payroll-backoffice.mycpadashboard.com Open in urlscan Pro
20.40.202.7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://payroll-app.mycpadashboard.com/
Effective URL:
https://payroll-backoffice.mycpadashboard.com/Account/oAuth/Login?AppType=WageTime&returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dw...
Submission: On January 01 via api (January 1st 2024, 9:05:46 pm UTC) from US — Scanned from US

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 1 countries across 6 domains to perform 24 HTTP transactions. The main IP is 20.40.202.7, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is payroll-backoffice.mycpadashboard.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on August 16th 2023. Valid for: a year.

This is the only time payroll-backoffice.mycpadashboard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	20.12.97.102 20.12.97.102	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2600:1408:c40... 2600:1408:c400:2f::17de:5c4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:1408:c40... 2600:1408:c400:2f::17de:5d9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 11	20.40.202.7 20.40.202.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
1	2606:2800:11f... 2606:2800:11f:17a5:191a:18d5:537:22f9	() ()
2	40.78.229.32 40.78.229.32	() ()
24	7

4 20.12.97.102 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

payroll-app.mycpadashboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1408:c400:2f::17de:5c4 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:c400:2f::17de:5d9 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 20.40.202.7 (Des Moines, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

workliomycpaextapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
payroll-backoffice.mycpadashboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:11f:17a5:191a:18d5:537:22f9 (None, )

ASN- ()

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.78.229.32 (None, )

ASN- ()

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	mycpadashboard.com payroll-app.mycpadashboard.com payroll-backoffice.mycpadashboard.com	2 MB
7	typekit.net use.typekit.net — Cisco Umbrella Rank: 446 p.typekit.net — Cisco Umbrella Rank: 559	92 KB
3	azurewebsites.net 2 redirects workliomycpaextapi.azurewebsites.net	3 KB
2	visualstudio.com dc.services.visualstudio.com	281 B
1	msecnd.net az416426.vo.msecnd.net	47 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
24	6

	Domain	Requested by
8	payroll-backoffice.mycpadashboard.com	payroll-app.mycpadashboard.com payroll-backoffice.mycpadashboard.com
5	use.typekit.net	payroll-app.mycpadashboard.com payroll-backoffice.mycpadashboard.com use.typekit.net
4	payroll-app.mycpadashboard.com	payroll-app.mycpadashboard.com
3	workliomycpaextapi.azurewebsites.net	2 redirects payroll-app.mycpadashboard.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	p.typekit.net	use.typekit.net
1	az416426.vo.msecnd.net	payroll-backoffice.mycpadashboard.com
1	fonts.googleapis.com	payroll-backoffice.mycpadashboard.com
24	8

This site contains no links.

Subject Issuer	Validity	Valid
payroll-app.mycpadashboard.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-12-01` - `2024-06-01`	6 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.azurewebsites.net Microsoft Azure TLS Issuing CA 02	`2023-10-31` - `2024-06-27`	8 months	crt.sh
*.mycpadashboard.com Sectigo RSA Organization Validation Secure Server CA	`2023-08-16` - `2024-09-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
in.applicationinsights.azure.com Microsoft Azure RSA TLS Issuing CA 04	`2023-11-18` - `2024-11-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://payroll-backoffice.mycpadashboard.com/Account/oAuth/Login?AppType=WageTime&returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dwagetime.vuejs%26redirect_uri%3dhttps%253A%252F%252Fpayroll-app.mycpadashboard.com%252Fauth%252Fsigninwin%252Fmain%26response_type%3did_token%2520token%26scope%3dopenid%2520api%2520offline_access%2520profile%26state%3d724decc33be7480794a8519bb4fa206a%26nonce%3d9b9d6e3ac4b44194b367ba4709e0d9d9
Frame ID: 057558013D12263AC5C34F31D8751CE5
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://payroll-app.mycpadashboard.com/ Page URL
https://workliomycpaextapi.azurewebsites.net/connect/authorize?client_id=wagetime.vuejs&redirect_uri=https%3A%2F%2Fpayrol... HTTP 302
https://workliomycpaextapi.azurewebsites.net/Account/Login?returnurl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dwage... HTTP 302
https://payroll-backoffice.mycpadashboard.com/Account/oAuth/Login?AppType=WageTime&returnUrl=%2fconnect%2fauthorize%2fcall... Page URL

