.online.adp.com/whbvfnwz4cbouw0i.js?fmz2dq0hrs4yn1xy=7dwbnfjp&5ivfspmrhblrmvpy=4yxmwpuqfpk1715799885814&8i5z7dmpibj67e9l=2023

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

414567bb49f05c82ae4e2208d2e9eaabbda830ddd169ca2ff25790c1ca3d1629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 19:04:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: 5f24caccc1d0f2b4
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 5lgjd3EVDRtqsbXu
image.online.adp.com/ Frame 38CC 81 B
475 B 130ms
42ms Image
image/png 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.online.adp.com/5lgjd3EVDRtqsbXu?a57f6eb12aac188a=RmR2T0ikdPV7ZA_hWC8ScYZ6DWwIBpM9MijtYsxIRuBFGMsVJbwkRn5zR88h9S8n6G6GAQ7DTwB8xhLQnqV7obTwyuoDwK5H27vBFTAZIjHin52EF7cpAxp660CwNLDeWtRdDm-I137xkX-qd-c3Lv8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 15 May 2024 19:04:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK DbLqtsFzGMWg7nBH
image.online.adp.com/ Frame 38CC 81 B
475 B 131ms
43ms Image
image/png 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.online.adp.com/DbLqtsFzGMWg7nBH?4b4f58caa6f25789=M-lV88D-6lC9Vp4ijBAZ427kPXJ7nuwpCCXw_8Fat7pfOmajg4IrSKlRBhEt4z2MGBOCsuF1ZOiad5XynbOlqoCGdsBUnRNVqXDIvVpwqSTgUWJnVsicDFYPljnmqEyRhMI8SEfyrDIUwyCy8joOUaI

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 15 May 2024 19:04:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 p-9f1b6d3e.js Show response
synerg.adp.com/synerg-web-components/ 3 KB
2 KB 46ms
44ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/p-9f1b6d3e.js
Requested by: Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2cee66087f92ce81a99448143e1364242ff2a3b6769dc1cded8ac34a4782b33c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/p-3a37de2e.entry.js
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:16:22 GMT
content-encoding: gzip
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
last-modified: Wed, 20 Dec 2023 03:31:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 7573705
etag: W/"985a328dd87d8142c16fc437d65e6b35"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amz-cf-id: EmQu6h1GlhuLO5ePOUiUYo1F-aRCuWRiDUqcYllQkI6FR0UB2GvcMw==

GET
H2 200 p-53067c0e.js Show response
synerg.adp.com/synerg-web-components/ 4 KB
2 KB 46ms
44ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/p-53067c0e.js
Requested by: Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d921f145baf2b91de4e91d29deaae8be491ee7bacbbdc8a2d887b21066015679

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/p-3a37de2e.entry.js
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:16:22 GMT
content-encoding: gzip
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
last-modified: Wed, 20 Dec 2023 03:31:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 7573705
etag: W/"14b9ca45320f4d7e2373891d3e05cbff"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amz-cf-id: wdkBq4S-tYspFtvm3YlJ8qMb4FcTDZwLtiRPL0rf2a2JJ_PJlNwiIQ==

GET
H2 200 p-88c86f6a.js Show response
synerg.adp.com/synerg-web-components/ 743 B
1 KB 48ms
46ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/p-88c86f6a.js
Requested by: Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8fe452d74d68ceba4e7f24ed7da5b9a0a1018b41c7a45796d9f38b562228106a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/p-3a37de2e.entry.js
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:43:36 GMT
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 7572071
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 743
last-modified: Thu, 15 Feb 2024 14:53:45 GMT
server: AmazonS3
etag: "517b40b50aa2bd69c98273ce7ffa8cf5"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-cf-id: wDB6Ow58Cl_4WJsY078lexFM1JdM147Em5sSDjYl6RjIcK2-nUE8BA==

GET
H2 200 p-7421f000.js Show response
synerg.adp.com/synerg-web-components/ 117 B
580 B 47ms
45ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/p-7421f000.js
Requested by: Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03ba78cb25761a27a1490be9cf903f0849f995601ea0ede1a43b7847c6ecd3fb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/p-3a37de2e.entry.js
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:43:36 GMT
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 7572071
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 117
last-modified: Thu, 15 Feb 2024 14:53:42 GMT
server: AmazonS3
etag: "b3b733fe4ecc30e185de8d0061b984b3"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-cf-id: Lk23i8377UCj8g7T9scVLSUOTYH3TIyZ8p2NC_4WT61Y-4AkafDNJQ==

GET
H2 200 p-c1de57ae.js Show response
synerg.adp.com/synerg-web-components/ 701 B
1 KB 48ms
46ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/p-c1de57ae.js
Requested by: Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 739aa62246d0da3c2fbefe858f4793ebbb44f7c811de99cb585a714e32362ca1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/p-3a37de2e.entry.js
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:43:36 GMT
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 7572071
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 701
last-modified: Thu, 15 Feb 2024 14:53:51 GMT
server: AmazonS3
etag: "949864d8a83d2f240bae3c117c9c59ee"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-cf-id: _B0atZWN7q_KrQvcYck3ZLRrmguHh48hQu8SuCANqgsjc7OTgrIZOA==

GET
H2 200 p-3d37b2ea.js Show response
synerg.adp.com/synerg-web-components/ 384 B
846 B 49ms
47ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/p-3d37b2ea.js
Requested by: Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2696ede43575a058d66aa68c8f90894f1554d1eb6a6349dfd494fd6b13a826a7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/p-3a37de2e.entry.js
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:16:23 GMT
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 7573704
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 384
last-modified: Wed, 20 Dec 2023 03:31:33 GMT
server: AmazonS3
etag: "8eec03c13f5b603f3aeeeef18adc36f5"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-cf-id: 2_EE2YBeV2WJ9kfc7MRHIrby30IPkU1M6xJ5fVAuabcjr61DUeMYKQ==

GET
H2 200 p-9fb518a4.js Show response
synerg.adp.com/synerg-web-components/ 260 B
723 B 49ms
48ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/p-9fb518a4.js
Requested by: Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c1a30c7475d87dfcd5010a2a3cbc8d6bf16427f5a1f6d788ef3ce904083da8b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/p-3a37de2e.entry.js
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:43:36 GMT
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 7572070
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 260
last-modified: Thu, 15 Feb 2024 14:53:48 GMT
server: AmazonS3
etag: "5357ceec51d048aed8caddaa8e901afc"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-cf-id: RroVxNNn2QvfQbkeXoo5zAGL6PolW8yezbXELKpQuAhEMybqihrDvQ==

GET
H2 200 p-d0c2c235.js Show response
synerg.adp.com/synerg-web-components/ 373 B
835 B 53ms
51ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/p-d0c2c235.js
Requested by: Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50b0244ef4e6cf78b0b2ee2073c567b21b608eca914d362dea898268416430bb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/p-3a37de2e.entry.js
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:43:37 GMT
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 7572070
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 373
last-modified: Thu, 15 Feb 2024 14:53:52 GMT
server: AmazonS3
etag: "58b6bb9cb5b4a3c300963f85d60ab50c"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-cf-id: L21YiY24SmJhLdyhq7hG3Ig3rbD74FYhWFWVopiBnzf62EQagh9dHQ==

