Report - adpusa.zyns.com/

Report Overview

Submitted URL
adpusa.zyns.com/
IP
15.204.162.181
ASN
#16276 OVH SAS
Submitted
2023-06-07 00:35:47
Access
public
Website Title
Final URL
Tags
dyndns
urlquery detections
Suspicious - DynDNS domain

Detections

urlquery
18
Network Intrusion Detection
52
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.r2m02.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-06-06	340 B	942 B	54.230.80.227
analytics.audioeye.com	4123	2002-04-11	2018-08-17	2023-06-06	461 B	123 B	44.232.191.118
storage.glancecdn.net	11454	2014-01-29	2022-12-02	2023-06-06	884 B	25 kB	54.230.111.114
adpusa.zyns.com	unknown	2001-03-21	2023-06-05	2023-06-06	8.2 kB	210 kB	15.204.162.181
wsv3cdn.audioeye.com	3722	2002-04-11	2017-03-09	2023-06-06	7.8 kB	562 kB	172.64.151.222
static.adp.com	7261	1991-06-24	2015-06-06	2023-06-06	430 B	678 B	54.230.111.77
www.glancecdn.net	6756	2014-01-29	2015-05-14	2023-06-06	889 B	1.0 kB	3.208.149.104
online.adp.com	6409	1991-06-24	2017-01-29	2023-06-06	11 kB	452 kB	52.44.46.192
ws.audioeye.com	3923	2002-04-11	2014-04-30	2023-06-06	798 B	2.8 kB	172.64.151.222

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-07 00:35:26	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:26	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:26	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:26	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:26	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:26	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:27	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:28	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:28	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:28	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:28	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:28	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:28	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:28	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:28	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:28	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:28	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:28	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:28	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:28	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:28	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:28	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:28	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain
2023-06-07 00:35:28	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zyns .com
2023-06-07 00:35:28	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zyns .com Domain

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator
2023-06-06	medium	adpusa.zyns.com/
2023-06-06	medium	adpusa.zyns.com/
2023-06-06	medium	adpusa.zyns.com/
2023-06-06	medium	adpusa.zyns.com/
2023-06-06	medium	adpusa.zyns.com/
2023-06-06	medium	adpusa.zyns.com/
2023-06-06	medium	adpusa.zyns.com/
2023-06-06	medium	adpusa.zyns.com/
2023-06-06	medium	adpusa.zyns.com/
2023-06-06	medium	adpusa.zyns.com/
2023-06-06	medium	adpusa.zyns.com/
2023-06-06	medium	adpusa.zyns.com/
2023-06-06	medium	adpusa.zyns.com/
2023-06-06	medium	adpusa.zyns.com/ADP/
2023-06-06	medium	adpusa.zyns.com/ADP/
2023-06-06	medium	adpusa.zyns.com/ADP/
2023-06-06	medium	adpusa.zyns.com/ADP/

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (54)

	URL	Size	First Seen	Last Seen
	wsv3cdn.audioeye.com/helpers-remediations/Landmarks.js	1.3 kB	2023-05-14	2023-06-07
Pretty URL wsv3cdn.audioeye.com/helpers-remediations/Landmarks.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-14 02:52:44 Last Seen2023-06-07 02:35:49 Times Seen13 Hash f6fdd32aa365429395bee545fcf0f07b fc1f5eededdbdf320482c8064cd4f39200b7ffa2 d32a73e79714aa3f0cd6117f4b7e0c8614bdeb2e3a9180bdb7fafc29e2e4e564 Loading...

	wsv3cdn.audioeye.com/helpers-remediations/Images.js	1.2 kB	2023-05-14	2023-06-07
Pretty URL wsv3cdn.audioeye.com/helpers-remediations/Images.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-14 02:52:44 Last Seen2023-06-07 02:35:49 Times Seen13 Hash a4eb9fb2861dbcc17790d4a241f40d2d 4febcd9c7445bbf795c7f2dfe5d7f0f4900ce359 07a17d5656a84be4add900a42e8d5ed7f821176b23446974f6d43d1595a7212f Loading...

	wsv3cdn.audioeye.com/frame/cookieStorage.html?build=prod&pscb=	0 B	2023-03-07	2024-04-25
Pretty URL wsv3cdn.audioeye.com/frame/cookieStorage.html?build=prod&pscb= IP 172.64.151.222 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 18:17:29 Times Seen37069251 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	online.adp.com/nnlappsdk-8.0.0/js/iframe-utils.js	4.0 kB	2023-03-07	2024-01-16
Pretty URL online.adp.com/nnlappsdk-8.0.0/js/iframe-utils.js IP 52.44.46.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:12:22 Last Seen2024-01-16 08:51:23 Times Seen45 Hash 259aeb186aa05c103234b9345d73ed03 a2ec5001287dd858710ce122f15e9ea23b67964f 53de306f72aa849f2d27dabfd06e389531714e81b3ebcf99e57e36e7a4a17b0a Loading...

	online.adp.com/nnlappsdk-8.0.0/js/outcome.js	14 kB	2023-03-07	2024-01-16
Pretty URL online.adp.com/nnlappsdk-8.0.0/js/outcome.js IP 52.44.46.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:12:23 Last Seen2024-01-16 08:51:23 Times Seen67 Hash dacf5d5435e1eecdf4f7a0249f1cd9d9 0ac1ffea5491d186f9fb0ca2741853a90a96c135 fab34c78013b28d87cb8a83d66389feb49a7fc130858052fb6fefd651a42b86d Loading...

