secure.payrollbytempus.com Open in urlscan Pro
3.104.237.19 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secure.payrollbytempus.com/
Submission: On August 23 via automatic, source certstream-suspicious (August 23rd 2023, 3:05:30 am UTC) — Scanned from AU

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 16 domains to perform 54 HTTP transactions. The main IP is 3.104.237.19, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is secure.payrollbytempus.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 23rd 2023. Valid for: a year.

This is the only time secure.payrollbytempus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	3.104.237.19 3.104.237.19	16509 (AMAZON-02) (AMAZON-02)
2	16.182.71.169 16.182.71.169	16509 (AMAZON-02) (AMAZON-02)
4	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.4.104 142.250.4.104	15169 (GOOGLE) (GOOGLE)
2	142.251.175.97 142.251.175.97	15169 (GOOGLE) (GOOGLE)
1	104.16.228.232 104.16.228.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.155.68.121 18.155.68.121	16509 (AMAZON-02) (AMAZON-02)
5	172.253.118.100 172.253.118.100	15169 (GOOGLE) (GOOGLE)
1	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.125.130.94 74.125.130.94	15169 (GOOGLE) (GOOGLE)
1	42.99.140.187 42.99.140.187	4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global)
2	104.18.141.83 104.18.141.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
1	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.84.251.84 52.84.251.84	16509 (AMAZON-02) (AMAZON-02)
3 4	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	157.240.235.35 157.240.235.35	32934 (FACEBOOK) (FACEBOOK)
54	17

27 3.104.237.19 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

secure.payrollbytempus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 16.182.71.169 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

keypay-prod.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.4.104 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.175.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.228.232 (None, )

ASN13335 (CLOUDFLARENET, US)

hello.myfonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-121.sin52.r.cloudfront.net

cdn.raygun.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.253.118.100 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f100.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.130.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 42.99.140.187 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-187.pacnet.net

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.141.83 (None, )

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.235.1 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

your-payroll.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.251.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-84.sin5.r.cloudfront.net

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.235.35 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	payrollbytempus.com secure.payrollbytempus.com	655 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62	21 KB
5	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2385 ekr.zdassets.com — Cisco Umbrella Rank: 2709	283 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 421 www.linkedin.com — Cisco Umbrella Rank: 686	5 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	113 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 9410 prism.app-us1.com — Cisco Umbrella Rank: 9494	8 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	151 KB
2	amazonaws.com keypay-prod.s3.amazonaws.com	148 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	185 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1154	369 B
1	zendesk.com your-payroll.zendesk.com	1 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1072	5 KB
1	gstatic.com www.gstatic.com	182 KB
1	raygun.io cdn.raygun.io — Cisco Umbrella Rank: 11118	21 KB
1	myfonts.net hello.myfonts.net — Cisco Umbrella Rank: 10667	353 B
1	google.com www.google.com — Cisco Umbrella Rank: 3	874 B
54	16

	Domain	Requested by
27	secure.payrollbytempus.com	secure.payrollbytempus.com
5	www.google-analytics.com	secure.payrollbytempus.com cdn.raygun.io www.googletagmanager.com
4	static.zdassets.com	secure.payrollbytempus.com static.zdassets.com
3	px.ads.linkedin.com	2 redirects secure.payrollbytempus.com
2	connect.facebook.net	secure.payrollbytempus.com connect.facebook.net
2	www.googletagmanager.com	secure.payrollbytempus.com www.google-analytics.com
2	keypay-prod.s3.amazonaws.com	secure.payrollbytempus.com
1	www.facebook.com	secure.payrollbytempus.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	cdn.raygun.io
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	your-payroll.zendesk.com	static.zdassets.com
1	diffuser-cdn.app-us1.com	secure.payrollbytempus.com
1	snap.licdn.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	ekr.zdassets.com	static.zdassets.com
1	cdn.raygun.io	secure.payrollbytempus.com
1	hello.myfonts.net	secure.payrollbytempus.com
1	www.google.com	secure.payrollbytempus.com
54	19

This site contains no links.

Subject Issuer	Validity	Valid
secure.payrollbytempus.com Amazon RSA 2048 M02	`2023-08-23` - `2024-09-21`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2022-11-10` - `2023-11-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-10` - `2024-05-09`	a year	crt.sh
*.raygun.io Amazon RSA 2048 M02	`2022-10-11` - `2023-11-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
diffuser-cdn.app-us1.com E1	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-01` - `2023-08-30`	3 months	crt.sh
your-payroll.zendesk.com Cloudflare Inc ECC CA-3	`2023-04-05` - `2024-04-03`	a year	crt.sh
prism.app-us1.com E1	`2023-07-27` - `2023-10-25`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://secure.payrollbytempus.com/
Frame ID: A9536CDA3FAD50B7C8593C59DD8B8DB5
Requests: 50 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1a67289.js
Frame ID: A4ADF956FA22C87ED1A8C2065FB54059
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tempus

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

54
Requests

98 %
HTTPS

0 %
IPv6

16
Domains

19
Subdomains

17
IPs

5
Countries

1589 kB
Transfer

4529 kB
Size

19
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=447433&time=1692759924332&url=https%3A%2F%2Fsecure.payrollbytempus.com%2F&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=447433&time=1692759924332&url=https%3A%2F%2Fsecure.payrollbytempus.com%2F&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D447433%26time%3D1692759924332%26url%3Dhttps%253A%252F%252Fsecure.payrollbytempus.com%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=447433&time=1692759924332&url=https%3A%2F%2Fsecure.payrollbytempus.com%2F&tm=gtmv2&cookiesTest=true&liSync=true

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
secure.payrollbytempus.com/ 40 KB
15 KB 871ms
312ms Document
text/html 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3e62926c7dd498d3c32dd85aeba45bb0961081eeb0accc4b7de5dba580826f8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.yourpayroll.com.au ;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-length: 13676
content-security-policy: frame-ancestors 'self' *.yourpayroll.com.au ;
content-type: text/html; charset=utf-8
date: Wed, 23 Aug 2023 03:05:17 GMT
expires: -1
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css
secure.payrollbytempus.com/Content/themes/base/ 25 KB
9 KB 114ms
112ms Stylesheet
text/css 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Content/themes/base/css?v=dTzABYrUJItGr8xilE5wN5D0a4brIbttX9jHLrrbpbE1