GET
H2 200 p-5db1e9d6.js Show response
synerg.adp.com/synerg-web-components/ 354 B
817 B 54ms
52ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/p-5db1e9d6.js
Requested by: Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d04d9057fb10dc91f5e71e42baf1d19f20b75d13c8f282f751e40e6793ea50d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/p-3a37de2e.entry.js
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:16:23 GMT
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 7573704
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 354
last-modified: Wed, 20 Dec 2023 03:31:35 GMT
server: AmazonS3
etag: "db7149e65676fb9cf8b8a9af745ca70e"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-cf-id: 3vFe0ehJMtLYy6C92f9n0xgMdHXFK-OjgW0OaN87qrG9eZMvRFecvw==

GET
H2 200 p-4f2a522b.js Show response
synerg.adp.com/synerg-web-components/ 37 B
499 B 54ms
53ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/p-4f2a522b.js
Requested by: Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b92cb76bcecdcb627bcebbb37cb6ce86cbb1a9e51a20fac0280f07de5216281f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/p-3a37de2e.entry.js
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:43:37 GMT
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 7572070
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 37
last-modified: Thu, 15 Feb 2024 14:53:39 GMT
server: AmazonS3
etag: "c0c95100101510f70affe458bd356a46"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-cf-id: OuBZ-FP7rAG4EAjS6PijvUbvGJfguzXmQ7n-AK3ppjuoB0s29C8Cdw==

GET
H2 200 p-ab0efea5.js Show response
synerg.adp.com/synerg-web-components/ 630 B
1 KB 56ms
54ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/p-ab0efea5.js
Requested by: Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be4f4a70ace157a349e09ed78a0f5f9916aa8801e0d69d188f11472d38f9510e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/p-3a37de2e.entry.js
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:16:23 GMT
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 7573703
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 630
last-modified: Wed, 20 Dec 2023 03:31:40 GMT
server: AmazonS3
etag: "dd6484687ae4328f97b51ee72cedb260"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-cf-id: UGXFgYeeP7hwB3CBfkWQhNFUqJpetZSdMm_ShRZNvspmPNXHm-uGKg==

GET
H2 200 p-3317ed09.js Show response
synerg.adp.com/synerg-web-components/ 417 B
880 B 54ms
53ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/p-3317ed09.js
Requested by: Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87d3ca0f7f836c7c0b83df366ad265325577cda80eb302612605818621be665e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/p-5ff82fb7.entry.js
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:43:37 GMT
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 7572070
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 417
last-modified: Thu, 15 Feb 2024 14:53:35 GMT
server: AmazonS3
etag: "004f64c18674791c11139476309dcc5c"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-cf-id: 6f1LFTQb0m8lppWUgBrvmi3C4IRNnOoH5ZuEpiL9RPM9X30dYkqLSw==

GET
H2 200 p-b43a8e81.js Show response
synerg.adp.com/synerg-web-components/ 128 B
591 B 110ms
110ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/p-b43a8e81.js
Requested by: Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 343bdd26d9e97624f7192256a7ea3b3dd56fff0ee15ce798806876e64dd77aaf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/p-5ff82fb7.entry.js
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:16:25 GMT
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 7573702
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 128
last-modified: Wed, 20 Dec 2023 03:31:41 GMT
server: AmazonS3
etag: "133ffe054549ad54285a1eb295ab397e"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-cf-id: XxWoR4nJv-oouBXIluekmtFFnA3BDA1Bw9S9YW5F9pMQKYZ6nvjM5w==

GET
H2 200 p-138caaf1.js Show response
synerg.adp.com/synerg-web-components/ 677 B
1 KB 111ms
110ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/p-138caaf1.js
Requested by: Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5faefef6c95457ad34b8ddc76cf42f5237dbbfdfb9782d5007ef7f4ea59409c6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/p-5ff82fb7.entry.js
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:30:32 GMT
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 7572855
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 677
last-modified: Thu, 15 Feb 2024 14:53:31 GMT
server: AmazonS3
etag: "45d7fa831f0f39fe1a47bec96afb9edc"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-cf-id: V_-a8dlButwZOnSiwmMKK1peVS26Dbv9QgXjjtpql4SjBIF4zTFzew==

GET
H2 200 0b0bc73d-07f7-4cb4-693c-39672a1814b0
data.pendo.io/data/ptm.gif/ 42 B
111 B 393ms
275ms Image
image/gif 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.pendo.io/data/ptm.gif/0b0bc73d-07f7-4cb4-693c-39672a1814b0?v=2.230.0_prod&ct=1715799886116&jzb=eJzlUkFv2yAY_S8ccoptMMY2kaIpWzcp25SlbTq1myYLA0vZbOwBTp1W-e-FRsluve00n8z7Pt573-P7_gTcvpdgBlrpGJiC2nQPVprKqdajqECkoLQsc4TgFOyUVa4zlRL-QrV-v7r4Um2qq-X1xz93O1hvbj0B47wbtHvp0UPTTMFgGt9-71xvZ0nS6UZpGTPRx7xrE6u2Wulkh5I3i_V6eTHfsPGdkUI5O-lNJwbulmJeQokh5TgqYJlGNZMokpDgCBNIMgxrklEyMdINRt9cfZ6ftBy3Z6F-qBvFE6WFHON71044a7yT7aLvvcBfVT-C1-0tmD2d5g2_r41spbWq08vQgnJSIFZ4a7ykUVaLNKK1d1pkOYUCi7xkIeaG6e3AtiF4qauba3A4J3dSC-F5tGdGarc41zwkmAsXEUkgSVKYZp5wJ03w4OE0TjGMYRXSC7RHgg2rg7_ji7jjAcDfby-zVq4uv42Pd6TDnuenYa18Ka7Qfvz068OD-Doub8usCMuxd9IHQ0h-mJ4Xp-mYeHVx0P-3OCGTUxIZxjGm4ctRSTDE_-RNMEWHH8_plDcB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:04:46 GMT
via: 1.1 google
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
server: istio-envoy
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
x-envoy-upstream-service-time: 122
access-control-allow-headers: *
content-length: 42
alt-svc: clear