	online.adp.com/nnlappsdk-8.0.0/js/metrics.js	15 kB	2023-03-07	2024-01-16
Pretty URL online.adp.com/nnlappsdk-8.0.0/js/metrics.js IP 52.44.46.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:12:22 Last Seen2024-01-16 08:51:23 Times Seen50 Hash ff874142e466218a1d077e897bc015a7 d125a0feae91d3311cdec52971be93d37ca97245 5594a1b411141c05793e9cd1ed3e1f31ffd94275ff277463f2d25619c1b3b577 Loading...

	online.adp.com/nnlappsdk-8.0.0/js/oob-ui.js	7.7 kB	2023-03-07	2024-01-16
Pretty URL online.adp.com/nnlappsdk-8.0.0/js/oob-ui.js IP 52.44.46.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:12:22 Last Seen2024-01-16 08:51:23 Times Seen47 Hash 9d78a1b302c920f4b7a33b747cfbf5ed 9a850f1d1740bbe18f4e4c102c20665f50999a89 8a7c58dc72a9b379fa1b3176c73888960a480c99bf5d6cbe0061f707dce124f1 Loading...

	adpusa.zyns.com/ADP/	852 B	2023-03-08	2023-06-07
Pretty URL adpusa.zyns.com/ADP/ IP 15.204.162.181 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 06:47:52 Last Seen2023-06-07 02:35:49 Times Seen17 Hash fa9ea7b2a70a2c5211b85e7efef675da c725d762609ee2a960bae1d4923507865dc80819 c0335dc9a6507ff545ebdaeada32b2fcee9bd87b76d9466062e1d2c387b516e6 Loading...

	online.adp.com/nnlappsdk-8.0.0/js/iframe-custom.js	23 kB	2023-05-14	2023-07-03
Pretty URL online.adp.com/nnlappsdk-8.0.0/js/iframe-custom.js IP 52.44.46.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-14 18:09:14 Last Seen2023-07-03 19:09:44 Times Seen26 Hash 55261943568e6e64f2763efda82a079d b414e19b876673991bfbe53ad27d10b7a95a8998 efdf415e3de9743705cf9748790543d1c83f81f983d21f7be809d54e39d78e99 Loading...

	online.adp.com/nnlappsdk-8.0.0/js/fido-method-ui.js	5.9 kB	2023-03-07	2024-01-16
Pretty URL online.adp.com/nnlappsdk-8.0.0/js/fido-method-ui.js IP 52.44.46.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:12:22 Last Seen2024-01-16 08:51:23 Times Seen48 Hash ed83ac799d7f19d00a3c3aa06f6a2ebb 096b4da8575059615bc03b41ce34e93c45438c24 fa7c822a259928fe475d30a98e2aabc6a98a25167b28693322cee38184dc136d Loading...

	adpusa.zyns.com/ADP/	1.0 kB	2023-03-07	2023-06-07
Pretty URL adpusa.zyns.com/ADP/ IP 15.204.162.181 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:12:22 Last Seen2023-06-07 02:35:49 Times Seen17 Hash 3a56cf6d3410cf616518049e5f9f8b8b c15813a74762bac99b9c87687cc8c428d77fe9b3 df79ab8e05fd626c3a36a1349ae5611769bd85d3327721083ac7beffd1136ea8 Loading...

	online.adp.com/inc/js/lib/6a8f894227f41759348779077d1e5851.js?cache=AECrQpOIAQAAbm0B19-zOoywpvusSchb6JggxNPo9HnixoYw5vgjKz7P0L3K&X-zuY25QsG--z=q	250 kB	2023-06-07	2023-06-07
Pretty URL online.adp.com/inc/js/lib/6a8f894227f41759348779077d1e5851.js?cache=AECrQpOIAQAAbm0B19-zOoywpvusSchb6JggxNPo9HnixoYw5vgjKz7P0L3K&X-zuY25QsG--z=q IP 52.44.46.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-07 02:35:49 Last Seen2023-06-07 02:35:49 Times Seen2 Hash d231ded6214ccb2706325aa46e0ce53e 0eb4d6181ef415bed90d918c8ef2afe4a8cfd776 ed874f496348dc08c0e4b57dbbf4e78186f56e2fc807ab6a457f75183e6ebe61 Loading...

	adpusa.zyns.com/ADP/	363 B	2023-03-07	2024-01-30
Pretty URL adpusa.zyns.com/ADP/ IP 15.204.162.181 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:59:10 Last Seen2024-01-30 00:22:27 Times Seen55 Hash aa86093768f6204ed0d1d4b79a4608a6 a8a842d3ae4ffd989d2c732748df0812cdb3fe2d 8024c6b807bf9834463cbc2bae2865bcc1116fcd43f2950fb9d7baeb453bf601 Loading...

	online.adp.com/inc/js/lib/6a8f894227f41759348779077d1e5851.js	1.0 kB	2023-06-07	2023-06-07
Pretty URL online.adp.com/inc/js/lib/6a8f894227f41759348779077d1e5851.js IP 52.44.46.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-07 02:35:49 Last Seen2023-06-07 02:35:49 Times Seen1 Hash 79d33fa76f4647a18614b172e7f0aeb0 1d84dbf662ab69b930ffeb162c5eb047c6339ce6 e9f90987e902f242d1ba2662c0bf388402010aee81aaa2bf204f5e16104a2cd4 Loading...