Page Statistics

24
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

8
Subdomains

7
IPs

1
Countries

2594 kB
Transfer

8585 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://payroll-app.mycpadashboard.com/ Page URL
https://workliomycpaextapi.azurewebsites.net/connect/authorize?client_id=wagetime.vuejs&redirect_uri=https%3A%2F%2Fpayroll-app.mycpadashboard.com%2Fauth%2Fsigninwin%2Fmain&response_type=id_token%20token&scope=openid%20api%20offline_access%20profile&state=724decc33be7480794a8519bb4fa206a&nonce=9b9d6e3ac4b44194b367ba4709e0d9d9 HTTP 302
https://workliomycpaextapi.azurewebsites.net/Account/Login?returnurl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dwagetime.vuejs%26redirect_uri%3Dhttps%253A%252F%252Fpayroll-app.mycpadashboard.com%252Fauth%252Fsigninwin%252Fmain%26response_type%3Did_token%2520token%26scope%3Dopenid%2520api%2520offline_access%2520profile%26state%3D724decc33be7480794a8519bb4fa206a%26nonce%3D9b9d6e3ac4b44194b367ba4709e0d9d9 HTTP 302
https://payroll-backoffice.mycpadashboard.com/Account/oAuth/Login?AppType=WageTime&returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dwagetime.vuejs%26redirect_uri%3dhttps%253A%252F%252Fpayroll-app.mycpadashboard.com%252Fauth%252Fsigninwin%252Fmain%26response_type%3did_token%2520token%26scope%3dopenid%2520api%2520offline_access%2520profile%26state%3d724decc33be7480794a8519bb4fa206a%26nonce%3d9b9d6e3ac4b44194b367ba4709e0d9d9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
payroll-app.mycpadashboard.com/ 564 B
767 B 346ms
98ms Document
text/html 20.12.97.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payroll-app.mycpadashboard.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.12.97.102 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cb81db9075522a717ad566ab6cd834f07fbab6391aa744e1087da3ed67989dbb

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-eval' 'unsafe-inline'; img-src 'self' https: data:; object-src 'self' https: data:; font-src 'self' https: data:
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: public, must-revalidate, max-age=30
content-encoding: br
content-security-policy: default-src https: 'unsafe-eval' 'unsafe-inline'; img-src 'self' https: data:; object-src 'self' https: data:; font-src 'self' https: data:
content-type: text/html
date: Mon, 01 Jan 2024 21:05:35 GMT
etag: "70725108"
last-modified: Fri, 29 Dec 2023 18:33:45 GMT
referrer-policy: same-origin
strict-transport-security: max-age=10886400; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

GET
H2 200 brand.js Show response
payroll-app.mycpadashboard.com/ 1 KB
631 B 61ms
60ms Script
text/javascript 20.12.97.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payroll-app.mycpadashboard.com/brand.js

Requested by

Host: payroll-app.mycpadashboard.com
URL: https://payroll-app.mycpadashboard.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.12.97.102 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

03a95d681880f7a9fc3a975eaa22041e06d608a130c793f0f8f99bc4ccf9b05e

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-eval' 'unsafe-inline'; img-src 'self' https: data:; object-src 'self' https: data:; font-src 'self' https: data:
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://payroll-app.mycpadashboard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 21:05:35 GMT
content-encoding: br
referrer-policy: same-origin
strict-transport-security: max-age=10886400; includeSubDomains; preload
last-modified: Fri, 29 Dec 2023 18:33:45 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: 'unsafe-eval' 'unsafe-inline'; img-src 'self' https: data:; object-src 'self' https: data:; font-src 'self' https: data:
etag: "70725108"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: text/javascript
cache-control: public, must-revalidate, max-age=30
x-xss-protection: 1; mode=block

GET
H2 200 index-054e227a.js Show response
payroll-app.mycpadashboard.com/assets/ 2 MB
423 KB 123ms
122ms Script
text/javascript 20.12.97.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payroll-app.mycpadashboard.com/assets/index-054e227a.js

Requested by

Host: payroll-app.mycpadashboard.com
URL: https://payroll-app.mycpadashboard.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.12.97.102 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