GET
H2 200 0b0bc73d-07f7-4cb4-693c-39672a1814b0 Show response
data.pendo.io/data/guide.js/ 567 B
658 B 281ms
164ms Script
application/javascript 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://data.pendo.io/data/guide.js/0b0bc73d-07f7-4cb4-693c-39672a1814b0?id=6&jzb=eJx9kE9r4zAQxb-LDjnFlmxZsR0IJTR7SFm6IX9KezJjSTgCRXYl2QRKvnvkXeLc9iZG8-b33vtBg3LKt3Yr0BJVu1_vmz_VsdpvD2_fXwOpj59ojoDztjd-XDG91nPUWx22z953bolxa7QyMgbRxby9YKcaowweEvyy3u22m9URrq9WCuXdrLOt6Hm4tCqIpKTkNMpJkUY1yCSShNGIMsIySmqWlWxmpe-tOe1_rx4sz90E6vpaK46VEfIan_1lxkEHJ8266wLgSQ0JWi0-njn_hbhIDwI8oOVUwvhU_ynCSedUa_52lSxYnkAeHPOijLJapFFZhwB5tiiJoGJRAASJBtP00MigkKY6HdBt6vNBG-2EaQdWGr-e_sIo2BuFCcOE4ZSkWTg4SDt6COM0TimJSTWWim63O5k5k8A&v=2.230.0_prod&ct=1715799886117

Requested by

Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/0b0bc73d-07f7-4cb4-693c-39672a1814b0/pendo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

832b6bfd89a3b79238d1e5b7984a70dd28dfd69e4e37a2a6dfeeeeff31a7675f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:04:46 GMT
via: 1.1 google
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
server: istio-envoy
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: false
x-envoy-upstream-service-time: 12
access-control-allow-headers: *
content-length: 567
alt-svc: clear

GET
H2 200 0b0bc73d-07f7-4cb4-693c-39672a1814b0
data.pendo.io/data/guide.gif/ 42 B
312 B 269ms
153ms Image
image/gif 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.pendo.io/data/guide.gif/0b0bc73d-07f7-4cb4-693c-39672a1814b0?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1715799886117&v=2.230.0_prod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:04:46 GMT
via: 1.1 google
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
server: istio-envoy
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
x-envoy-upstream-service-time: 1
access-control-allow-headers: *
content-length: 42
alt-svc: clear

GET
H2 200 p-7a69091b.js Show response
synerg.adp.com/synerg-web-components/ 344 B
808 B 105ms
105ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/synerg-web-components/p-7a69091b.js
Requested by: Host: online.adp.com
URL: https://online.adp.com/olp/olplanding.html?APPID=TAXCREDITS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e69b13a94e364bed98ba28fbc79730e87006543f37f269f21d82359d4122a8e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://synerg.adp.com/synerg-web-components/p-15a051fb.entry.js
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:43:37 GMT
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 7572070
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 344
last-modified: Thu, 15 Feb 2024 14:53:43 GMT
server: AmazonS3
etag: "a706638bd31783a8d5c33f9a998390ee"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-cf-id: eGabvf-rPYktnE32x8mYNzVFwlLvz_yZ3vVsT7QdDT3xsUWg1irkkg==

GET
H2 200 sdf-busy-indicator.57c7c06e8b.js Show response
synerg.adp.com/themes/one/ 2 KB
1 KB 56ms
56ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/themes/one/sdf-busy-indicator.57c7c06e8b.js
Requested by: Host: synerg.adp.com
URL: https://synerg.adp.com/config/synerg-config-3.20.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57c7c06e8b3fe39e2b21a4e2b8a5df7d339c8d01a1d549fb60c3e91fa11c3ab9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:16:26 GMT
content-encoding: gzip
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
last-modified: Wed, 20 Dec 2023 03:32:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 7573701
etag: W/"8649b77ce83f150fd07b73219bcf6cad"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amz-cf-id: 66fAfNdwhMSC9cEaI6SCqNff7RoCkRf27sVN5mgTlK6Qx9g81p1mtw==

GET
H2 200 sdf-button.e94dd25498.js Show response
synerg.adp.com/themes/one/ 77 KB
5 KB 57ms
57ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/themes/one/sdf-button.e94dd25498.js
Requested by: Host: synerg.adp.com
URL: https://synerg.adp.com/config/synerg-config-3.20.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e94dd2549875419a2368a61b62760edd9ce08ed6b8f5811c94dfee82b8e9dc57

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:16:26 GMT
content-encoding: gzip
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
last-modified: Thu, 07 Sep 2023 20:43:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 7573701
etag: W/"ca446b74199a42d4d13ae89e5d14f5d4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amz-cf-id: 6ePpO4AEcEZ95f3s6W8n7a9OoOwI0qedPMVm1m370RJrEjotw56Tpw==

OPTIONS
H2 200 message
dyn-msg-service.prod.adp.com/api/dyn-msg-service/v1/ Frame 0
0 306ms
140ms Preflight
text/plain 34.238.93.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dyn-msg-service.prod.adp.com/api/dyn-msg-service/v1/message?callingAppId=TaxCredits
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.93.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-93-48.compute-1.amazonaws.com
Software: Server /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://online.adp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-method: GET
access-control-allow-origin: https://online.adp.com
allow: POST,GET,HEAD
content-length: 13
content-type: text/plain; charset=utf-8
date: Wed, 15 May 2024 19:04:46 GMT
etag: W/"d-BVyHhJ9/eETU1VqxhQuV1zTNV1Q"
server: Server
x-amz-apigw-id: X04UTGrqoAMFckA=
x-amzn-remapped-content-length: 13
x-amzn-requestid: b9259714-3bfe-4e25-826b-03c76d102ce7
x-amzn-trace-id: Root=1-6645074e-7a5e60e5114513dd32f34e03;Parent=4cb62287788753cc;Sampled=0;lineage=acbb3dc0:0

GET
H2 204 message Show response
dyn-msg-service.prod.adp.com/api/dyn-msg-service/v1/ 0
268 B 146ms
145ms XHR
text/plain 34.238.93.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dyn-msg-service.prod.adp.com/api/dyn-msg-service/v1/message?callingAppId=TaxCredits
Requested by: Host: online.adp.com
URL: https://online.adp.com/inc/js/lib/6a8f894227f41759348779077d1e5851.js?cache=AIAroH2PAQAAHtczGpS8xHHwEA9yIxFi34w_90zTUV-FMOb22P2zX-yap-K_&X-zuY25QsG--z=q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.93.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-93-48.compute-1.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://online.adp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://online.adp.com
etag: W/"1f-jE14kt90G2Cmv7GbvbSrc4y77Hw"
date: Wed, 15 May 2024 19:04:46 GMT
server: Server
x-amzn-trace-id: Root=1-6645074e-206168de37710b4d7ffdab0e;Parent=2eca6df425f11689;Sampled=0;lineage=acbb3dc0:0
x-amzn-requestid: 290e9038-f42b-4d51-bf53-449a0d879eb2
x-amz-apigw-id: X04UUEfhoAMFoQQ=