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5a5b5482ca7491bbb7b166fc0e4e5e84c3c48ab39954dd9e9f61dcc2fa080eb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Wed, 23 Aug 2023 03:05:17 GMT
server: nginx
vary: User-Agent,Accept-Encoding
content-type: text/css; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: public
content-length: 7796
x-xss-protection: 1; mode=block
expires: Thu, 22 Aug 2024 03:05:17 GMT

GET
H2 200 appbs3
secure.payrollbytempus.com/Content/ 125 KB
30 KB 117ms
114ms Stylesheet
text/css 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Content/appbs3?v=YJfVqLLNP9xSCJY1c5gddynGq35iZ1tX4iPhh5LRFeo1

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

34f8bfba27459d1ddaeb1b3334a64be310b55d791d5ebcaf6de9949944f9de7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Wed, 23 Aug 2023 03:05:17 GMT
server: nginx
vary: User-Agent,Accept-Encoding
content-type: text/css; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: public
content-length: 29356
x-xss-protection: 1; mode=block
expires: Thu, 22 Aug 2024 03:05:17 GMT

GET
H2 200 app
secure.payrollbytempus.com/Content/ 123 KB
34 KB 211ms
209ms Stylesheet
text/css 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Content/app?v=V-J70uBmervyjtyYRAn_df6nmNFDFoZDQ523Xgr_fY01

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f25b0328cfe542bcfd4c2ff6f910dc57603bf1238d019b3a42bb4d20130ea3f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Wed, 23 Aug 2023 03:05:17 GMT
server: nginx
vary: User-Agent,Accept-Encoding
content-type: text/css; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: public
content-length: 33197
x-xss-protection: 1; mode=block
expires: Thu, 22 Aug 2024 03:05:17 GMT

GET
H2 200 main
secure.payrollbytempus.com/Content/scss/ 64 KB
14 KB 212ms
210ms Stylesheet
text/css 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Content/scss/main?v=0-PNdkMF0iDHRamX2zCp7Apj8Iymx3BT7-RU_zUdAo81

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e65a7a16e5203e7de55fb9fedc1465f61f00fc54cf5e202b925caeebd5727abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Wed, 23 Aug 2023 03:05:17 GMT
server: nginx
vary: User-Agent,Accept-Encoding
content-type: text/css; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: public
content-length: 13587
x-xss-protection: 1; mode=block
expires: Thu, 22 Aug 2024 03:05:17 GMT

GET
H2 200 appbs5
secure.payrollbytempus.com/Content/ 78 KB
15 KB 213ms
210ms Stylesheet
text/css 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Content/appbs5?v=4DBxguFbfin1S8uZEcSCiCNZp057QYSXu1tadsDOXM01

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

fc8b64a96000e48adaba81bde84eeb90294fd8226567bc77b9dfb2f4a75c2fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Wed, 23 Aug 2023 03:05:17 GMT
server: nginx
vary: User-Agent,Accept-Encoding
content-type: text/css; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: public
content-length: 14670
x-xss-protection: 1; mode=block
expires: Thu, 22 Aug 2024 03:05:17 GMT

GET
H2 200 themecss
secure.payrollbytempus.com/Content/KeypayTheme/ 15 KB
5 KB 210ms
208ms Stylesheet
text/css 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Content/KeypayTheme/themecss?v=UhPZG9pcZZ4vj2BzCe3vgWYJDEnEpk_NRtMeOpol7I01

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

845f73fbfd6411eff6342196d34e806e89e553422e22fd511f2ab1cb2770aecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Wed, 23 Aug 2023 03:05:17 GMT
server: nginx
vary: User-Agent,Accept-Encoding
content-type: text/css; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: public
content-length: 4350
x-xss-protection: 1; mode=block
expires: Thu, 22 Aug 2024 03:05:17 GMT

GET
H2 200 Resx Show response
secure.payrollbytempus.com/HeaderScripts/ 20 KB
6 KB 306ms
304ms Script
text/javascript 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/HeaderScripts/Resx?contextId=W2822

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

fdb5be3febaa9fb091d60ab5775fe154cd0054faf8e054dfc5fdd393e23428ae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.yourpayroll.com.au ;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Wed, 23 Aug 2023 03:05:17 GMT
server: nginx
content-security-policy: frame-ancestors 'self' *.yourpayroll.com.au ;
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: private, max-age=7200
content-length: 5062
x-xss-protection: 1; mode=block
expires: Thu, 24 Aug 2023 03:05:17 GMT

GET
H2 200 BrandedKeyPayTheme
secure.payrollbytempus.com/Public/ 88 KB
20 KB 363ms
361ms Stylesheet
text/css 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Public/BrandedKeyPayTheme?whiteLabelId=2822

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2e936c61f8d3d28ba7cdec19c3ba2b6a38feb2efcb1c86497d80a93d21e5b2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Wed, 23 Aug 2023 03:05:17 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: public, max-age=3600
content-length: 19458
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2023 04:05:17 GMT

GET
H2 200 styles.css
secure.payrollbytempus.com/Content/KeypayTheme/keypay-icons/ 5 KB
2 KB 211ms
210ms Stylesheet
text/css 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Content/KeypayTheme/keypay-icons/styles.css?v=1.7

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a2e8d700d3726d26a6dd81d0cd5e13ac4eed5fabd57f8c819c111b4edc7a2dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 22 Aug 2023 11:10:44 GMT
server: nginx
etag: "0d24d4be9d4d91:0"
vary: Accept-Encoding
content-type: text/css
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1160
x-xss-protection: 1; mode=block

GET
H2 200 styles.css
secure.payrollbytempus.com/Content/KeypayTheme/keypay-ui/ 10 KB
3 KB 210ms
209ms Stylesheet
text/css 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Content/KeypayTheme/keypay-ui/styles.css?v=mvcdgu