	online.adp.com/nnlappsdk-8.0.0/js/oob-rest.js	1.7 kB	2023-03-07	2024-01-16
Pretty URL online.adp.com/nnlappsdk-8.0.0/js/oob-rest.js IP 52.44.46.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:12:22 Last Seen2024-01-16 08:51:23 Times Seen88 Hash 366bd0d5783f61467031761bc8c1e3e9 be57d5024dc8f1371c77233c590ca3357adce52b 732f670be4b46c6729e3cdbfc07d89b10a6b234cdb7b74755fd241bcecc9ad00 Loading...

	www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=20820&site=staging	12 kB	2023-03-14	2024-02-02
Pretty URL www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=20820&site=staging IP 3.208.149.104 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 18:38:25 Last Seen2024-02-02 04:46:50 Times Seen36 Hash cae412f433319b367d836e9d18942301 3d37b9db080ffe39c5467cf3542158bedcf7a196 c419b9c22cfa6d7f0b5afcecd7f1c6c6506d4371d6a78de03a1d6ffb86df7b65 Loading...

	adpusa.zyns.com/ADP/	1.7 kB	2023-03-07	2023-06-07
Pretty URL adpusa.zyns.com/ADP/ IP 15.204.162.181 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:12:22 Last Seen2023-06-07 02:35:49 Times Seen17 Hash e12a1d3dda2edd8535c97b1315720e72 84f7b91abcddea7a2165eae6837cf95af0be15d1 8aa5b56d27a4d95172b542006dd5c1d1a2c14990d179c82438dad6cffd0da573 Loading...

	wsv3cdn.audioeye.com/v2/build/3772.bundle.3fa2a6d.js	480 B	2023-03-09	2024-02-14
Pretty URL wsv3cdn.audioeye.com/v2/build/3772.bundle.3fa2a6d.js IP 172.64.151.222 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:23:19 Last Seen2024-02-14 05:29:41 Times Seen871 Hash 031ffa4b09cd5d06511f8c85020f8a6b da4e240560b1f8eaf0eb4cd3b0355a5a38be753d 6db9473433810ec1cb3117726b26aab3d002201382e526a11c5ef6b16aa514f1 Loading...

	adpusa.zyns.com/ADP/	1.5 kB	2023-03-07	2023-11-05
Pretty URL adpusa.zyns.com/ADP/ IP 15.204.162.181 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:12:22 Last Seen2023-11-05 00:25:26 Times Seen24 Hash ae23f03fe60fa5e304c0bd01df90b2aa 4494c3c36557db01d0f8f720f76526133bfbb894 bc57cf7b46efbd228372187b30f468c3c074f254952ab165ac1c34c833807313 Loading...

	wsv3cdn.audioeye.com/v2/build/874.bundle.3fa2a6d.js	193 B	2023-03-09	2024-04-25
Pretty URL wsv3cdn.audioeye.com/v2/build/874.bundle.3fa2a6d.js IP 172.64.151.222 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:23:19 Last Seen2024-04-25 00:12:32 Times Seen925 Hash 70026b0c4a787b8e5bba07bf62a8211a 03a7a97c2a883a79573f9f443bb6b34de8ef9376 20f86b062157fbf2af91b2a5013cb09570b608b2993b430e2b41ae0c34ed4d75 Loading...

	ws.audioeye.com/ae.js	1.0 kB	2023-03-07	2023-11-05
Pretty URL ws.audioeye.com/ae.js IP 172.64.151.222 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:12 Last Seen2023-11-05 00:25:26 Times Seen863 Hash c5f5d23dbd841fb0868078e4bfbbd713 2f28ce456fa7b6b2aa7692b1364c2c49fc26f0b6 9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2 Loading...

	wsv3cdn.audioeye.com/helpers-remediations/Focus_Indicator.js	1.2 kB	2023-05-14	2023-06-07
Pretty URL wsv3cdn.audioeye.com/helpers-remediations/Focus_Indicator.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-14 02:52:44 Last Seen2023-06-07 02:35:49 Times Seen13 Hash eaf51a298846468c034809e24fad11ab 21b20bbb1d38af3a3f87f5db3b82175a16147f5e d4af69650164a278bcda270b999ae0ae76cc7d5d4443f6e82c731e286fb713c1 Loading...

	wsv3cdn.audioeye.com/v2/build/startup.bundle.3fa2a6d.js	439 kB	2023-05-31	2023-06-07
Pretty URL wsv3cdn.audioeye.com/v2/build/startup.bundle.3fa2a6d.js IP 172.64.151.222 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-31 06:57:32 Last Seen2023-06-07 17:10:12 Times Seen29 Hash 3a536ebdff5546f7668b191d2cad86ec 95fc2797c6f960c0bda23710ec965b1ebc191533 37421f0ae4fd5dd45e8d2c6eb15d857acc32c2f5fa0f6d3e358425030207b5c5 Loading...

	online.adp.com/nnlappsdk-8.0.0/js/utils.js	47 kB	2023-03-07	2024-01-16
Pretty URL online.adp.com/nnlappsdk-8.0.0/js/utils.js IP 52.44.46.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:12:23 Last Seen2024-01-16 08:51:23 Times Seen50 Hash 2fa68dd31178e0e1bd50b71382d5e6da 7df9c9f260ac6f071e969a8e94abbbfee2f788b9 83cf0d21c234f01006ec7e1831508eea0cbb80584971ded5b962dd4267f2665c Loading...

	wsv3cdn.audioeye.com/bootstrap.js?d=online.adp.com	45 kB	2023-06-06	2023-06-07
Pretty URL wsv3cdn.audioeye.com/bootstrap.js?d=online.adp.com IP 172.64.151.222 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-06 23:36:24 Last Seen2023-06-07 02:35:49 Times Seen3 Hash 4160b77776bfd0c912b71ebfece30be7 ff3905c09e2bcacbfddc3476bddc69fad1ecbdd3 fd2966e4bc09d91cdb4634e2972b0a48e738bba11b79b890ae6740b8266a203f Loading...