GET
H/1.1 200
OK 0V0HxW-NaskWvIaO Show response
image.online.adp.com/ Frame 83BC 19 KB
6 KB 41ms
41ms Document
text/html 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://image.online.adp.com/0V0HxW-NaskWvIaO?e01a9ea941ab345f=28249MELzXcq4SleXai76xG3XiMGK4nrHad0E9gdku4ttAoBmNKEqdVE26iPflpexUlfO0DBgEp356OGF0MSKMgAveXgv4Pql8a0XfAZ_6Ws-OsEDXpQINXifUi0MgsogF_ta_3ezmM&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: image.online.adp.com
URL: https://image.online.adp.com/IuG5sxIDzRcWy9I2?900764987f1095c4=DS7zqrpegqCDz2I4kVcgqkMHueGGKZVjrxrHqSCuw-47e61tXUI1QrDOzfPwnIsjrI0BY7uEedv7NpGrAL158eiPXOMWDsiVJYk0MfjRAO25tTEHQJ2S0w1S-UihZc9JZIgJkRdge6KJKqTCo0Z4NXrKFtr8gUy7Ykb4z6NfuGDDWCpD_aSQqIwvVt11jynh&jb=35312e2e68736f753f57636e666f77712e627b673d5f696e64677f7b273230313326607360753d41607a6765652e6a7362354b60706f6d6527323a313034

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

57c325b5ae817ebada4835cbb286a03cb60e8bc28857e4ec10c28f814ccf7ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://online.adp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Length: 5895
Content-Type: text/html;charset=UTF-8
Date: Wed, 15 May 2024 19:04:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
image.online.adp.com/fp/ Frame 38CC 81 B
530 B 121ms
40ms XHR
image/png 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://image.online.adp.com/fp/clear.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: */*, 7dwbnfjp/5f24caccc1d0f2b44yxmwpuqfpk1715799885814
Referer: https://online.adp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 19:04:46 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 15 May 2024 19:04:46 GMT
Server: Apache
Etag: 241685a6de334215890e1ee57d6e421a
Content-Type: image/png
Access-Control-Allow-Origin: https://online.adp.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Mon, 14 May 2029 19:04:46 GMT

GET
H/1.1

204
No Content

uh49qtl8mU1lpFuQ Show response
h.online-metrix.net/ Frame 38CC
Redirect Chain

https://h.online-metrix.net/uh49qtl8mU1lpFuQ?533e89f9d1cfe29c=ejSOwnG-nnWOyDgGMs5USIYy9CU9MV_OJJGfC4HjG_JwgHVQcedh1AtEQ74QOnqWubAgRfCzdwHwRFFs8fTsH0PP1aSUU25UpV7Rqku59KAoctOWa7sF1w1Vz6jwL6pYwZMeVY-...
https://h.online-metrix.net/uh49qtl8mU1lpFuQ?90a2e3fa39cc4409=ejSOwnG-nnWOyDgGMs5USIYy9CU9MV_OJJGfC4HjG_JwgHVQcedh1AtEQ74QOnqWubAgRfCzdwHwRFFs8fTsH0PP1aSUU25UpV7Rqku59KAoctOWa7sF18oOvRRVb_X9eoPq3i3...

0
387 B

39ms
39ms

Script
text/javascript

91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/uh49qtl8mU1lpFuQ?90a2e3fa39cc4409=ejSOwnG-nnWOyDgGMs5USIYy9CU9MV_OJJGfC4HjG_JwgHVQcedh1AtEQ74QOnqWubAgRfCzdwHwRFFs8fTsH0PP1aSUU25UpV7Rqku59KAoctOWa7sF18oOvRRVb_X9eoPq3i3V6pM&k=2

Protocol

HTTP/1.1

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://online.adp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 May 2024 19:04:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Wed, 15 May 2024 19:04:46 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/uh49qtl8mU1lpFuQ?90a2e3fa39cc4409=ejSOwnG-nnWOyDgGMs5USIYy9CU9MV_OJJGfC4HjG_JwgHVQcedh1AtEQ74QOnqWubAgRfCzdwHwRFFs8fTsH0PP1aSUU25UpV7Rqku59KAoctOWa7sF18oOvRRVb_X9eoPq3i3V6pM&k=2
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 0

GET
H/1.1 200
OK Pjy-k2178cC49Gr2 Show response
image.online.adp.com/ Frame A451 91 KB
14 KB 51ms
43ms Document
text/html 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://image.online.adp.com/Pjy-k2178cC49Gr2?8234a44af7df005f=9NvVVWFYAahCtzfOf4N8WNSqKoTTnOLTRtHLyS-UooMKXVNqWs-D9VguA5atKrh_Y6vRulFWLCA6z3C5euJvNY7i2bxYiZoMc_pFp9Kz9VvqAGSIpgQvJeqMGhyby9Kamaz107Dvh_fFzWCqEVQCAB4IQc7Y79aO-e0TCoQ9suLtG1FOVtxRSQebXRiNGtANrd0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

ff4856064457fd45078a65030cfebc84b3f65601249790fc5f9ca65eb01368a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://online.adp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Wed, 15 May 2024 19:04:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content O4Jy-7wtcm9XvMEe Show response
image.online.adp.com/ Frame 38CC 0
387 B 69ms
40ms Script
text/javascript 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 15 May 2024 19:04:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK eRZrmvRdyXYba714
h.online-metrix.net/ Frame 9B95 0
0 144ms
44ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/eRZrmvRdyXYba714?cc7bf983c8e8bf84=gu2L9wMOGA3k69fPqLSEGfqdBle82LgDuKSNsNbk9KoZK6pwSJlJGbWR99Tz6a7qyqTpPj48QeI3F0b0GaGLcOxQhY6lpOyoWiIgH7EiBt9MmRzViexneR5SjD_V2rW5ma98zxlrSCa_WrjlxH3x0JONuPc39vdaBwhbv5ZJCb5nb6bj2D1xso_BSHU1-wI_T1dY

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://online.adp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Wed, 15 May 2024 19:04:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK C7Cc1XlUTapV_X_E Show response
image.online.adp.com/ Frame 013E 91 KB
14 KB 51ms
44ms Document
text/html 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://image.online.adp.com/C7Cc1XlUTapV_X_E?894b34c0424ed197=IvjvnNci6ivMIVRCftrR1RAkCKVD6p_MJRyspe-gnu7Yr4Eq3tvcAnVF2LeohJKAU3_MIoo_MQH8A9uqY_nqcvJlaEYWYLkscw2H8ByRCvd2XrDN7WkyDqGb8AIkJnHcYWiftmymvt4khuSVOyScU1pcEBxCFdIV5xwIlSp020PkS14fzMWVGSAz8us5TFRWPUld