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

cee483751bc1c829c978672fc0735bef8f3edb03f824f0e1132e827898030720

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 22 Aug 2023 11:10:44 GMT
server: nginx
etag: "0d24d4be9d4d91:0"
vary: Accept-Encoding
content-type: text/css
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2230
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK tempus-black-background-no-pad-lhs.png
keypay-prod.s3.amazonaws.com/content/2822/18/ 3 KB
4 KB 910ms
332ms Image
image/png 16.182.71.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://keypay-prod.s3.amazonaws.com/content/2822/18/tempus-black-background-no-pad-lhs.png
Requested by: Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.182.71.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 236e0e1a93bc3de05ca4fc559a8e8b4ca33384dc287071fd8248a7356310f787

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 03:05:20 GMT
Last-Modified: Wed, 16 Aug 2023 03:04:05 GMT
Server: AmazonS3
x-amz-request-id: 6XSD9W5AKEK3EPNS
ETag: "5ca69cea5854ce76c99d2f3129e8534b"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3473
x-amz-id-2: H+CLcVLhoeSx5Cx6vMgQuK02j6CKBdZMFXh4qthPbSJg/pg/41zLCqxQ74LhSWRMaPQHj/4920M=

GET
H2 200 runtime.5db94c9d40e660401d78.bundle.js Show response
secure.payrollbytempus.com/Scripts/bundle/ 2 KB
2 KB 103ms
103ms Script
application/javascript 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Scripts/bundle/runtime.5db94c9d40e660401d78.bundle.js

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

390174a1dcf57eedcf53dcf066ab063e34ab8f9808d8176c188a4ef890da1922

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 22 Aug 2023 11:18:36 GMT
server: nginx
etag: "04ea364ead4d91:0"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1009
x-xss-protection: 1; mode=block

GET
H2 200 2.a87d7b96c8b56c21d236.chunk.js Show response
secure.payrollbytempus.com/Scripts/bundle/ 16 KB
7 KB 151ms
151ms Script
application/javascript 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Scripts/bundle/2.a87d7b96c8b56c21d236.chunk.js

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

708cab717751b33290f87cc9b6b7ce2c4008a3000b8432d00b13f1b8fe21f0f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 22 Aug 2023 11:18:36 GMT
server: nginx
etag: "04ea364ead4d91:0"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5977
x-xss-protection: 1; mode=block

GET
H2 200 7.5cdf9eeedf09e99315fc.chunk.js Show response
secure.payrollbytempus.com/Scripts/bundle/ 362 KB
101 KB 200ms
200ms Script
application/javascript 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Scripts/bundle/7.5cdf9eeedf09e99315fc.chunk.js

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

87c628aaecec0ada01b5b0c25e53077046fb45c24794d475324500f5fd755165

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 22 Aug 2023 11:18:36 GMT
server: nginx
etag: "04ea364ead4d91:0"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 101842
x-xss-protection: 1; mode=block

GET
H2 200 99.9f3ba9c9296adf34014c.chunk.js Show response
secure.payrollbytempus.com/Scripts/bundle/ 28 KB
13 KB 102ms
102ms Script
application/javascript 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Scripts/bundle/99.9f3ba9c9296adf34014c.chunk.js

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

4db5b94d86f3edc48d4a02207aeef181b97eaf44e08d854d251b2b23b9c564d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 22 Aug 2023 11:18:36 GMT
server: nginx
etag: "04ea364ead4d91:0"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12595
x-xss-protection: 1; mode=block

GET
H2 200 0.0bbc41b8f62e9f6520a7.chunk.js Show response
secure.payrollbytempus.com/Scripts/bundle/ 166 KB
54 KB 139ms
139ms Script
application/javascript 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Scripts/bundle/0.0bbc41b8f62e9f6520a7.chunk.js

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

d4e53b356203876433965750dc2b94f3c0d994d43748111c65a6a13863a3168c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 22 Aug 2023 11:18:36 GMT
server: nginx
etag: "04ea364ead4d91:0"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 53843
x-xss-protection: 1; mode=block

GET
H2 200 5.2580bf2cf7287810ad08.chunk.js Show response
secure.payrollbytempus.com/Scripts/bundle/ 114 KB
31 KB 105ms
105ms Script
application/javascript 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Scripts/bundle/5.2580bf2cf7287810ad08.chunk.js

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

1a30715356155e9a8f6641f5b7f6f9ffb9325c1ee1e12de3893e7e2d65591921

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 22 Aug 2023 11:18:36 GMT
server: nginx
etag: "04ea364ead4d91:0"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 30174
x-xss-protection: 1; mode=block

GET
H2 200 3.74d3dbad8ac0c36636fe.chunk.js Show response
secure.payrollbytempus.com/Scripts/bundle/ 362 KB
106 KB 114ms
111ms Script
application/javascript 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Scripts/bundle/3.74d3dbad8ac0c36636fe.chunk.js

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9f58e0b3f86a853847d70b160dfd01f3ac40eec2ffdc1c99f058b07c8e2e1362

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 22 Aug 2023 11:18:36 GMT
server: nginx
etag: "04ea364ead4d91:0"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 107089
x-xss-protection: 1; mode=block

GET
H2 200 4.eb27a62d9fc78212eec9.chunk.js Show response
secure.payrollbytempus.com/Scripts/bundle/ 45 KB
14 KB 107ms
105ms Script
application/javascript 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Scripts/bundle/4.eb27a62d9fc78212eec9.chunk.js

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

84158fe080aa713fb3071be1bd689a033f8ab19a8579dec33338753a78053d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 22 Aug 2023 11:18:36 GMT
server: nginx
etag: "04ea364ead4d91:0"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13587
x-xss-protection: 1; mode=block

GET
H2 200 6.f6f0726824938d16d35f.chunk.js Show response
secure.payrollbytempus.com/Scripts/bundle/ 94 KB
26 KB 149ms
147ms Script
application/javascript 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Scripts/bundle/6.f6f0726824938d16d35f.chunk.js

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b910f67dcdbfaed1b8abaa7085e1460933266d636119538ee148ae32cfedd872

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 22 Aug 2023 11:18:36 GMT
server: nginx
etag: "04ea364ead4d91:0"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 25506
x-xss-protection: 1; mode=block