53411fb761eea98131c442d324a6a0810cabd5483b56076836aa85d7e9e1206e

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-eval' 'unsafe-inline'; img-src 'self' https: data:; object-src 'self' https: data:; font-src 'self' https: data:
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payroll-app.mycpadashboard.com/
Origin: https://payroll-app.mycpadashboard.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 21:05:35 GMT
content-encoding: br
referrer-policy: same-origin
strict-transport-security: max-age=10886400; includeSubDomains; preload
last-modified: Fri, 29 Dec 2023 18:33:45 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: 'unsafe-eval' 'unsafe-inline'; img-src 'self' https: data:; object-src 'self' https: data:; font-src 'self' https: data:
etag: "70725108"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: text/javascript
cache-control: public, must-revalidate, max-age=30
x-xss-protection: 1; mode=block

GET
H2 200 index-b919ad73.css
payroll-app.mycpadashboard.com/assets/ 82 KB
16 KB 73ms
73ms Stylesheet
text/css 20.12.97.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payroll-app.mycpadashboard.com/assets/index-b919ad73.css

Requested by

Host: payroll-app.mycpadashboard.com
URL: https://payroll-app.mycpadashboard.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.12.97.102 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b919ad73cf58696eb469d3fea8536f1258daf876213bc6afdeca32390ef2d382

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-eval' 'unsafe-inline'; img-src 'self' https: data:; object-src 'self' https: data:; font-src 'self' https: data:
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://payroll-app.mycpadashboard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 21:05:35 GMT
content-encoding: br
referrer-policy: same-origin
strict-transport-security: max-age=10886400; includeSubDomains; preload
last-modified: Fri, 29 Dec 2023 18:33:45 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: 'unsafe-eval' 'unsafe-inline'; img-src 'self' https: data:; object-src 'self' https: data:; font-src 'self' https: data:
etag: "70725108"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: text/css
cache-control: public, must-revalidate, max-age=30
x-xss-protection: 1; mode=block

GET
H2 200 ppu8nkw.css
use.typekit.net/ 7 KB
1 KB 140ms
40ms Stylesheet
text/css 2600:1408:c400:2f::17de:5c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ppu8nkw.css

Requested by

Host: payroll-app.mycpadashboard.com
URL: https://payroll-app.mycpadashboard.com/assets/index-b919ad73.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:2f::17de:5c4 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

42faf7913356fa81e3f6058ed4838fffd8fcfaff8aa3ca1dbff01b8e37e5d6a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 01 Jan 2024 21:05:36 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 930

GET
H2 200 p.css
p.typekit.net/ 5 B
173 B 140ms
36ms Stylesheet
text/css 2600:1408:c400:2f::17de:5d9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ppu8nkw&ht=tk&f=137.139.140.173.175.176.5474.5475.25136&a=95233462&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ppu8nkw.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:2f::17de:5d9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 21:05:36 GMT
last-modified: Sun, 26 Nov 2023 12:46:53 GMT
server: nginx
etag: "65633e3d-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H/1.1 200
OK openid-configuration
workliomycpaextapi.azurewebsites.net/.well-known/ 2 KB
2 KB 335ms
144ms XHR
application/json 20.40.202.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://workliomycpaextapi.azurewebsites.net/.well-known/openid-configuration
Requested by: Host: payroll-app.mycpadashboard.com
URL: https://payroll-app.mycpadashboard.com/assets/index-054e227a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.40.202.7 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 01 Jan 2024 21:05:36 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://payroll-app.mycpadashboard.com
Request-Context: appId=cid-v1:11c76dbd-d835-4f98-bf20-e915f7aaf8a0

GET
H/1.1

200
OK

Primary Request Login Show response
payroll-backoffice.mycpadashboard.com/Account/oAuth/
Redirect Chain

https://workliomycpaextapi.azurewebsites.net/connect/authorize?client_id=wagetime.vuejs&redirect_uri=https%3A%2F%2Fpayroll-app.mycpadashboard.com%2Fauth%2Fsigninwin%2Fmain&response_type=id_token%20...
https://workliomycpaextapi.azurewebsites.net/Account/Login?returnurl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dwagetime.vuejs%26redirect_uri%3Dhttps%253A%252F%252Fpayroll-app.mycpadashboard.c...
https://payroll-backoffice.mycpadashboard.com/Account/oAuth/Login?AppType=WageTime&returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dwagetime.vuejs%26redirect_uri%3dhttps%253A%252F%252Fpayr...