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

ab801bff7a2e296d4e3190492b30ad02c2145c2a9130975a36cbd11ced81c12a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://online.adp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Wed, 15 May 2024 19:04:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 O4Jy-7wtcm9XvMEe Show response
image.online.adp.com/ Frame 38CC 0
218 B 93ms
41ms Script
text/javascript 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://image.online.adp.com/O4Jy-7wtcm9XvMEe?c04bdea5629c1999=tF7NvIIeimd454f3tVaQu9Et2FGdAYL3rqCLbqZzYQ78ZET9SWAfdEHPDTXGJ0x_xuV9_h0e2yFBb0cARTlMaDT7GLr3pJVGgKcxhXdBtXNUUDdV5uhmydxWwyo6K6XhgV9YP-hWfas&ja=323930382426633d34302c7a3f3630246e35393e303878313238382e63663d3134303a78333230322e7b70713d3935323070393935302664727237312e3136323824393a30382c3136383824333230302e313c30322c3130383824393638302c313a38382e313532322c3b313530266f7c353a3f663d316433393c316736626630303362343662663b303f6a30696633633c2e656c3d322671636e3d3034266e6035607c7478732533492d3a442532466d6e66696c652e636c78266b6f652532467b616f6c696e2530467c31273246273b4e495850414425334c5c697a43726566697e73273236727a676c7d637c4964253b4c30326533303b63392d35303830256a696d31256530353b253b3730353431306835363935273a3e7a6d747d726e555a442d3144687476707925314125304e2d3a4e746b732e616c7826616f6d2530467a75606c69612d3a4e616e6c65782e607c6527323663636c66696c67417278416c2d334c5461784b7a6d666974732470663d3726706a356d3038326c6661353d3d393b33663467626f383b3933676a3c6931393a3930642e60603f6536633b6369363a6133676c303d6a303f3666306b3a3b303532383a343a663b266a7167355f616e6c6f77732d3a383331266a716237436a726f6f6d2d3a38313a34266a7b677d3f57696e666f7d73246a73607d354b6072676d652666606b3f3137266c64673d3a266e6f7c783538267c7a643d4d7d7a6d70652530464865706c696c2e65697c687a3d3430383b6c3363326267633a32673663613d3e3838383a6164313d3d3c3231666436353238333431663e6d6969323c6463393c696e60643732313139313b3661246c7a3560747c7073253b492d30462532446f646c6b6e652c696c782663676d25324e6764722532466d6c7a6c636e646b666f266074656c25334e49585249442531445e415a4352474c415c5b26783d706c7d6f616c5f666c6373622537456663647b6d29706475676966577f6b6e646f7573556d6764696357786469796d7225354d6e696e736521726c7f676b6e5f636c676a6d5f6963726f6a697c27354566636c796523706c776f616657717d69636b7c616567253545646166736721706e7d6f61665f7b686f63637f697465253547666b6c71652172647d6f616e577265616478646379657227354f66636c73672978647d67616e5f76646b57726c617967722f354766616e7b6d29786c7d67696e576c6d74616c7670253f4564616c716d297864756f696e5f7b7e6f5d7669657565782537456663647b6d2970647567696657626376612537456c616e7365246f64576b3d7f656267645f6d60474c2530303b2e322532322047786d6e4f4c2532384d5b273230322c302f32324368706765617d6d215765624f442d3030474c514c2f32324553273a383926302d32302847786d6c474c2530304f5327323045445b442d32384553253a38392c302532324362726d6d697765215f6d62436974576d6a436b74253232576f62454c414c4f444d576966737461666b6d665f617270617373273342273a384d505457626c65666c576f696e6d63782f33402532324d505c57636469705f6b676676726f6c273348253030455a5c576b676c67725f627d6e6e67725f68636c6c5f646c6f637c2d3b4a253a3045585c576c677074685d6366616f7025314a2d3a384550545f66646769765f626c676e6e2531422530384d505c5f6e726167576c6d7274682531422f323245585657786764796f6f6e5f676e6e7165745f616c6b6d722533402d3a384d585c5f7368696c6d705f74657a747f72675f6c6d6c2d3b4a253a3045585c577c67787475706555636d6d70706d7b7b616f665f62707c6b2d31422532324552545d74657a7c7d7a6d5f6b6f6d707a6d7b71696f6e5d726d74612533402d3a384d585c5f7465707c7d70655f666b6c7e65705f616c617b677c72677069632d3b4a273230455a545574677874777a6d5765697a726f72576b64636d705f766f5565666765273b4a2d3a304d58545f7b5a4f4025334227323a4f47535f67646d656d6e7c5f696e6c6d705d75696e762539422732304d4d5b576e62675f7265666c6d705f6d69726d6b70273342273a38474d5357737461666c6970645f6467726376637469746d7b2d3b422d32304f4d5b577665787477726f5f646c6f637c2d3b4a253a304f455b577c67787475706555666e6f61765764616665697225334a2d3a324f45535d746f7876757267576069646657666c6f697c2d31422532324f4f535d74657a7c7d7a6d5f60616c66576e646d61745f6e696465637225314a2d3a384f4d535f766d7a7c67785f6170726b795d6f62686d6b7c2d334a2532305f4d4a454c5f636d6c65725d6275646e6d7a5766646f61742d3b4a2732305747424d4c5d636f6f787a6d7b736d645f746d707c7772655f63737e63273342273a385f4d424f4c5f636765787065737367645574677874777a6d576d746b2533422d3a38554542474e5f696f6f7072677b7b6d6c5f7c6578747d7a6d5d65746333253942273230554d4a4f445f6b6f6d707a6d7b7165645f766572747772655d7b3b7c6b253b422532385f4d40474c5f616f6770706573716d6c577c65707475726d577b3174635f71726d62273342273a385f4d424f4c5f646d6a7d655f72656c646f7267725f6b666e672d334a2532305f4d4a454c5f6467627f675d7368636c6d7a7b253b422532385f4d40474c5f66657a746a5f7467707c7d7a652d3342253a385f4742474c5d647861755f62776e6e6d7a732d3342253a385f4742474c5d6c6573675f636d667c6d70742d3342253a385f4742474c5d6d7f6c76695f667a697f2d334a2532305f4d4a454c5f706d6c73676d6e5f6f676c6d39362e676c5f603530346633633a346b3835316236306d696c383c3639616c3c6935623563343032623a6164373d393e2e776f6c763d41667c676c2532324964632c267765647a35416e7c656c253a38417069732530304570676e474e2d3a384d6e6f696e65&jb=313d382e6e713d4d6d7a636c6e6125304e3d2638253a30285761666c6d77732530304454273230333826382d334a2532305f616634342533402538307a36342b2d3a384970786c65576d6a436b742532443539372c3336273a382043485c4d4c253a4b2d30306c6969652f32324765616367212d323843687267656d27324631303424302c302e322d3a385b616e6172692d3a4e3733372e3136

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 19:04:46 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK YgItSP2FYnQVP10b
7dwbnfjpd366bbemi5ueczrgforf6kdi5tusofox5f24caccc1d0f2b4am1.e.aa.online-metrix.net/ Frame 38CC 81 B
438 B 155ms
41ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://7dwbnfjpd366bbemi5ueczrgforf6kdi5tusofox5f24caccc1d0f2b4am1.e.aa.online-metrix.net/YgItSP2FYnQVP10b?cb3f2ab253fd3002=VA5cFaiW9GDg9EIBZdSXpy4oUkA4-38TLTff348CxDWY6Y7ae_Nc7S0UElcjc3zDpTvFWmJuDC1Et-xQ4eYOI80BWhXa7rhhyyy7h0uuaivoDEhR7yEfqHb8FU10W5o0HPMgb6YXSNqXWFkkQq2u