GET
H2 200 29.376700595c077ccaba4e.chunk.js Show response
secure.payrollbytempus.com/Scripts/bundle/ 16 KB
6 KB 148ms
146ms Script
application/javascript 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Scripts/bundle/29.376700595c077ccaba4e.chunk.js

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

6cf5be0cec1f376870b90a70f63b5f5bb67d19fd670fcef8ac7a37ec40300c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 22 Aug 2023 11:18:36 GMT
server: nginx
etag: "04ea364ead4d91:0"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4536
x-xss-protection: 1; mode=block

GET
H2 200 91.b38d26bf8969a7bdfd95.chunk.js Show response
secure.payrollbytempus.com/Scripts/bundle/ 13 KB
5 KB 149ms
146ms Script
application/javascript 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Scripts/bundle/91.b38d26bf8969a7bdfd95.chunk.js

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b33c42414c7fe33162b5ae4123d40c4fc515eceb058c22abc5d77fe3bae1ca34

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 22 Aug 2023 11:18:36 GMT
server: nginx
etag: "04ea364ead4d91:0"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3729
x-xss-protection: 1; mode=block

GET
H2 200 164.e6643942a79c61b161e1.chunk.js Show response
secure.payrollbytempus.com/Scripts/bundle/ 233 B
1 KB 149ms
147ms Script
application/javascript 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Scripts/bundle/164.e6643942a79c61b161e1.chunk.js

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

40dc0c186799877050c046b8ee2d5847bd42bbf22916f1ff2c3a2423f993e2f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 22 Aug 2023 11:18:36 GMT
server: nginx
etag: "04ea364ead4d91:0"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 321
x-xss-protection: 1; mode=block

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 495ms
105ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=98b65988-e775-4de4-911a-8232b7d78c7b

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:18 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: TDMX7FKV107EPGGF
age: 43
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-amz-id-2: mEfdnHG+4ET9FRTmDfKIS9KIphFr6cE7h0qgEQh3SSJ2Xe72azrgYiHC2WUZuGsOGb8murwKyAaI/5BNPwNdrQ==
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2Fvtl8u7f%2FOiWHiQ7CU3WQhgukc1q6iUr7FJABoQBXggtjUOK2zX9m5HlthMpeQnFdQHoHX8LQE3sSfYAJke3e0IteDxGkNKiXtscG6MBEknmCON5lwu4yX3UwqlfebnqKFD4XY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 7fb0221549efaafc-SYD

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
874 B 870ms
189ms Script
text/javascript 142.250.4.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f104.1e100.net

Software

GSE /

Resource Hash

f72bf14aea25a9eee88350ef80220a368240f23007878e0f548cfb40ef11eaf5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 554
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2023 03:05:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
72 KB 869ms
189ms Script
application/javascript 142.251.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KTSMM34

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

724b56a6ccfe2d91ae3c42ffcf7d9394b01745012079229efc4abf5c09e88445

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73439
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Aug 2023 03:05:19 GMT

GET
H2 200 print.css
secure.payrollbytempus.com/Content/ 3 KB
2 KB 149ms
148ms Stylesheet
text/css 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Content/print.css

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9cc368b11d446b6147909755eb9607be1cdf23b9203c0fbfee5d1d6f72258078

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Tue, 22 Aug 2023 11:10:44 GMT
server: nginx
etag: "0d24d4be9d4d91:0"
vary: Accept-Encoding
content-type: text/css
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 847
x-xss-protection: 1; mode=block

GET
H2 200 36C095
hello.myfonts.net/count/ 0
353 B 713ms
108ms Stylesheet
text/css 104.16.228.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.myfonts.net/count/36C095
Requested by: Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/Content/app?v=V-J70uBmervyjtyYRAn_df6nmNFDFoZDQ523Xgr_fY01
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.228.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:18 GMT
server: cloudflare
age: 1
expect-ct: null
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7fb022122a04a868-SYD
content-length: 0
expires: Thu, 22 Aug 2024 03:05:18 GMT

GET
H2 200 raygun.min.js Show response
cdn.raygun.io/raygun4js/ 67 KB
21 KB 914ms
213ms Script
application/javascript 18.155.68.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Requested by: Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-121.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e262f37c6be5d02a4b581701811793410a156c9754483446fd34b8d4b0eab96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:11:39 GMT
content-encoding: gzip
via: 1.1 fe1f71a38555d37376d318601a210ec4.cloudfront.net (CloudFront)
last-modified: Thu, 10 Aug 2023 23:10:24 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-P1
age: 14021
etag: W/"38f296844400adf981ed922ae1e8604b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 3SmsIQkhBZwA_AOGwtpmmGJ3e90LszXH9CXXsq4i5BmR_oBYIsc63w==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 862ms
187ms Script
text/javascript 172.253.118.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Aug 2023 01:10:09 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6910
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 23 Aug 2023 03:10:09 GMT

GET
H/1.1 200
OK KP-BG-small.jpg
keypay-prod.s3.amazonaws.com/content/d/24/0/ 144 KB
144 KB 934ms
347ms Image
image/jpeg 16.182.71.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://keypay-prod.s3.amazonaws.com/content/d/24/0/KP-BG-small.jpg
Requested by: Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.182.71.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c810e25c54df90889ed7d3d376d38c56abcdaca97df18899b1ff7035439c5113

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 03:05:20 GMT
Last-Modified: Sun, 26 Mar 2023 23:11:28 GMT
Server: AmazonS3
x-amz-request-id: 6XS3HFDN6TCXZGPM
ETag: "4cdbbdc1fb63069bf748a73448a8659f"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 147062
x-amz-id-2: KeR8yXUWg5jMAWT1rNMMnWVOT2I4wTA0kxidTCcPl0KxPesNpxtKyHs6IHOdA0cO9AuU8Owomsw=

GET
H2 200 36C095_0_0.woff2
secure.payrollbytempus.com/Content/font/ 42 KB
43 KB 102ms
102ms Font
font/woff2 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Content/font/36C095_0_0.woff2