9 KB
6 KB

383ms
148ms

Document
text/html

20.40.202.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payroll-backoffice.mycpadashboard.com/Account/oAuth/Login?AppType=WageTime&returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dwagetime.vuejs%26redirect_uri%3dhttps%253A%252F%252Fpayroll-app.mycpadashboard.com%252Fauth%252Fsigninwin%252Fmain%26response_type%3did_token%2520token%26scope%3dopenid%2520api%2520offline_access%2520profile%26state%3d724decc33be7480794a8519bb4fa206a%26nonce%3d9b9d6e3ac4b44194b367ba4709e0d9d9

Requested by

Host: payroll-app.mycpadashboard.com
URL: https://payroll-app.mycpadashboard.com/assets/index-054e227a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.40.202.7 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

dabaa833c5bd9d5bbfd39bd3543266fd6631d38f03ebf0f7ab1c0c6ca1551315

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, no-store
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 01 Jan 2024 21:05:36 GMT
Pragma: no-cache
Request-Context: appId=cid-v1:4555f467-6f6a-4c8f-a4dd-5e66c421605b
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=2592000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
X-SerID: WN1XSDWK000008

Redirect headers

Content-Length: 0
Date: Mon, 01 Jan 2024 21:05:36 GMT
Location: https://payroll-backoffice.mycpadashboard.com/Account/oAuth/Login?AppType=WageTime&returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dwagetime.vuejs%26redirect_uri%3dhttps%253A%252F%252Fpayroll-app.mycpadashboard.com%252Fauth%252Fsigninwin%252Fmain%26response_type%3did_token%2520token%26scope%3dopenid%2520api%2520offline_access%2520profile%26state%3d724decc33be7480794a8519bb4fa206a%26nonce%3d9b9d6e3ac4b44194b367ba4709e0d9d9
Request-Context: appId=cid-v1:11c76dbd-d835-4f98-bf20-e915f7aaf8a0
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK dx.css
payroll-backoffice.mycpadashboard.com/Assets/css/vendors/ 651 KB
131 KB 79ms
74ms Stylesheet
text/css 20.40.202.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payroll-backoffice.mycpadashboard.com/Assets/css/vendors/dx.css?ver=3.4.3.0

Requested by

Host: payroll-backoffice.mycpadashboard.com
URL: https://payroll-backoffice.mycpadashboard.com/Account/oAuth/Login?AppType=WageTime&returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dwagetime.vuejs%26redirect_uri%3dhttps%253A%252F%252Fpayroll-app.mycpadashboard.com%252Fauth%252Fsigninwin%252Fmain%26response_type%3did_token%2520token%26scope%3dopenid%2520api%2520offline_access%2520profile%26state%3d724decc33be7480794a8519bb4fa206a%26nonce%3d9b9d6e3ac4b44194b367ba4709e0d9d9

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.40.202.7 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c77c8fd704d6e133074a0a48c62147b22037d139c75fd763a46fc108c89bdac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://payroll-backoffice.mycpadashboard.com/Account/oAuth/Login?AppType=WageTime&returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dwagetime.vuejs%26redirect_uri%3dhttps%253A%252F%252Fpayroll-app.mycpadashboard.com%252Fauth%252Fsigninwin%252Fmain%26response_type%3did_token%2520token%26scope%3dopenid%2520api%2520offline_access%2520profile%26state%3d724decc33be7480794a8519bb4fa206a%26nonce%3d9b9d6e3ac4b44194b367ba4709e0d9d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 01 Jan 2024 21:05:37 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Thu, 02 Nov 2023 15:55:50 GMT
Server: Microsoft-IIS/10.0
ETag: "1da0da50d0e6d00"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Request-Context: appId=cid-v1:4555f467-6f6a-4c8f-a4dd-5e66c421605b

GET
H/1.1 200
OK onboarding.css
payroll-backoffice.mycpadashboard.com/Assets/css/theme/default/ 530 KB
80 KB 226ms
63ms Stylesheet
text/css 20.40.202.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payroll-backoffice.mycpadashboard.com/Assets/css/theme/default/onboarding.css?ver=3.4.3.0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.40.202.7 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

dd6f9a4afd682ce5ba38ff55a44b15870b87aacea5c349caac7573724949bfa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://payroll-backoffice.mycpadashboard.com/Account/oAuth/Login?AppType=WageTime&returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dwagetime.vuejs%26redirect_uri%3dhttps%253A%252F%252Fpayroll-app.mycpadashboard.com%252Fauth%252Fsigninwin%252Fmain%26response_type%3did_token%2520token%26scope%3dopenid%2520api%2520offline_access%2520profile%26state%3d724decc33be7480794a8519bb4fa206a%26nonce%3d9b9d6e3ac4b44194b367ba4709e0d9d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 01 Jan 2024 21:05:37 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Thu, 02 Nov 2023 15:52:48 GMT
Server: Microsoft-IIS/10.0
ETag: "1da0da4a08101a6"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Request-Context: appId=cid-v1:4555f467-6f6a-4c8f-a4dd-5e66c421605b