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 15 May 2024 19:04:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK wa7As463RUfA5Vek Show response
image.online.adp.com/ Frame 83BC 210 KB
29 KB 48ms
47ms Script
text/javascript 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://image.online.adp.com/wa7As463RUfA5Vek?eeaa42c1aa40ee1b=GVmF7ArHuS6-BQUNKoCnvutEk_rH3sMDOqh2me7LZCp71HeckofUEV1T19vA4sz6C4RYUd1tV_gdJ3CnFNwZxdrGnzz5Mzwe6AXh3UwKJvkdRmWMjDZT2qMoouMYPxZ1E2mChELZstoycHugerrX7NnlWDZl

Requested by

Host: image.online.adp.com
URL: https://image.online.adp.com/0V0HxW-NaskWvIaO?e01a9ea941ab345f=28249MELzXcq4SleXai76xG3XiMGK4nrHad0E9gdku4ttAoBmNKEqdVE26iPflpexUlfO0DBgEp356OGF0MSKMgAveXgv4Pql8a0XfAZ_6Ws-OsEDXpQINXifUi0MgsogF_ta_3ezmM&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

c5e797758a590fce48ad68974ba2483b15a602b62a937cf551236db594c03646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://image.online.adp.com/0V0HxW-NaskWvIaO?e01a9ea941ab345f=28249MELzXcq4SleXai76xG3XiMGK4nrHad0E9gdku4ttAoBmNKEqdVE26iPflpexUlfO0DBgEp356OGF0MSKMgAveXgv4Pql8a0XfAZ_6Ws-OsEDXpQINXifUi0MgsogF_ta_3ezmM&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 19:04:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: 5f24caccc1d0f2b4
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=98
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 4qJrgq8dgOwhcrek Show response
image.online.adp.com/ Frame 38CC 0
218 B 41ms
41ms Script
text/javascript 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://image.online.adp.com/4qJrgq8dgOwhcrek?5525533dd71fa7a7=jy_qcE0MeSV69GjFLCkiBkSgW2bWT9XM6NkEXRCt5ZlfoaoCuPIBmBBQ91dp0aJz_HWmD3lo6tblsoB3j9XNSv9Q8IbqZ4p5avbLT4yg1yRHf1QYhu3f11mRIhUWy0bM_kth9mGv_hc290IrR1psdDtUeqgy_Pl9wUNhjgy5_6fjhDfQOIZTaiEwUiHd10CzE0I&jac=1&je=383c2e2e6f6564683f283925304331273a4b3b2d324b3938343f31306661346533333d356032373030386b39643b6235336b3139303532613b353e34633636603c6e3138303a3266323f30693531376236393f32633229

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 19:04:46 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Type: text/javascript;charset=UTF-8

GET
H2 200 sdf-checkbox.97a9944a0a.js Show response
synerg.adp.com/themes/one/ 4 KB
1 KB 39ms
39ms Script
application/javascript 2600:9000:275d:b800:1e:d968:7dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synerg.adp.com/themes/one/sdf-checkbox.97a9944a0a.js
Requested by: Host: synerg.adp.com
URL: https://synerg.adp.com/config/synerg-config-3.20.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:b800:1e:d968:7dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97a9944a0a295babed3d06cf7c980e57c9165e7dd749f7e8d919037da9c5ec45

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Origin: https://online.adp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 03:16:27 GMT
content-encoding: gzip
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
last-modified: Wed, 20 Dec 2023 03:32:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 7573700
etag: W/"193f2e10e31bb4804b3b4c1e14e905f1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amz-cf-id: xTkofvDf7Kt0K_XgyFKthkOajVSHDROfzlAb4J0jJDGj_acuyy07bQ==

GET
H/1.1 204
No Content _LmfqqKmAUMaYAYw Show response
image.online.adp.com/ Frame A451 0
387 B 40ms
40ms Script
text/javascript 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://image.online.adp.com/_LmfqqKmAUMaYAYw?16226884e78f13b6=G__PWS7CElbuBDK2eaccU6qL4QU9IGvuBi1c3Yi1wvydu8v5c4RatjfX7D2sO7s2DFQ9QRJDe2ncpWKlAewfcaVuG3nkaV38mEqNCjALCyeJC62H-g6HkXNmsXsNKw2RvgKOfPjjrlI&jf=333e2e6471623d6236353f6266376632303e3e3c396c3762656a303a6031303767383332673437

Requested by

Host: image.online.adp.com
URL: https://image.online.adp.com/Pjy-k2178cC49Gr2?8234a44af7df005f=9NvVVWFYAahCtzfOf4N8WNSqKoTTnOLTRtHLyS-UooMKXVNqWs-D9VguA5atKrh_Y6vRulFWLCA6z3C5euJvNY7i2bxYiZoMc_pFp9Kz9VvqAGSIpgQvJeqMGhyby9Kamaz107Dvh_fFzWCqEVQCAB4IQc7Y79aO-e0TCoQ9suLtG1FOVtxRSQebXRiNGtANrd0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://image.online.adp.com/Pjy-k2178cC49Gr2?8234a44af7df005f=9NvVVWFYAahCtzfOf4N8WNSqKoTTnOLTRtHLyS-UooMKXVNqWs-D9VguA5atKrh_Y6vRulFWLCA6z3C5euJvNY7i2bxYiZoMc_pFp9Kz9VvqAGSIpgQvJeqMGhyby9Kamaz107Dvh_fFzWCqEVQCAB4IQc7Y79aO-e0TCoQ9suLtG1FOVtxRSQebXRiNGtANrd0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 15 May 2024 19:04:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 iR2RWep8wC_GCGKh
image.online.adp.com/ Frame 38CC 0
400 B 43ms
43ms Image
image/png 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.online.adp.com/iR2RWep8wC_GCGKh?18fbcf7c8e54288b=TUWuxlhZe20i1nGbWHvHL42JkKP3PXshusnDHdyIVuCQ5W-2gkjkGv8hY3V_kxncwCWtpbWSsVHjubtOKbCt2MFqJULAamgof_3VXnhRRvBJ9ytoPnQAHHHc9r3UTf4ijWCN3aaoRSAd6GvsBth6mxRLU85YzUk_31C8a2M02dHVNFaJXZqcWjO25O9pDr66Z2U&jf=3439302e7169645f706e6e3d7664725d4952474c774a4567337f417848427048247363645d6461766d35393f313d37393930303e247369645d747370673d77676a326d6b647b612673616c576965793d31303f3931303131383e383f3269383634306b6d3164303232313a3632383263303e3c30636d3364303b38393237303336323a3032343435383e6c6a66386534653c393c3037623061373d63633938353f3d6a3e663f333739693b693138336366663a373b3633606a3e693865386365636a3e6c6437356431633331373766663b6a6c6a38306231343c3b693263613237313d343a38313b3a38386b643a3866323c3f303463623360396e3037396335383f3e6964692673696c577b6b673d3332343c3030323132386b6b6b366b3034656d306d3a32313235656962663263353f6a3e6b6631356230313e386330386330303a6164613234306e3d6e35693730656d693a373266353430383233303067316a303d636e3165323d3a316161396660666c663b31323139313f6e3539626664393e3c6333616236363d65606463633a3c6b6c666c30393931303f6639322671696c723f30