	online.adp.com/nnlappsdk-8.0.0/iframe.jsp	0 B	2023-03-07	2024-04-25
Pretty URL online.adp.com/nnlappsdk-8.0.0/iframe.jsp IP 52.44.46.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 18:17:29 Times Seen37069251 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	online.adp.com/nnlappsdk-8.0.0/js/iframe.js	3.5 kB	2023-03-07	2024-01-16
Pretty URL online.adp.com/nnlappsdk-8.0.0/js/iframe.js IP 52.44.46.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:12:23 Last Seen2024-01-16 08:51:23 Times Seen50 Hash 0337a75dfc6d3b2e627f07e28f147188 33dc708871acc5381e6117609bcfc7696e96e0e0 d2bab07b33afe2692c6b2159484c4e2f34d4f03c4b2b0dd50ea6e162093ec60d Loading...

	wsv3cdn.audioeye.com/v2/build/smartrems.bundle.3fa2a6d.js	139 kB	2023-05-31	2023-06-21
Pretty URL wsv3cdn.audioeye.com/v2/build/smartrems.bundle.3fa2a6d.js IP 172.64.151.222 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-31 06:57:33 Last Seen2023-06-21 20:10:48 Times Seen52 Hash f0a859cccda636fbd13cb4f927e0af5a 4fc37f012a6837e8de99d1aa240803c9e0f39ddb d2ea3138e5edee8cd1f9b5fafcd394ed6aef1a1fbe037e8f379ba198f08f883c Loading...

	adpusa.zyns.com/ADP/	1.4 kB	2023-03-08	2023-06-07
Pretty URL adpusa.zyns.com/ADP/ IP 15.204.162.181 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 06:47:52 Last Seen2023-06-07 02:35:49 Times Seen17 Hash 0c950654e940fdbdfc8bf945ddf7aa03 0fa51070192fdacc3327362c4d695caa57c983d1 8369ddadfce904f9c21b4996f4b972497756e126d3d6aa4439ec358d65a7dc95 Loading...

	online.adp.com/nnlappsdk-8.0.0/js/appsdk.js	85 kB	2023-03-07	2024-01-16
Pretty URL online.adp.com/nnlappsdk-8.0.0/js/appsdk.js IP 52.44.46.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:12:22 Last Seen2024-01-16 08:51:23 Times Seen50 Hash 2a2af074efc372340f470f17b2486084 afdaa5bfbd90b2f2f6c5617091601050b15d6697 a97a65ee85cfaf4a08966bb8a2451a4aa76e314292519ceb809d5c7c4ac24c11 Loading...

	wsv3cdn.audioeye.com/v2/scripts/loader.js?h=52efded7263d54aeb85806644ce63802&lang=en&cb=3fa2a6d	48 kB	2023-06-06	2023-06-07
Pretty URL wsv3cdn.audioeye.com/v2/scripts/loader.js?h=52efded7263d54aeb85806644ce63802&lang=en&cb=3fa2a6d IP 172.64.151.222 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-06 23:36:24 Last Seen2023-06-07 02:35:49 Times Seen4 Hash 51a1a8e899e1533bf36e1a76d2d6cf81 33f2a3dbd887a67aed6f6052986c60beb093940d a4038c123f91d8b6f5e25752da8c079443758863b2935a8a7ec12017ccfa4d9a Loading...

	online.adp.com/nnlappsdk-8.0.0/js/iframe-metrics.js	2.3 kB	2023-03-07	2024-01-16
Pretty URL online.adp.com/nnlappsdk-8.0.0/js/iframe-metrics.js IP 52.44.46.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:12:23 Last Seen2024-01-16 08:51:23 Times Seen45 Hash cf951ec270416f41a201fdde1d26bee2 0f19321d1e0a6090c5b91725b8e00080d9faca98 b1cbd3b872e492b90099bdbc53982c3fa93f323f9f4c604ecab9a681fa91dd83 Loading...

	online.adp.com/nnlappsdk-8.0.0/webjars/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-04-25
Pretty URL online.adp.com/nnlappsdk-8.0.0/webjars/jquery/3.5.1/jquery.min.js IP 52.44.46.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-25 18:05:26 Times Seen139149 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	online.adp.com/nnlappsdk-8.0.0/js/iframe-default.js	5.2 kB	2023-03-07	2024-01-16
Pretty URL online.adp.com/nnlappsdk-8.0.0/js/iframe-default.js IP 52.44.46.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:12:22 Last Seen2024-01-16 08:51:23 Times Seen48 Hash 2bb90732fa2b49e1bc7e343b94930dbd a1382d0ce61fdd76e984478ab967526a36f76fac a7a98aa232013d4af06b300c0c53346e65cd695997e2cbaedd48bd7308593d79 Loading...

	wsv3cdn.audioeye.com/helpers-remediations/Forms.js	1.5 kB	2023-05-14	2023-06-07
Pretty URL wsv3cdn.audioeye.com/helpers-remediations/Forms.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-14 02:52:44 Last Seen2023-06-07 02:35:49 Times Seen13 Hash 03bb9667f6ec569a9644623230678626 13277c00bd820d19986459075bbafb099278eca3 1f75e734cce8af7c7edbd2f621aa19e03755b04a6ea87ca0282ffafa52ac31b3 Loading...