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/Content/app?v=V-J70uBmervyjtyYRAn_df6nmNFDFoZDQ523Xgr_fY01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

deb5f91849b497278d28ee1a2691dc4a31d3327f4d456c362d926b2a075da281

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.payrollbytempus.com/Content/app?v=V-J70uBmervyjtyYRAn_df6nmNFDFoZDQ523Xgr_fY01
Origin: https://secure.payrollbytempus.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:18 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
last-modified: Tue, 22 Aug 2023 11:10:44 GMT
server: nginx
etag: "0d24d4be9d4d91:0"
content-type: font/woff2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 42963
x-xss-protection: 1; mode=block

GET
H2 200 98b65988-e775-4de4-911a-8232b7d78c7b Show response
ekr.zdassets.com/compose/ 960 B
1 KB 592ms
396ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/98b65988-e775-4de4-911a-8232b7d78c7b

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=98b65988-e775-4de4-911a-8232b7d78c7b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7899158dbb5d4e65d9a0ff36e45d0b44975838334bdfd598a20d2c7c742f5732

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:19 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 7fb022172c07a949-SEA, 7fb022172c07a949-SEA
x-runtime: 0.003024
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"7899158dbb5d4e65d9a0ff36e45d0b44"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOagRFwS57ibY4rC3mOL84SDMz3%2Fti5D8CYuz6MDNbkA%2BBzT6r%2BmtZOfUzo40C4TPXfwPvaeR0A9c0QBf4wau6PyJTmV8GPDSQwFKdMc24JUAvTtzOJDB9SP%2BduEsNVRm7A%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 7fb022172c07a949-SYD

GET
H2 200 fontawesome-webfont.woff2
secure.payrollbytempus.com/fonts/ 75 KB
76 KB 105ms
104ms Font
font/woff2 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/Content/app?v=V-J70uBmervyjtyYRAn_df6nmNFDFoZDQ523Xgr_fY01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.payrollbytempus.com/Content/app?v=V-J70uBmervyjtyYRAn_df6nmNFDFoZDQ523Xgr_fY01
Origin: https://secure.payrollbytempus.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:19 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
last-modified: Tue, 22 Aug 2023 11:10:44 GMT
server: nginx
etag: "0d24d4be9d4d91:0"
content-type: font/woff2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 77160
x-xss-protection: 1; mode=block

GET
H2 200 keypay-app.woff
secure.payrollbytempus.com/Content/KeypayTheme/keypay-icons/fonts/ 14 KB
15 KB 102ms
102ms Font
font/woff 3.104.237.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payrollbytempus.com/Content/KeypayTheme/keypay-icons/fonts/keypay-app.woff?v=1.1

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/Content/KeypayTheme/keypay-icons/styles.css?v=1.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.104.237.19 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-237-19.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3445d3d92e111d0a8205afb87b3aeb0b587a17f9b20652b781bd140c42cbb8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.payrollbytempus.com/Content/KeypayTheme/keypay-icons/styles.css?v=1.7
Origin: https://secure.payrollbytempus.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:19 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
last-modified: Tue, 22 Aug 2023 11:10:44 GMT
server: nginx
etag: "0d24d4be9d4d91:0"
content-type: font/woff
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14144
x-xss-protection: 1; mode=block

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/ 450 KB
182 KB 4526ms
3850ms Script
text/javascript 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.payrollbytempus.com/
Origin: https://secure.payrollbytempus.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 03:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185519
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Aug 2024 03:46:15 GMT

GET
H2 200 web-widget-main-1a67289.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame A4AD 921 KB
265 KB 119ms
119ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1a67289.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=98b65988-e775-4de4-911a-8232b7d78c7b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b83b65c2f0c60454dca3a7038c109799a8e8ccffc04c27e7586f9ecc023bcb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:19 GMT
x-amz-version-id: 2qyVBauxoU8.RPLzvflLKppTqPP3N.6y
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 65W26KD4QF2SQBW3
age: 523474
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: HqFwgrgb53lE5RAloBmvgtJHhtKFnT1JQIRaxpgwl4KY3gX+qVoF7GIZBVFVPBdpr4x1kduyeCM=
last-modified: Wed, 16 Aug 2023 07:34:04 GMT
server: cloudflare
etag: W/"9096c0a59eb5794727d5670e19568def"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNgRRLWIEGChHJBbSEERi0myB1WKGl99cinItM9cjexMHsU7UkOvrxSbDovlvlHWksovuzqYiZ8Z58evqklPr4iDQZy2Uk7slfSQENXbR52yJ407nj%2FhiLnFbjxzRsRgILaSk%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7fb02219deccaafc-SYD
expires: Thu, 15 Aug 2024 07:34:03 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
216 B 188ms
187ms XHR
text/plain 172.253.118.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1581529760&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.payrollbytempus.com%2F&ul=en-us&de=UTF-8&dt=Tempus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDACEABBAAAACAAIC~&jid=1788740273&gjid=492539475&cid=1741823860.1692759920&tid=UA-135425242-1&_gid=1763688868.1692759920&_r=1&_slc=1&z=2073881209

Requested by

Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.payrollbytempus.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 03:05:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.payrollbytempus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
83 B 187ms
187ms XHR
text/plain 172.253.118.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1581529760&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.payrollbytempus.com%2F&ul=en-us&de=UTF-8&dt=Tempus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDACEABBAAAACAAIC~&jid=418878510&gjid=1431774453&cid=1741823860.1692759920&tid=UA-135425242-2&_gid=1763688868.1692759920&_r=1&_slc=1&z=686814168

Requested by

Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

2d888bf01fc2d999382cac236fd08144b4bc9ffba91fc00a7e94356311a3a83f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.payrollbytempus.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 03:05:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.payrollbytempus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
68 B 188ms
188ms XHR
text/plain 172.253.118.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1581529760&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.payrollbytempus.com%2F&ul=en-us&de=UTF-8&dt=Tempus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAACAAIC~&jid=1489377239&gjid=1730348644&cid=1741823860.1692759920&tid=UA-135425242-1&_gid=1763688868.1692759920&_r=1&gtm=45He38l0n81KTSMM34&z=1755181336

Requested by

Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.payrollbytempus.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 03:05:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.payrollbytempus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 4530ms
190ms Script
application/x-javascript 42.99.140.187
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTSMM34