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 15 May 2024 19:04:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK s_nwlRUTzKM8tEVp Show response
image.online.adp.com/ Frame 83BC 35 B
557 B 42ms
41ms Script
text/javascript 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://image.online.adp.com/s_nwlRUTzKM8tEVp?f8a162d8b8a74d28=gCCtc5a1y-8WiEVQsDDgqD0AebBqAOvFKIuRVa_fMFhPXPB-BdgWfiuJ6o4eWoXH8lCaZGD2SUHEpVSXzVbXE3xyLGM0SJypp1T4NpoovCWzCqQmUeL5vUTb4lTjXgrfXzSHK_QmNmv9RzlJHy6hxUTLfiyG3wh7BWmY8Ye4RLYpbmAXMLjoonfP2kRpqM1clYlYHkStn9E&sera_parametere=UxYPVQUEW1BaBlECXgFSBgxWAQMHV1ABUgQHAAJXUgVTU1MFBQJXWgJXUhYVQV9dWxZHQBBEUCdGBiYVUXZHBgUMQVEPBA4GDUUXFVV2RwN3VhcDJ0RRUwteF0QVF1FwEFFwEVQlRQcKDAFTUQRSBwxSAAMBAltUBVAAUgIGWlYDAgcBUVZWUVFSVwBWUVIABQQUWgwPAAZeBAICUlEDV1YFA1BTB1EBVxcOQ1sCGlIHUgZSW1AFAlJQUlIHB1pWUFdRAQICBVRaVVdTAwRWBwEFAAEGVlFFAlhZAVcEUwYTD1sJTlBFEwoMXQlfC1oSXQ0PEgFcIAsRXglVQFAUCQRUBhIBDhBeNFgKVAlFERJWBA9ABxs8AAJdCFIHUQkSUBIPAVI%3D&count=0&max=0

Requested by

Host: image.online.adp.com
URL: https://image.online.adp.com/wa7As463RUfA5Vek?eeaa42c1aa40ee1b=GVmF7ArHuS6-BQUNKoCnvutEk_rH3sMDOqh2me7LZCp71HeckofUEV1T19vA4sz6C4RYUd1tV_gdJ3CnFNwZxdrGnzz5Mzwe6AXh3UwKJvkdRmWMjDZT2qMoouMYPxZ1E2mChELZstoycHugerrX7NnlWDZl

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

7413182be8620b8d7d55849a0cd469be32fb16c592d00a32810d3fbd9e109f8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://image.online.adp.com/0V0HxW-NaskWvIaO?e01a9ea941ab345f=28249MELzXcq4SleXai76xG3XiMGK4nrHad0E9gdku4ttAoBmNKEqdVE26iPflpexUlfO0DBgEp356OGF0MSKMgAveXgv4Pql8a0XfAZ_6Ws-OsEDXpQINXifUi0MgsogF_ta_3ezmM&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 15 May 2024 19:04:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content O4Jy-7wtcm9XvMEe Show response
image.online.adp.com/ Frame 38CC 0
387 B 40ms
40ms Script
text/javascript 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://online.adp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 15 May 2024 19:04:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dyn-msg-service.prod.adp.com
URL: https://dyn-msg-service.prod.adp.com/api/dyn-msg-service/v1/message?callingAppId=TaxCredits

Domain: dyn-msg-service.prod.adp.com
URL: https://dyn-msg-service.prod.adp.com/api/dyn-msg-service/v1/message?callingAppId=TaxCredits

Domain: dyn-msg-service.prod.adp.com
URL: https://dyn-msg-service.prod.adp.com/api/dyn-msg-service/v1/message?callingAppId=TaxCredits

Domain: dyn-msg-service.prod.adp.com
URL: https://dyn-msg-service.prod.adp.com/api/dyn-msg-service/v1/message?callingAppId=TaxCredits

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tcs.adp.com/	1969-12-31 23:59:59	Name: BIGipServerp_tcs.adp.com_web Value: 249888779.9255.0000
.adp.com/	1970-01-21 06:12:39	Name: k8Ksj346 Value: A-iCpH2PAQAA-A9GYvQtQzVooeTX8iFJOM10yx64rDRbGjZJfm3l1mrVADEOAVD_B2WucgzkwH8AAEB3AAAAAA\|1\|0\|f60882a26a5ddac276e1e9892486fbd48f3e8322
online.adp.com/	1970-01-21 05:22:36	Name: Value: MUXhui9c
.adp.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: e5ab7679-4c66-4f4a-aa18-480f9bd62892
image.online.adp.com/	1970-01-21 06:12:39	Name: thx_guid Value: 4621d53658a40e733f5ff7755f49ae5b
.adp.com/	1970-01-21 06:12:39	Name: ADPLangLocaleCookie Value: en_US
h.online-metrix.net/	1970-01-21 06:12:39	Name: thx_global_guid Value: f0cd0794df85430781ef5692d28d345e