	static.adp.com/static/redbox/one-login-bootstrap.js?66	80 B	2023-03-08	2024-04-15
Pretty URL static.adp.com/static/redbox/one-login-bootstrap.js?66 IP 54.230.111.77 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:47:52 Last Seen2024-04-15 14:22:48 Times Seen32 Hash 61c2877e5bea56239c35fae61a8025a1 b6196c53a9af355ae1fd0a95d1f53c59b8fa28d8 9eccb24d9c1974d89ce4e3a0d2ebb787e4a1fb695b2df4a87fc85274eda9f762 Loading...

	online.adp.com/nnlappsdk-8.0.0/js/fido-client.js	14 kB	2023-03-07	2024-01-16
Pretty URL online.adp.com/nnlappsdk-8.0.0/js/fido-client.js IP 52.44.46.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:12:22 Last Seen2024-01-16 08:51:23 Times Seen50 Hash 02e4d35d34a678a3232e7db9f0d089f2 38dd665f81728019bb8dc6023cac6f7adfeee011 7048a11bb2082fbf680eb178bc95775f7ec7aa21c2b42674c92a74fe9f881683 Loading...

	wsv3cdn.audioeye.com/helpers-remediations/Headings.js	1.3 kB	2023-05-14	2023-06-07
Pretty URL wsv3cdn.audioeye.com/helpers-remediations/Headings.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-14 02:52:44 Last Seen2023-06-07 02:35:49 Times Seen13 Hash 665281e9c9ce9e7924fdc90f0b1f3650 2418ff8f93ec7de955ca523992373f3b50d0f072 eae181544668add561597cbe400f0fb721a398d2607195aa2bfdccb43d06b4fa Loading...

	wsv3cdn.audioeye.com/v2/build/jquery.bundle.3fa2a6d.js	98 kB	2023-05-31	2023-06-07
Pretty URL wsv3cdn.audioeye.com/v2/build/jquery.bundle.3fa2a6d.js IP 172.64.151.222 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-31 06:57:33 Last Seen2023-06-07 17:10:12 Times Seen26 Hash fbe19b3a25d77d4d91cc814a4bbaafc3 a10efc6366f50e12d8bb8c5ed63d715ea336c4b1 53d069da8337276be9c84dde27cb0107ded9a2e71632f4ad1ec22e201a032757 Loading...

	online.adp.com/nnlappsdk-8.0.0/webjars/requirejs/2.3.6/require.js	86 kB	2023-03-07	2024-04-07
Pretty URL online.adp.com/nnlappsdk-8.0.0/webjars/requirejs/2.3.6/require.js IP 52.44.46.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2024-04-07 18:39:59 Times Seen189 Hash f0cc8bbb2fcef87fc194fecbb632fcfa 33bc97e78f4905e72b4c1eb2ca0a4662588443e3 9485f0917f97fcf4f63a5ea365200ffd57f123f451382a2f9a1ad2e2fd51ac9b Loading...

	wsv3cdn.audioeye.com/helpers-remediations/Links_Buttons.js	1.8 kB	2023-05-14	2023-06-07
Pretty URL wsv3cdn.audioeye.com/helpers-remediations/Links_Buttons.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-14 02:52:44 Last Seen2023-06-07 02:35:49 Times Seen13 Hash 65db5c7f7efe748ef913fa46118b3733 db8f005b8eb79bdb1b398e162cd8c92f243de0d7 8263001d326c6b8f0a7c318ad4e43522263013e3284dc3c6c9a003dd6ce6a592 Loading...

	wsv3cdn.audioeye.com/bootstrap.js?d=adpusa.zyns.com	44 kB	2023-05-30	2023-06-07
Pretty URL wsv3cdn.audioeye.com/bootstrap.js?d=adpusa.zyns.com IP 172.64.151.222 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-30 21:35:45 Last Seen2023-06-07 02:35:49 Times Seen7 Hash 4b3e140220aa284b0af8d8cb46fafc9e 7b71fc525f31861f562a7cc637ad37b813297cc5 9f1dcc38ed25396ea90bb2e2e38b90264160307910f85b182963be43b5de8b48 Loading...

	wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=3fa2a6d	0 B	2023-03-07	2024-04-25
Pretty URL wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=3fa2a6d IP 172.64.151.222 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 18:17:29 Times Seen37069251 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	wsv3cdn.audioeye.com/v2/build/5121.bundle.3fa2a6d.js	382 B	2023-03-09	2024-04-25
Pretty URL wsv3cdn.audioeye.com/v2/build/5121.bundle.3fa2a6d.js IP 172.64.151.222 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:23:18 Last Seen2024-04-25 00:12:29 Times Seen916 Hash 6fdd0151ab6aeea9275d363e8370b823 3dbd98dc4746f1a2e98817ecae728d7e8d0dd06f 903cf6b79d15c1159628f9edf09b933327c9a54efb41023641c09db4696ded7e Loading...

	wsv3cdn.audioeye.com/v2/build/compliance.bundle.3fa2a6d.js	155 kB	2023-06-01	2023-06-07
Pretty URL wsv3cdn.audioeye.com/v2/build/compliance.bundle.3fa2a6d.js IP 172.64.151.222 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 13:04:26 Last Seen2023-06-07 17:10:13 Times Seen28 Hash f16e6b8dabb9bc7ea85c0b810fd5ed82 6cf07ba187c390508cb58ce4e24691b441061117 ddc8364ca31b4f6af7699f76df0cf6ed4b34e8c2ffd8776b62b847d5ee8c4d41 Loading...