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

42.99.140.187 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),

Reverse DNS

ip-42-99-140-187.pacnet.net

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 990, 990
date: Wed, 23 Aug 2023 03:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 09:07:54 GMT
x-cdn: AKAM
x-edgeconnect-midmile-rtt: 1, 4
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=13607
accept-ranges: bytes
content-length: 4862

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 31 KB
7 KB 4356ms
105ms Script
application/javascript 104.18.141.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.141.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:24 GMT
content-encoding: gzip
via: 1.1 ddbdc753f03fb9542b090928fc2d074a.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: SYD62-P1
age: 208
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 04 Apr 2023 18:58:37 GMT
server: cloudflare
etag: W/"613257bb316d347d9417023321c6d62f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 7fb022353d43a97a-SYD
x-amz-cf-id: _Tp9cC7PlFBHJpbwlOlVfsEKIDaOURlLcybjML4j9oHI3153GNIQjw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 173 KB
47 KB 4519ms
185ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

a0a2a549f7c22335dd6a7745aed416aa69da1279a4b11ac77753788938eb25d5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 23 Aug 2023 03:05:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47410
x-xss-protection: 0
pragma: public
x-fb-debug: 6hFrH3SkEyw6sD4Ky8qX7QzhzI5QWMOGtlwz1W0pnKjB8XFWGv/BMDchBCzKylKcpTDzmPk5LZrwtbjZanu4fQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
79 KB 4051ms
4051ms Script
application/javascript 142.251.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DSWPZDS7GC&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

81f85e3e2b973af5930392581b61f1f10c2624cb1e19dbd44e4f6171eef452e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80517
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Aug 2023 03:05:20 GMT

GET
H2 200 en-us-json-1a67289.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame A4AD 25 KB
6 KB 106ms
105ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-1a67289.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1a67289.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53b63be2f9ab7f75dd4702ae1f07e7bb82dbdcfb8e6df77c9f173b213c1af912

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:20 GMT
x-amz-version-id: V7mjEL3JWbS1eyGOwoLwxSYMB379kGQG
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: ARRTZ8FRKM0VB587
age: 523470
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: LwgFFChxrwnR+ZxGIcgzvdcVI+wRMGlGSKnro9Zu9iQBvwJtXaroai7Lwym570kKqRhHq3g3+1c=
last-modified: Wed, 16 Aug 2023 07:34:06 GMT
server: cloudflare
etag: W/"fd692493810d22ae0ff5aca283a7a202"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3UvYTIKuHVdkB8PFhlmQxBw2tGMrvxMmaOEejaR8LdVAGn%2BtW999gLnBBsB7%2BIA6idqkR4YLWBjaPQCicmkWQC0GEkC9lnK1nJURjgWUCoyLTetM1bj5KQ1A6lu66O9f%2FKQ%2Bv0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7fb0221c99f2aafc-SYD
expires: Thu, 15 Aug 2024 07:34:05 GMT

GET
H2 200 config Show response
your-payroll.zendesk.com/embeddable/ Frame A4AD 584 B
1 KB 4144ms
113ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://your-payroll.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1a67289.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60340477e73033075f0425b3ac2eef343c84d42c94845a270694c6ec2f1e6bb9

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26
x-zendesk-origin-server: embeddable-app-server-5bf747c84c-lgf82
x-cached: MISS
x-request-id: 7fb0219728c5a89e-SYD
x-runtime: 0.002539
last-modified: Wed, 23 Aug 2023 03:04:58 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjnVve8g%2BOLYaiZ31p2BzlMWDy1s8U7IMfLk4q3UBcIaQRfBASwuQJ4CihTlmH1u7f8%2BnUVKKQi%2Fk3PQVo0OqElwfdwKstuJZbOqBgAy1o4dOniNWUibiwnhfD3uJe7okToRdagRBKAA2w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 7fb02235cb29a8be-SYD

GET
H2 200 en-nz-json-1a67289.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame A4AD 25 KB
6 KB 3736ms
3736ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-nz-json-1a67289.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1a67289.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ef2cecc9031f2a233410accadf9802d933e2100f704467a7556cff78b3d3560

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:23 GMT
x-amz-version-id: iIcfGRKBUkR2i3JA42BxMxPK43eZh5EC
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: Z5N8GRHV0RE6FR8R
age: 523457
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: IJhKY0gyAlx+d+HTcfywvPTe7I0UHmbqyssBfraTelOQgwGhUsIwDrEDk6G1VTTMx91SQ7ov78M=
last-modified: Wed, 16 Aug 2023 07:34:06 GMT
server: cloudflare
etag: W/"256b56e0b300d969ac18fd4fbf44d0a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1w5zcgo374XdmPcbOXXc%2FYAFPmlgnizeOaPnGq9YFJkR2h3schifFnY88JgMYGOSgdztSY%2Ff859w%2Fh30KCPd3T6BSCIQZN0Z2duSRlFfNHU5Mig2lWgjQt4EZyKbaHDKDSpun9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7fb022340d21aafc-SYD
expires: Thu, 15 Aug 2024 07:34:05 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
56 B 187ms
187ms Ping
text/plain 172.253.118.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-DSWPZDS7GC&gtm=45je38l0&_p=1581529760&ul=en-us&sr=1600x1200&cid=1741823860.1692759920&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fsecure.payrollbytempus.com%2F&dt=Tempus&sid=1692759923&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DSWPZDS7GC&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.118.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sl-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 03:05:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.payrollbytempus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
prism.app-us1.com/ 0
307 B 889ms
387ms Script
application/javascript 104.18.141.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=90812674&u=https%3A%2F%2Fsecure.payrollbytempus.com%2F

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.141.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.21

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.21
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 72
cf-ray: 7fb022391b52a8c8-SYD
content-length: 0

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/447433/domain/secure.payrollbytempus.com/ 36 B
369 B 1057ms
369ms XHR
application/json 52.84.251.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/447433/domain/secure.payrollbytempus.com/token
Requested by: Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-84.sin5.r.cloudfront.net
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://secure.payrollbytempus.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:25 GMT
content-encoding: gzip
via: 1.1 6e4552eff3e310bad9fd1a8c14b867d8.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 9l9eEtkjjFeNOZvJRAAFDjlYNMpPR-IS91YOayP9vttFFq1O9wPBWQ==