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://online.adp.com/inc/js/lib/6a8f894227f41759348779077d1e5851.js?cache=AIAroH2PAQAAHtczGpS8xHHwEA9yIxFi34w_90zTUV-FMOb22P2zX-yap-K_&X-zuY25QsG--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://online.adp.com/inc/js/lib/6a8f894227f41759348779077d1e5851.js?cache=AIAroH2PAQAAHtczGpS8xHHwEA9yIxFi34w_90zTUV-FMOb22P2zX-yap-K_&X-zuY25QsG--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://online.adp.com/inc/js/lib/6a8f894227f41759348779077d1e5851.js?cache=AIAroH2PAQAAHtczGpS8xHHwEA9yIxFi34w_90zTUV-FMOb22P2zX-yap-K_&X-zuY25QsG--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
other	warning	URL: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.adp.com/signin/v1/?APPID=TaxCredits&productId=80e309c3-7082-bae1-e053-3505430b5495&returnURL=https://tcs.adp.com/public/index.htm&callingAppId=TaxCredits Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7dwbnfjpd366bbemi5ueczrgforf6kdi5tusofox5f24caccc1d0f2b4am1.e.aa.online-metrix.net
cdn.pendo.io
data.pendo.io
dyn-msg-service.prod.adp.com
h.online-metrix.net
image.online.adp.com
online.adp.com
ponos.zeronaught.com
synerg.adp.com
tcs.adp.com
dyn-msg-service.prod.adp.com
107.162.179.174
170.146.93.133
2600:9000:275d:b800:1e:d968:7dc0:93a1
34.107.204.85
34.238.93.48
34.36.213.229
52.44.46.192
91.235.132.130
91.235.134.131
91.235.134.25
033afcd324350b7a1701e0aaa793702aa3b34a72923db2624dfe7caefa34121e
03ba78cb25761a27a1490be9cf903f0849f995601ea0ede1a43b7847c6ecd3fb
0d59594d6e8a2ec12ee1937cae157c8367e37c601f8cbfe796d9311eac725448
1474e44b8753b545445ae863369e07fd9beac072410ea31743bd2c83f563af7a
14d480e7c58656fbb8cd031d3feb3a4c1d12c849d37211553437e426a7b6d4f2
15d40cd99e2da27b2c90e7c31eb4e129c44f19170f9a8e64dd550a03ba0cc4d8
1c4c1489cf2485b870342eea557799661a7d4a1a6f73fc10a41bdd3d59bd6aec
1ce36de2e2e7e2cb206a31ce5811c2d16afef853e3eff4f52c877dc44c15d411
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb
2696ede43575a058d66aa68c8f90894f1554d1eb6a6349dfd494fd6b13a826a7
2cee66087f92ce81a99448143e1364242ff2a3b6769dc1cded8ac34a4782b33c
343bdd26d9e97624f7192256a7ea3b3dd56fff0ee15ce798806876e64dd77aaf
414567bb49f05c82ae4e2208d2e9eaabbda830ddd169ca2ff25790c1ca3d1629
418360b87ebccbfb0c9ced1b0d81150ff76268f27bc5f2da0402a0ab931e6924
44850de8652852512d7bb7625dbf80d6c74a7cb8de330ce306d9e18fe24cc4de
4bb5b859587d33e2711703d531479de076f97a369151c7ae07e5d17ce1e1b8c8
4c1a30c7475d87dfcd5010a2a3cbc8d6bf16427f5a1f6d788ef3ce904083da8b
4e69b13a94e364bed98ba28fbc79730e87006543f37f269f21d82359d4122a8e
50b0244ef4e6cf78b0b2ee2073c567b21b608eca914d362dea898268416430bb
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
5172acd46befc46ab786a1dbfb45000816b50be4f8b4a5e1d675dc98919dec5a
57c325b5ae817ebada4835cbb286a03cb60e8bc28857e4ec10c28f814ccf7ce9
57c7c06e8b3fe39e2b21a4e2b8a5df7d339c8d01a1d549fb60c3e91fa11c3ab9
5d04d9057fb10dc91f5e71e42baf1d19f20b75d13c8f282f751e40e6793ea50d
5faefef6c95457ad34b8ddc76cf42f5237dbbfdfb9782d5007ef7f4ea59409c6
71e37a4a28a6c98b61f8bfb3a4af995a01ecd2d1427aa4c7ebedae19ec01ac03
739aa62246d0da3c2fbefe858f4793ebbb44f7c811de99cb585a714e32362ca1
73ff5a527b54d6edc0055f4da2f5029f3222da5dd26ffeb6ae750932200e9d53
7413182be8620b8d7d55849a0cd469be32fb16c592d00a32810d3fbd9e109f8b
7621d603e87b2ec681fff75b5cbe62ecd867991ff420359532dab93cbd4d334f
7a1e50d1786d26aa029aa0142df37416c1a9221e4adde8eeae7788cca74ea0c4
8002a8df813d4cd0bdcc40573c60ebfe38755427fb9ef16ff6c37afd85c9d2e6
80def75f48ccfd581ba4d738ba8ae14f27cf8c6ae92228fb9174df4f5a6987d1
832b6bfd89a3b79238d1e5b7984a70dd28dfd69e4e37a2a6dfeeeeff31a7675f
860dd89046abef162a52351304a34ef2c9e152148c4508cdc3effddc5dcfb640
87d3ca0f7f836c7c0b83df366ad265325577cda80eb302612605818621be665e
8c5d2b56bc6086e5a66f1428410bfa985044f20e2cc7d563dffb672a78388a02
8fe452d74d68ceba4e7f24ed7da5b9a0a1018b41c7a45796d9f38b562228106a
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
97a9944a0a295babed3d06cf7c980e57c9165e7dd749f7e8d919037da9c5ec45
9bab147e9897086b27b3f5f5c1af30be1fa3678b9c6bd0e71b2835a0c6884a55
a7ab75faf22b4c8c35b43e7abcf66bd33e3de1ff93237d8faf035da7ccf8ea4b
ab6c5333b1196748771f7a382a966747cc1f21ea130a2c1b2368e221dab6e305
ab801bff7a2e296d4e3190492b30ad02c2145c2a9130975a36cbd11ced81c12a
abbc8442e6a195cbbb0c9860750e14f37ba751fce4eabf0974e2974bc4e7674f
b92cb76bcecdcb627bcebbb37cb6ce86cbb1a9e51a20fac0280f07de5216281f
ba6f74759eb054a514b87365e1a4383a0e8d2db92adb55c0633afc3dd3f58b2f
bbdfe2ce24bf0a9ac1d5f9ef8f9c4aba1a69f8b4966d628cea2786ac51e7fd47
be4f4a70ace157a349e09ed78a0f5f9916aa8801e0d69d188f11472d38f9510e
bebb85995f0e9efe38fddddd949facc4ec3c8d237dd55ea453fcea6d4e64fbf7
c286dec985e3b7dbc191f8f763ded1b6db5be126927c818962478b07789a0e3c
c5e797758a590fce48ad68974ba2483b15a602b62a937cf551236db594c03646
d34eb6787c5b2d7a7aa8337c8f7067fa74c773498b70dd3cb5cbaea81c3218f1
d4c7bde9e51770f84eedb2f86ef50df3fcce637a916f912208f2f06e2b517902
d867ba644c158908ac46a9e94231adc080d185bacd3c01dd93e819f2d3365b9b
d921f145baf2b91de4e91d29deaae8be491ee7bacbbdc8a2d887b21066015679
db97a4db63cb690a494334cbb47f47e3176c6aa3134d4dc52e4bbb4357e25cbc
df7069893e99a7ab00720402ec3249023ea35ef37fe7c20d856a8bfd31a0e1b1
e203c1980a309634e34c40a837825c7c0c75adfefc3395c9cb6a9341795b950e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94dd2549875419a2368a61b62760edd9ce08ed6b8f5811c94dfee82b8e9dc57
ed2855d30cd98894bbbf680af7bf98812e75ca8cbe94f1e4f68137946d5f4de4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef62646b0b21053bd22e4069e956d629cd4a64b4e35aeaaca0b522123b242c29
f647231bd77a3ce2a43dd7c7a8118c6ae82224b3297624a054fbc979da5dbcf8
ff4856064457fd45078a65030cfebc84b3f65601249790fc5f9ca65eb01368a0

online.adp.com Open in urlscan Pro 52.44.46.192 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

83 Requests

93 %HTTPS

10 %IPv6

4 Domains

10 Subdomains

10 IPs

1 Countries

1664 kBTransfer

6534 kBSize

7 Cookies

1 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

online.adp.com Open in urlscan Pro
52.44.46.192 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

93 %
HTTPS

10 %
IPv6

4
Domains

10
Subdomains

10
IPs

1
Countries

1664 kB
Transfer

6534 kB
Size

7
Cookies

83 HTTP transactions
1 data transactions