		Size	First Seen	Last Seen
	#1 Eval - c060a8542d5fab6e9e10ced895e7e8dd	1.0 kB	2023-03-12	2023-06-07
Pretty Observations First Seen2023-03-12 11:32:05 Last Seen2023-06-07 02:35:49 Times Seen16 Hash c060a8542d5fab6e9e10ced895e7e8dd 01795aaefacc34085027b7ded7295903b1ae1f27 28ae10c73c2f210c3c39d20de63c4ef3db0e7b3f34c7d4bbe8293683e2e7d857 Loading...

	#2 Eval - 0b224782ef0babdceacbd2b58b1761e2	723 B	2023-03-12	2023-06-07
Pretty Observations First Seen2023-03-12 11:32:05 Last Seen2023-06-07 02:35:49 Times Seen16 Hash 0b224782ef0babdceacbd2b58b1761e2 0886566a0c0e72eb74b320696a67db919a33a8bd c10d2e9ac5e854c7fb1adae16658fe31dbcbd216691f7925c0d27bcf355281ac Loading...

	#3 Eval - 35809d5387368891e37b2acdc9bbdf2d	1.2 kB	2023-03-12	2023-06-07
Pretty Observations First Seen2023-03-12 11:32:05 Last Seen2023-06-07 02:35:49 Times Seen17 Hash 35809d5387368891e37b2acdc9bbdf2d e079251fec84ff5ff01cc5c90a34e0cd4ee9ee1d 44d50090fecadfa686ca96ebb05622372ad1168f2cd2b4e44d0d5b7dd2e8f9ba Loading...

	#4 Eval - 281122e02aa48217ba98b13e29462ce5	802 B	2023-03-12	2023-06-07
Pretty Observations First Seen2023-03-12 11:32:05 Last Seen2023-06-07 02:35:49 Times Seen17 Hash 281122e02aa48217ba98b13e29462ce5 bd42260655cb59f9f90cc26ba5864eb63b809573 e448fc0b25c800542373fabb36359933f2115160cdbb96be7530d83ca7a10a06 Loading...

	#5 Eval - 3d4443186f4b321e7f3be54798a537c3	748 B	2023-03-12	2023-06-07
Pretty Observations First Seen2023-03-12 11:32:05 Last Seen2023-06-07 02:35:49 Times Seen17 Hash 3d4443186f4b321e7f3be54798a537c3 bb741ed2b0962d3411511839746033662f2ad0e4 74804f71235dba5e0e829e19753b860cc0c70805edef46a15fdeb729546eef9c Loading...

	#6 Eval - 5e3eca4928505544ba2adc2a2b6df5e0	704 B	2023-03-12	2023-06-07
Pretty Observations First Seen2023-03-12 11:32:05 Last Seen2023-06-07 02:35:49 Times Seen17 Hash 5e3eca4928505544ba2adc2a2b6df5e0 9a9bd1e23780967ce59f71efccef46c5e1c2c48c 1555ef6512fa0667c3af48c3684cbbee57e4dfc1f913326e6d7cd07f4727d5dc Loading...

	#7 Eval - 8acaf01506f3b87977848a0b15441e7b	7.0 kB	2023-03-12	2023-06-07
Pretty Observations First Seen2023-03-12 11:32:05 Last Seen2023-06-07 02:35:49 Times Seen17 Hash 8acaf01506f3b87977848a0b15441e7b 064439e96db2c1d541a76bd572cb6ef05074d607 f1ba33557ff92c7cb3596f6ca52f56faafe0a0615f64dc10a6fa1e303eecc2cc Loading...

	#8 Eval - 44e4a9d9bf08ddc97fdb8be2af639947	9.8 kB	2023-03-09	2023-06-07
Pretty Observations First Seen2023-03-09 04:56:56 Last Seen2023-06-07 02:35:49 Times Seen17 Hash 44e4a9d9bf08ddc97fdb8be2af639947 924dfbe511f9c57f6d7d9de4ad2574507f4f6909 6a4e613d2366985f39b08ecba109fde9bea9b2ebc66dfd20235cab67195400e3 Loading...

		Size	First Seen	Last Seen
	#1 Write - 1cde88864b654c56c2d9e5bfd63da015	201 B	2023-06-07	2023-06-07
Pretty Observations First Seen2023-06-07 02:35:49 Last Seen2023-06-07 02:35:49 Times Seen1 Hash 1cde88864b654c56c2d9e5bfd63da015 c78de355563743a35e1e9331f036b0155b3f1a33 ebcfbabf675a6b5059428b3d9f19fd15954c1e05e38b5d0b8b3adc4283a3df23 Loading...

HTTP Transactions (67)

URL IP Response Size

adpusa.zyns.com/

15.204.162.181

301 Moved Permanently

707 B

URL User Request GET HTTP/2
adpusa.zyns.com/
IP
15.204.162.181:443
ASN
#16276 OVH SAS

Certificate
IssuerLet's Encrypt
Subjectadpusa.zyns.com
Fingerprint43:A7:11:68:AB:B9:40:C1:1F:55:45:06:5A:23:27:80:18:44:5C:DC
ValidityMon, 05 Jun 2023 10:45:18 GMT - Sun, 03 Sep 2023 10:45:17 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	ADP, LLC

HTTP Headers

GET / HTTP/1.1
Host: adpusa.zyns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 707
date: Wed, 07 Jun 2023 00:35:27 GMT
server: LiteSpeed
location: https://adpusa.zyns.com/ADP/
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

adpusa.zyns.com/ADP/favicon.ico

15.204.162.181

200 OK

5.4 kB

URL GET HTTP/3
adpusa.zyns.com/ADP/favicon.ico
IP
15.204.162.181:443
ASN
#16276 OVH SAS