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=447433&time=1692759924332&url=https%3A%2F%2Fsecure.payrollbytempus.com%2F&tm=gtmv2
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=447433&time=1692759924332&url=https%3A%2F%2Fsecure.payrollbytempus.com%2F&tm=gtmv2&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D447433%26time%3D1692759924332%26url%3Dhttps%253A%252F%252Fsecure.payrollbytempus....
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=447433&time=1692759924332&url=https%3A%2F%2Fsecure.payrollbytempus.com%2F&tm=gtmv2&cookiesTest=true&liSync=true

0
398 B

349ms
348ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=447433&time=1692759924332&url=https%3A%2F%2Fsecure.payrollbytempus.com%2F&tm=gtmv2&cookiesTest=true&liSync=true
Requested by: Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:05:25 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 9059C70624B4474C8FDE0C0F08C0410C Ref B: SYD03EDGE1717 Ref C: 2023-08-23T03:05:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDjmITdXWxp1z8czskHQ==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-content-type-options: nosniff
date: Wed, 23 Aug 2023 03:05:24 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYDjmIOikZkw9a7Lgf1Dg==
pragma: no-cache
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 4BD8AD6E49374441ABEC85B95F2C6416 Ref B: SYD03EDGE1717 Ref C: 2023-08-23T03:05:25Z
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=447433&time=1692759924332&url=https%3A%2F%2Fsecure.payrollbytempus.com%2F&tm=gtmv2&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 1889751401335975 Show response
connect.facebook.net/signals/config/ 234 KB
65 KB 426ms
425ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1889751401335975?v=2.9.124&r=c2&domain=secure.payrollbytempus.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

a74327d8cc12c1ccd703a846b2a2fe9d50ede1dd8701a2dae43b9ef11d139fa1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 23 Aug 2023 03:05:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: +MjL/DnojaW4KBdnpPIDTGCjoJtjfGvx0YQ0OcVI31txkPLXWR4cdIeK877gzAEhrT5ACvmImdpIYaeeSMcxLQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 941ms
267ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1889751401335975&ev=PageView&dl=https%3A%2F%2Fsecure.payrollbytempus.com&rl=&if=false&ts=1692759925295&sw=1600&sh=1200&v=2.9.124&r=c2&ec=0&o=28&fbp=fb.1.1692759925291.1145122384&cs_est=true&pm=1&hrl=d9226b&it=1692759924721&coo=false&cs_cc=1&cas=3124791317585206%2C1731791000241902&rqm=GET