GET
H/1.1 200
OK shared.js Show response
payroll-backoffice.mycpadashboard.com/Assets/script/vendors/ 658 KB
251 KB 234ms
67ms Script
application/javascript 20.40.202.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payroll-backoffice.mycpadashboard.com/Assets/script/vendors/shared.js?ver=3.4.3.0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.40.202.7 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

504f30484f934648632b428a278809a700d14ff14b239d8a1e31c07d0fcdc62f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://payroll-backoffice.mycpadashboard.com/Account/oAuth/Login?AppType=WageTime&returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dwagetime.vuejs%26redirect_uri%3dhttps%253A%252F%252Fpayroll-app.mycpadashboard.com%252Fauth%252Fsigninwin%252Fmain%26response_type%3did_token%2520token%26scope%3dopenid%2520api%2520offline_access%2520profile%26state%3d724decc33be7480794a8519bb4fa206a%26nonce%3d9b9d6e3ac4b44194b367ba4709e0d9d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 01 Jan 2024 21:05:37 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Thu, 02 Nov 2023 15:55:50 GMT
Server: Microsoft-IIS/10.0
ETag: "1da0da50d0e0e96"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Request-Context: appId=cid-v1:4555f467-6f6a-4c8f-a4dd-5e66c421605b

GET
H/1.1 200
OK dx.js Show response
payroll-backoffice.mycpadashboard.com/Assets/script/vendors/ 4 MB
1 MB 233ms
69ms Script
application/javascript 20.40.202.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payroll-backoffice.mycpadashboard.com/Assets/script/vendors/dx.js?ver=3.4.3.0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.40.202.7 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

1e3cac7343fd6afa7031782d380ae00846dde7658716cf3f40e28ba61e39791f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://payroll-backoffice.mycpadashboard.com/Account/oAuth/Login?AppType=WageTime&returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dwagetime.vuejs%26redirect_uri%3dhttps%253A%252F%252Fpayroll-app.mycpadashboard.com%252Fauth%252Fsigninwin%252Fmain%26response_type%3did_token%2520token%26scope%3dopenid%2520api%2520offline_access%2520profile%26state%3d724decc33be7480794a8519bb4fa206a%26nonce%3d9b9d6e3ac4b44194b367ba4709e0d9d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 01 Jan 2024 21:05:37 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Thu, 02 Nov 2023 15:55:18 GMT
Server: Microsoft-IIS/10.0
ETag: "1da0da4f9b3586b"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Request-Context: appId=cid-v1:4555f467-6f6a-4c8f-a4dd-5e66c421605b

GET
H/1.1 200
OK onboarding.js Show response
payroll-backoffice.mycpadashboard.com/Assets/script/ 180 KB
70 KB 231ms
68ms Script
application/javascript 20.40.202.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payroll-backoffice.mycpadashboard.com/Assets/script/onboarding.js?ver=3.4.3.0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.40.202.7 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

05444cfca632519f9e18ae6d15e067df6c179d609e6d68fa21dcb4d4c5d15dea

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://payroll-backoffice.mycpadashboard.com/Account/oAuth/Login?AppType=WageTime&returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dwagetime.vuejs%26redirect_uri%3dhttps%253A%252F%252Fpayroll-app.mycpadashboard.com%252Fauth%252Fsigninwin%252Fmain%26response_type%3did_token%2520token%26scope%3dopenid%2520api%2520offline_access%2520profile%26state%3d724decc33be7480794a8519bb4fa206a%26nonce%3d9b9d6e3ac4b44194b367ba4709e0d9d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 01 Jan 2024 21:05:37 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Thu, 02 Nov 2023 15:54:38 GMT
Server: Microsoft-IIS/10.0
ETag: "1da0da4e21b3cf9"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Request-Context: appId=cid-v1:4555f467-6f6a-4c8f-a4dd-5e66c421605b