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerLet's Encrypt
Subjectadpusa.zyns.com
Fingerprint43:A7:11:68:AB:B9:40:C1:1F:55:45:06:5A:23:27:80:18:44:5C:DC
ValidityMon, 05 Jun 2023 10:45:18 GMT - Sun, 03 Sep 2023 10:45:17 GMT

File type
MS Windows icon resource - 1 icon, -92x80, 32 bits/pixel\012- data
Size
5.4 kB (5423 bytes)
Hash
3a51c47e8b514b2bd166f2fbcf20aee2
210bd4452d936470c11cdc6f408c805b2965f90d
78f3744a1ee3a56bd1fc50e8be527b31f471df522d7e71610cabfbf8becfcbdd

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	ADP, LLC

HTTP Headers

GET /ADP/favicon.ico HTTP/1.1
Host: adpusa.zyns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/ADP/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Jun 2023 00:35:28 GMT
content-type: image/x-icon
last-modified: Sun, 27 Mar 2022 00:48:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5423
date: Wed, 07 Jun 2023 00:35:28 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

adpusa.zyns.com/static/media/us.ae656592.svg

15.204.162.181

301 Moved Permanently

707 B

URL GET HTTP/3
adpusa.zyns.com/static/media/us.ae656592.svg
IP
15.204.162.181:443
ASN
#16276 OVH SAS

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerLet's Encrypt
Subjectadpusa.zyns.com
Fingerprint43:A7:11:68:AB:B9:40:C1:1F:55:45:06:5A:23:27:80:18:44:5C:DC
ValidityMon, 05 Jun 2023 10:45:18 GMT - Sun, 03 Sep 2023 10:45:17 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	ADP, LLC

HTTP Headers

GET /static/media/us.ae656592.svg HTTP/1.1
Host: adpusa.zyns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/ADP/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
content-type: text/html
content-length: 707
date: Wed, 07 Jun 2023 00:35:28 GMT
server: LiteSpeed
location: https://adpusa.zyns.com/ADP/
vary: User-Agent

adpusa.zyns.com/static/js/2.430e61cd.chunk.js

15.204.162.181

301 Moved Permanently

707 B

URL GET HTTP/3
adpusa.zyns.com/static/js/2.430e61cd.chunk.js
IP
15.204.162.181:443
ASN
#16276 OVH SAS

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerLet's Encrypt
Subjectadpusa.zyns.com
Fingerprint43:A7:11:68:AB:B9:40:C1:1F:55:45:06:5A:23:27:80:18:44:5C:DC
ValidityMon, 05 Jun 2023 10:45:18 GMT - Sun, 03 Sep 2023 10:45:17 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	ADP, LLC

HTTP Headers

GET /static/js/2.430e61cd.chunk.js HTTP/1.1
Host: adpusa.zyns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/ADP/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
content-type: text/html
content-length: 707
date: Wed, 07 Jun 2023 00:35:28 GMT
server: LiteSpeed
location: https://adpusa.zyns.com/ADP/
vary: User-Agent

adpusa.zyns.com/static/js/main.837a2703.chunk.js

15.204.162.181

301 Moved Permanently

707 B

URL GET HTTP/3
adpusa.zyns.com/static/js/main.837a2703.chunk.js
IP
15.204.162.181:443
ASN
#16276 OVH SAS

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerLet's Encrypt
Subjectadpusa.zyns.com
Fingerprint43:A7:11:68:AB:B9:40:C1:1F:55:45:06:5A:23:27:80:18:44:5C:DC
ValidityMon, 05 Jun 2023 10:45:18 GMT - Sun, 03 Sep 2023 10:45:17 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	ADP, LLC

HTTP Headers

GET /static/js/main.837a2703.chunk.js HTTP/1.1
Host: adpusa.zyns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/ADP/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
content-type: text/html
content-length: 707
date: Wed, 07 Jun 2023 00:35:28 GMT
server: LiteSpeed
location: https://adpusa.zyns.com/ADP/
vary: User-Agent

adpusa.zyns.com/static/media/proximanova-light.971655af.woff2

15.204.162.181

301 Moved Permanently

707 B

URL GET HTTP/3
adpusa.zyns.com/static/media/proximanova-light.971655af.woff2
IP
15.204.162.181:443
ASN
#16276 OVH SAS

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerLet's Encrypt
Subjectadpusa.zyns.com
Fingerprint43:A7:11:68:AB:B9:40:C1:1F:55:45:06:5A:23:27:80:18:44:5C:DC
ValidityMon, 05 Jun 2023 10:45:18 GMT - Sun, 03 Sep 2023 10:45:17 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	ADP, LLC

HTTP Headers

GET /static/media/proximanova-light.971655af.woff2 HTTP/1.1
Host: adpusa.zyns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/ADP/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
content-type: text/html
content-length: 707
date: Wed, 07 Jun 2023 00:35:28 GMT
server: LiteSpeed
location: https://adpusa.zyns.com/ADP/
vary: User-Agent

adpusa.zyns.com/static/media/proximanova-regular.6762c74d.woff2

15.204.162.181

301 Moved Permanently

707 B

URL GET HTTP/3
adpusa.zyns.com/static/media/proximanova-regular.6762c74d.woff2
IP
15.204.162.181:443
ASN
#16276 OVH SAS