Requested by

Host: secure.payrollbytempus.com
URL: https://secure.payrollbytempus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://secure.payrollbytempus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 23 Aug 2023 03:05:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secure.payrollbytempus.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: ZO0ixjiZbJ63_6ftOwJQJCdXnPM1debMrJRlCKuT5EYVoBU1Q9lH5X5AVoZDJCCGsz5qK97QT3KNHoboso-90-qEb9d9sThLIpIIMu38I881
.myfonts.net/	1970-01-20 14:12:41	Name: __cf_bm Value: Iitzi.yWJLNiWHtKJMrLTBhl_upkwbiEZUONWA6d.Tg-1692759918-0-ATjtGhncK8vYKUAxjSykFCCVwwTltXn7N93oEcp8U/L1SQOMaEO5pIuK78L7WVLq1O8YmFw0yh4OoBw0u3IAEBk=
secure.payrollbytempus.com/	1970-01-20 14:22:44	Name: AWSALB Value: QN6XwIaD5gI9NEkqPUeMdxuHOPSWC5gRacdiMMwxP/aW8w3vsagsrOr4y3Dr1hkMQsSQJFMvmr7zhtsigjVj3RMocrTOfovWt+QHcaI6o3scZOYJBG1lzZ1QNz/R
secure.payrollbytempus.com/	1970-01-20 14:22:44	Name: AWSALBCORS Value: QN6XwIaD5gI9NEkqPUeMdxuHOPSWC5gRacdiMMwxP/aW8w3vsagsrOr4y3Dr1hkMQsSQJFMvmr7zhtsigjVj3RMocrTOfovWt+QHcaI6o3scZOYJBG1lzZ1QNz/R
.payrollbytempus.com/	1970-01-20 14:12:47	Name: _ga Value: GA1.2.1741823860.1692759920
.payrollbytempus.com/	1970-01-20 14:12:47	Name: _gid Value: GA1.2.1763688868.1692759920
.payrollbytempus.com/	1970-01-20 14:12:47	Name: _gat Value: 1
.payrollbytempus.com/	1970-01-20 14:12:47	Name: _gat_newTracker Value: 1
.payrollbytempus.com/	1970-01-20 14:12:47	Name: _gat_UA-135425242-1 Value: 1
.payrollbytempus.com/	1970-01-20 14:12:47	Name: _ga_DSWPZDS7GC Value: GS1.2.1692759923.1.0.1692759923.0.0.0
prism.app-us1.com/	1970-01-20 14:55:51	Name: prism_90812674 Value: d6775b62-4171-4cbf-93fb-913bdb5cf728
.linkedin.com/	1970-01-20 16:22:15	Name: li_sugr Value: b6fa88e0-9665-4f01-8b39-6d88f53c90c2
.linkedin.com/	1970-01-20 22:58:15	Name: bcookie Value: "v=2&3b6dfd4f-f375-4838-8d0e-b7c6edad9875"
.linkedin.com/	1970-01-20 14:14:06	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2654:u=1:x=1:i=1692759924:t=1692846324:v=2:sig=AQFcj-sjoFYMHc_ZjDykK_Css4JOHVj3"
.payrollbytempus.com/	1970-01-20 16:22:15	Name: _fbp Value: fb.1.1692759925291.1145122384
secure.payrollbytempus.com/	1970-01-20 14:14:06	Name: ln_or Value: eyI0NDc0MzMiOiJkIn0%3D
.linkedin.com/	1970-01-20 14:55:51	Name: UserMatchHistory Value: AQKfT6A_QFeSWwAAAYogWqJDUMT6fJGmMgkgmv9-U5BHEKgnGBMm2q-jNK_0X2b1IvKd2-i7zuXorg
.linkedin.com/	1970-01-20 14:55:51	Name: AnalyticsSyncHistory Value: AQIqrYtIhH2peQAAAYogWqJDty2GrDNFgcCTI_r9ej2aiXbBT46qI328E3reLtM8G6jgtvde2oT-dLRto6Yipw
.www.linkedin.com/	1970-01-20 22:58:15	Name: bscookie Value: "v=1&2023082303052574c70f33-e39e-44de-8357-56ece6a8aa0bAQGRkqauYw0eiqGFEmUNdSEbXOud-XAe"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' *.yourpayroll.com.au ;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.linkedin.oribi.io
cdn.raygun.io
connect.facebook.net
diffuser-cdn.app-us1.com
ekr.zdassets.com
hello.myfonts.net
keypay-prod.s3.amazonaws.com
prism.app-us1.com
px.ads.linkedin.com
secure.payrollbytempus.com
snap.licdn.com
static.zdassets.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
your-payroll.zendesk.com
104.16.228.232
104.16.51.111
104.18.141.83
104.18.70.113
104.18.72.113
13.107.42.14
142.250.4.104
142.251.175.97
157.240.235.1
157.240.235.35
16.182.71.169
172.253.118.100
18.155.68.121
3.104.237.19
42.99.140.187
52.84.251.84
74.125.130.94
1a30715356155e9a8f6641f5b7f6f9ffb9325c1ee1e12de3893e7e2d65591921
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
236e0e1a93bc3de05ca4fc559a8e8b4ca33384dc287071fd8248a7356310f787
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d888bf01fc2d999382cac236fd08144b4bc9ffba91fc00a7e94356311a3a83f
2e936c61f8d3d28ba7cdec19c3ba2b6a38feb2efcb1c86497d80a93d21e5b2e0
34f8bfba27459d1ddaeb1b3334a64be310b55d791d5ebcaf6de9949944f9de7a
390174a1dcf57eedcf53dcf066ab063e34ab8f9808d8176c188a4ef890da1922
3e62926c7dd498d3c32dd85aeba45bb0961081eeb0accc4b7de5dba580826f8a
40dc0c186799877050c046b8ee2d5847bd42bbf22916f1ff2c3a2423f993e2f8
4db5b94d86f3edc48d4a02207aeef181b97eaf44e08d854d251b2b23b9c564d0
53b63be2f9ab7f75dd4702ae1f07e7bb82dbdcfb8e6df77c9f173b213c1af912
5a5b5482ca7491bbb7b166fc0e4e5e84c3c48ab39954dd9e9f61dcc2fa080eb4
5e262f37c6be5d02a4b581701811793410a156c9754483446fd34b8d4b0eab96
60340477e73033075f0425b3ac2eef343c84d42c94845a270694c6ec2f1e6bb9
6b83b65c2f0c60454dca3a7038c109799a8e8ccffc04c27e7586f9ecc023bcb4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cf5be0cec1f376870b90a70f63b5f5bb67d19fd670fcef8ac7a37ec40300c6c
708cab717751b33290f87cc9b6b7ce2c4008a3000b8432d00b13f1b8fe21f0f8
724b56a6ccfe2d91ae3c42ffcf7d9394b01745012079229efc4abf5c09e88445
7899158dbb5d4e65d9a0ff36e45d0b44975838334bdfd598a20d2c7c742f5732
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7ef2cecc9031f2a233410accadf9802d933e2100f704467a7556cff78b3d3560
81f85e3e2b973af5930392581b61f1f10c2624cb1e19dbd44e4f6171eef452e7
84158fe080aa713fb3071be1bd689a033f8ab19a8579dec33338753a78053d2e
845f73fbfd6411eff6342196d34e806e89e553422e22fd511f2ab1cb2770aecf
87c628aaecec0ada01b5b0c25e53077046fb45c24794d475324500f5fd755165
9cc368b11d446b6147909755eb9607be1cdf23b9203c0fbfee5d1d6f72258078
9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
9f58e0b3f86a853847d70b160dfd01f3ac40eec2ffdc1c99f058b07c8e2e1362
a0a2a549f7c22335dd6a7745aed416aa69da1279a4b11ac77753788938eb25d5
a2e8d700d3726d26a6dd81d0cd5e13ac4eed5fabd57f8c819c111b4edc7a2dfa
a74327d8cc12c1ccd703a846b2a2fe9d50ede1dd8701a2dae43b9ef11d139fa1
b33c42414c7fe33162b5ae4123d40c4fc515eceb058c22abc5d77fe3bae1ca34
b910f67dcdbfaed1b8abaa7085e1460933266d636119538ee148ae32cfedd872
c810e25c54df90889ed7d3d376d38c56abcdaca97df18899b1ff7035439c5113
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
cee483751bc1c829c978672fc0735bef8f3edb03f824f0e1132e827898030720
d4e53b356203876433965750dc2b94f3c0d994d43748111c65a6a13863a3168c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deb5f91849b497278d28ee1a2691dc4a31d3327f4d456c362d926b2a075da281
e3445d3d92e111d0a8205afb87b3aeb0b587a17f9b20652b781bd140c42cbb8c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65a7a16e5203e7de55fb9fedc1465f61f00fc54cf5e202b925caeebd5727abf
f25b0328cfe542bcfd4c2ff6f910dc57603bf1238d019b3a42bb4d20130ea3f2
f72bf14aea25a9eee88350ef80220a368240f23007878e0f548cfb40ef11eaf5
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fc8b64a96000e48adaba81bde84eeb90294fd8226567bc77b9dfb2f4a75c2fc3
fdb5be3febaa9fb091d60ab5775fe154cd0054faf8e054dfc5fdd393e23428ae

secure.payrollbytempus.com Open in urlscan Pro 3.104.237.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

54 Requests

98 %HTTPS

0 %IPv6

16 Domains

19 Subdomains

17 IPs

5 Countries

1589 kBTransfer

4529 kBSize

19 Cookies

0 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.payrollbytempus.com Open in urlscan Pro
3.104.237.19 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

98 %
HTTPS

0 %
IPv6

16
Domains

19
Subdomains

17
IPs

5
Countries

1589 kB
Transfer

4529 kB
Size

19
Cookies

54 HTTP transactions
0 data transactions