GET
H/1.1 200
OK 6
payroll-backoffice.mycpadashboard.com/api/outfile/ 3 KB
4 KB 303ms
140ms Image
application/octet-stream 20.40.202.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payroll-backoffice.mycpadashboard.com/api/outfile/6

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.40.202.7 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a530d1d8df1447387f1a53c1cd8184ea9236cb5d7e9c9e6fc67f5ff86a64d3ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://payroll-backoffice.mycpadashboard.com/Account/oAuth/Login?AppType=WageTime&returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dwagetime.vuejs%26redirect_uri%3dhttps%253A%252F%252Fpayroll-app.mycpadashboard.com%252Fauth%252Fsigninwin%252Fmain%26response_type%3did_token%2520token%26scope%3dopenid%2520api%2520offline_access%2520profile%26state%3d724decc33be7480794a8519bb4fa206a%26nonce%3d9b9d6e3ac4b44194b367ba4709e0d9d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 01 Jan 2024 21:05:37 GMT
Strict-Transport-Security: max-age=2592000
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: application/octet-stream
Cache-Control: private, max-age=21600
X-SerID: WN1XSDWK000008
Content-Disposition: attachment; filename=new_logo.png; filename*=UTF-8''new_logo.png
Content-Length: 3488
Request-Context: appId=cid-v1:4555f467-6f6a-4c8f-a4dd-5e66c421605b

GET
H2 200 ppu8nkw.css
use.typekit.net/ 7 KB
1 KB 36ms
35ms Stylesheet
text/css 2600:1408:c400:2f::17de:5c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ppu8nkw.css

Requested by

Host: payroll-backoffice.mycpadashboard.com
URL: https://payroll-backoffice.mycpadashboard.com/Assets/css/theme/default/onboarding.css?ver=3.4.3.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:2f::17de:5c4 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

42faf7913356fa81e3f6058ed4838fffd8fcfaff8aa3ca1dbff01b8e37e5d6a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://payroll-backoffice.mycpadashboard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 01 Jan 2024 21:05:38 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 930

GET
H2 200 css
fonts.googleapis.com/ 28 KB
2 KB 131ms
44ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,700|Parisienne&subset=latin-ext

Requested by

Host: payroll-backoffice.mycpadashboard.com
URL: https://payroll-backoffice.mycpadashboard.com/Assets/css/theme/default/onboarding.css?ver=3.4.3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04e4978ed8e7c3621aa07c82bb0a7b858537c691f44ac5d4707ff9e5ad1e0c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://payroll-backoffice.mycpadashboard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 01 Jan 2024 21:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 01 Jan 2024 21:05:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Jan 2024 21:05:38 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
173 B 35ms
35ms Stylesheet
text/css 2600:1408:c400:2f::17de:5d9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ppu8nkw&ht=tk&f=137.139.140.173.175.176.5474.5475.25136&a=95233462&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ppu8nkw.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:2f::17de:5d9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 21:05:38 GMT
last-modified: Sun, 26 Nov 2023 12:46:53 GMT
server: nginx
etag: "65633e3d-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 ai.2.min.js Show response
az416426.vo.msecnd.net/scripts/b/ 120 KB
47 KB 139ms
36ms Script
text/javascript 2606:2800:11f:17a5:191a:18d5:537:22f9

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by: Host: payroll-backoffice.mycpadashboard.com
URL: https://payroll-backoffice.mycpadashboard.com/Account/oAuth/Login?AppType=WageTime&returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dwagetime.vuejs%26redirect_uri%3dhttps%253A%252F%252Fpayroll-app.mycpadashboard.com%252Fauth%252Fsigninwin%252Fmain%26response_type%3did_token%2520token%26scope%3dopenid%2520api%2520offline_access%2520profile%26state%3d724decc33be7480794a8519bb4fa206a%26nonce%3d9b9d6e3ac4b44194b367ba4709e0d9d9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:17a5:191a:18d5:537:22f9 -, , ASN (),
Reverse DNS
Software: ECAcc (nya/78CA) /
Resource Hash: 6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707

Request headers

accept-language: en-US,en;q=0.9
Referer: https://payroll-backoffice.mycpadashboard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Jan 2024 21:05:44 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-07 00:07:47
content-md5: OTYl0s1WUyP5rZ8mTmvbyA==
age: 1135
x-cache: HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.16.min.js
content-length: 47958
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 16:12:29 GMT
server: ECAcc (nya/78CA)
x-ms-meta-aijssdkver: 2.8.16
etag: 0x8DBB9F46341BD96
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: ca7eab06-301e-00bd-16f3-3c31d4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19
expires: Mon, 01 Jan 2024 21:35:44 GMT

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 30 KB
30 KB 121ms
35ms Font
application/font-woff2 2600:1408:c400:2f::17de:5c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ppu8nkw.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:2f::17de:5c4 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423

Request headers

Referer: https://use.typekit.net/ppu8nkw.css
Origin: https://payroll-backoffice.mycpadashboard.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 21:05:44 GMT
server: nginx
etag: "09d1a94c81035c62708e0a513ee76d7886d15a25"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30704

GET
H2 200 l
use.typekit.net/af/1be3c2/00000000000000007735e606/30/ 29 KB
29 KB 126ms
41ms Font
application/font-woff2 2600:1408:c400:2f::17de:5c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1be3c2/00000000000000007735e606/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ppu8nkw.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:2f::17de:5c4 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 34983ec5da74c95f7b9aba9e7abd42ca76b95cde4c06f476f6bfeb5547bd85ef

Request headers

Referer: https://use.typekit.net/ppu8nkw.css
Origin: https://payroll-backoffice.mycpadashboard.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 21:05:44 GMT
server: nginx
etag: "174f4ede5c586799404565373f175cfaf1562181"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30008

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 29 KB
29 KB 159ms
74ms Font
application/font-woff2 2600:1408:c400:2f::17de:5c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ppu8nkw.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:2f::17de:5c4 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7

Request headers

Referer: https://use.typekit.net/ppu8nkw.css
Origin: https://payroll-backoffice.mycpadashboard.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 21:05:44 GMT
server: nginx
etag: "6aeae62b893768150f3460329dc461358e8ab2f5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29820

GET
H/1.1 200
OK icons.woff2
payroll-backoffice.mycpadashboard.com/Assets/css/icons/default/ 13 KB
13 KB 55ms
55ms Font
font/woff2 20.40.202.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payroll-backoffice.mycpadashboard.com/Assets/css/icons/default/icons.woff2?7cba46a4f867b2e59fa6d37de5361b65

Requested by

Host: payroll-backoffice.mycpadashboard.com
URL: https://payroll-backoffice.mycpadashboard.com/Assets/css/theme/default/onboarding.css?ver=3.4.3.0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.40.202.7 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

4183ea6c4c75fc882c5870c72756d2b4fd80915b91d41c14b6c5ae7cd825ff09

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://payroll-backoffice.mycpadashboard.com/Assets/css/theme/default/onboarding.css?ver=3.4.3.0
Origin: https://payroll-backoffice.mycpadashboard.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 01 Jan 2024 21:05:44 GMT
Strict-Transport-Security: max-age=2592000
Last-Modified: Thu, 02 Nov 2023 15:52:18 GMT
Server: Microsoft-IIS/10.0
ETag: "1da0da48ea79690"
X-Powered-By: ASP.NET
Content-Type: font/woff2
Accept-Ranges: bytes
Content-Length: 13200
Request-Context: appId=cid-v1:4555f467-6f6a-4c8f-a4dd-5e66c421605b

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ 0
0 313ms
33ms Preflight 40.78.229.32

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.78.229.32 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://payroll-backoffice.mycpadashboard.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Mon, 01 Jan 2024 21:05:45 GMT
x-content-type-options: nosniff

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
281 B 97ms
96ms XHR
application/json 40.78.229.32

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.78.229.32 -, , ASN (),

Reverse DNS

Software

Resource Hash

62ff58e8efb0949132496d663f6b66dc1779de86f8efef3fe494c67ad1760a27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://payroll-backoffice.mycpadashboard.com/
accept-language: en-US,en;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 49F02416-4EBD-41C2-ADBA-6FDD22FCFB75
strict-transport-security: max-age=31536000
date: Mon, 01 Jan 2024 21:05:45 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
payroll-app.mycpadashboard.com/	1970-01-21 02:07:59	Name: ai_user Value: P8eQXqaz6K14osB/lxMBil\|2024-01-01T21:05:36.579Z
.workliomycpaextapi.azurewebsites.net/	1969-12-31 23:59:59	Name: ARRAffinity Value: 624d5f02d69cf856e516dd276d9d5a1f805ffa3d81be3f124c0f0930e7422c63
.workliomycpaextapi.azurewebsites.net/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 624d5f02d69cf856e516dd276d9d5a1f805ffa3d81be3f124c0f0930e7422c63
payroll-backoffice.mycpadashboard.com/	1969-12-31 23:59:59	Name: w_uid Value: 3885d646c8c2ceb6d2cf93dd2784a4e925d3d63a8d9c950cba8771e26d3ca09ddd5757a7fbbfd376
payroll-backoffice.mycpadashboard.com/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.9fXoN5jHCXs Value: CfDJ8MIZ8HXNZfhJr_vs8EEOzxsRDaUFlvqy0nj9xSyJ7AMzwHCllgPQS7g0uQ87Kd7kWENHSWAtRYlJWjj-IEWot-5WKgjVWJlxI3WLddHbnnQxV5wf9EV9KRUD4VLFWvWM1tkI3bRmtZol98d5wyLxZSg
.payroll-backoffice.mycpadashboard.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 624d5f02d69cf856e516dd276d9d5a1f805ffa3d81be3f124c0f0930e7422c63
.payroll-backoffice.mycpadashboard.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 624d5f02d69cf856e516dd276d9d5a1f805ffa3d81be3f124c0f0930e7422c63

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: 'unsafe-eval' 'unsafe-inline'; img-src 'self' https: data:; object-src 'self' https: data:; font-src 'self' https: data:
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
dc.services.visualstudio.com
fonts.googleapis.com
p.typekit.net
payroll-app.mycpadashboard.com
payroll-backoffice.mycpadashboard.com
use.typekit.net
workliomycpaextapi.azurewebsites.net
20.12.97.102
20.40.202.7
2600:1408:c400:2f::17de:5c4
2600:1408:c400:2f::17de:5d9
2606:2800:11f:17a5:191a:18d5:537:22f9
2607:f8b0:4004:c09::5f
40.78.229.32
03a95d681880f7a9fc3a975eaa22041e06d608a130c793f0f8f99bc4ccf9b05e
04e4978ed8e7c3621aa07c82bb0a7b858537c691f44ac5d4707ff9e5ad1e0c40
05444cfca632519f9e18ae6d15e067df6c179d609e6d68fa21dcb4d4c5d15dea
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e3cac7343fd6afa7031782d380ae00846dde7658716cf3f40e28ba61e39791f
34983ec5da74c95f7b9aba9e7abd42ca76b95cde4c06f476f6bfeb5547bd85ef
4183ea6c4c75fc882c5870c72756d2b4fd80915b91d41c14b6c5ae7cd825ff09
42faf7913356fa81e3f6058ed4838fffd8fcfaff8aa3ca1dbff01b8e37e5d6a1
504f30484f934648632b428a278809a700d14ff14b239d8a1e31c07d0fcdc62f
53411fb761eea98131c442d324a6a0810cabd5483b56076836aa85d7e9e1206e
62ff58e8efb0949132496d663f6b66dc1779de86f8efef3fe494c67ad1760a27
6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707
a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423
a530d1d8df1447387f1a53c1cd8184ea9236cb5d7e9c9e6fc67f5ff86a64d3ec
b919ad73cf58696eb469d3fea8536f1258daf876213bc6afdeca32390ef2d382
c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7
c77c8fd704d6e133074a0a48c62147b22037d139c75fd763a46fc108c89bdac7
cb81db9075522a717ad566ab6cd834f07fbab6391aa744e1087da3ed67989dbb
dabaa833c5bd9d5bbfd39bd3543266fd6631d38f03ebf0f7ab1c0c6ca1551315
dd6f9a4afd682ce5ba38ff55a44b15870b87aacea5c349caac7573724949bfa1

payroll-backoffice.mycpadashboard.com Open in urlscan Pro 20.40.202.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

24 Requests

100 %HTTPS

57 %IPv6

6 Domains

8 Subdomains

7 IPs

1 Countries

2594 kBTransfer

8585 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

7 Cookies

Security Headers

Indicators

payroll-backoffice.mycpadashboard.com Open in urlscan Pro
20.40.202.7 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

8
Subdomains

7
IPs

1
Countries

2594 kB
Transfer

8585 kB
Size

7
Cookies

24 HTTP transactions
0 data transactions