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerLet's Encrypt
Subjectadpusa.zyns.com
Fingerprint43:A7:11:68:AB:B9:40:C1:1F:55:45:06:5A:23:27:80:18:44:5C:DC
ValidityMon, 05 Jun 2023 10:45:18 GMT - Sun, 03 Sep 2023 10:45:17 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	ADP, LLC

HTTP Headers

GET /static/media/proximanova-regular.6762c74d.woff2 HTTP/1.1
Host: adpusa.zyns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/ADP/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
content-type: text/html
content-length: 707
date: Wed, 07 Jun 2023 00:35:28 GMT
server: LiteSpeed
location: https://adpusa.zyns.com/ADP/
vary: User-Agent

adpusa.zyns.com/static/media/proximanova-semibold.003d2f25.woff2

15.204.162.181

301 Moved Permanently

707 B

URL GET HTTP/3
adpusa.zyns.com/static/media/proximanova-semibold.003d2f25.woff2
IP
15.204.162.181:443
ASN
#16276 OVH SAS

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerLet's Encrypt
Subjectadpusa.zyns.com
Fingerprint43:A7:11:68:AB:B9:40:C1:1F:55:45:06:5A:23:27:80:18:44:5C:DC
ValidityMon, 05 Jun 2023 10:45:18 GMT - Sun, 03 Sep 2023 10:45:17 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	ADP, LLC

HTTP Headers

GET /static/media/proximanova-semibold.003d2f25.woff2 HTTP/1.1
Host: adpusa.zyns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/ADP/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
content-type: text/html
content-length: 707
date: Wed, 07 Jun 2023 00:35:28 GMT
server: LiteSpeed
location: https://adpusa.zyns.com/ADP/
vary: User-Agent

adpusa.zyns.com/static/media/proximanova-bold.068f05f5.woff2

15.204.162.181

301 Moved Permanently

707 B

URL GET HTTP/3
adpusa.zyns.com/static/media/proximanova-bold.068f05f5.woff2
IP
15.204.162.181:443
ASN
#16276 OVH SAS

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerLet's Encrypt
Subjectadpusa.zyns.com
Fingerprint43:A7:11:68:AB:B9:40:C1:1F:55:45:06:5A:23:27:80:18:44:5C:DC
ValidityMon, 05 Jun 2023 10:45:18 GMT - Sun, 03 Sep 2023 10:45:17 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	ADP, LLC

HTTP Headers

GET /static/media/proximanova-bold.068f05f5.woff2 HTTP/1.1
Host: adpusa.zyns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/ADP/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
content-type: text/html
content-length: 707
date: Wed, 07 Jun 2023 00:35:28 GMT
server: LiteSpeed
location: https://adpusa.zyns.com/ADP/
vary: User-Agent

wsv3cdn.audioeye.com/build/startup.bundle.js?cb=fc8000c

172.64.151.222

404 Not Found

29 B

URL GET HTTP/2
wsv3cdn.audioeye.com/build/startup.bundle.js?cb=fc8000c
IP
172.64.151.222:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEE:8B:07:1F:A3:E3:C1:17:AC:CF:C5:DE:FD:E0:83:D9:2E:B0:89:8A
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
29 B (29 bytes)
Hash
e8eacfe6d5c10c70b79875a1e49e70f4
406e1c098ed111fe1e5eb5aed29fbb3e5ab27163
8b3bc42630ce797308e3ad9ac29de81ae883fa51d646e0c84a1165b27646cffd

HTTP Headers

GET /build/startup.bundle.js?cb=fc8000c HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Wed, 07 Jun 2023 00:35:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 29
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34d0b53fae0b41-OSL
X-Firefox-Spdy: h2

wsv3cdn.audioeye.com/build/jquery.bundle.js?cb=fc8000c

172.64.151.222

404 Not Found

29 B

URL GET HTTP/2
wsv3cdn.audioeye.com/build/jquery.bundle.js?cb=fc8000c
IP
172.64.151.222:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEE:8B:07:1F:A3:E3:C1:17:AC:CF:C5:DE:FD:E0:83:D9:2E:B0:89:8A
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
29 B (29 bytes)
Hash
e8eacfe6d5c10c70b79875a1e49e70f4
406e1c098ed111fe1e5eb5aed29fbb3e5ab27163
8b3bc42630ce797308e3ad9ac29de81ae883fa51d646e0c84a1165b27646cffd

HTTP Headers

GET /build/jquery.bundle.js?cb=fc8000c HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Wed, 07 Jun 2023 00:35:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 29
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34d0b53fab0b41-OSL
X-Firefox-Spdy: h2

static.adp.com/static/redbox/one-login-bootstrap.js?66

54.230.111.77

200 OK

80 B

URL GET HTTP/2
static.adp.com/static/redbox/one-login-bootstrap.js?66
IP
54.230.111.77:443
ASN
#16509 AMAZON-02

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerDigiCert Inc
Subjectmyadp-static.adp.com
Fingerprint8F:DB:AE:63:3B:96:A6:4E:88:39:E8:95:7B:23:5E:62:54:F5:73:C8
ValidityFri, 19 Aug 2022 00:00:00 GMT - Tue, 22 Aug 2023 23:59:59 GMT

File type
ASCII text
Size
80 B (80 bytes)
Hash
61c2877e5bea56239c35fae61a8025a1
b6196c53a9af355ae1fd0a95d1f53c59b8fa28d8
9eccb24d9c1974d89ce4e3a0d2ebb787e4a1fb695b2df4a87fc85274eda9f762

HTTP Headers

GET /static/redbox/one-login-bootstrap.js?66 HTTP/1.1
Host: static.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 80
last-modified: Wed, 24 May 2023 03:11:23 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Jun 2023 00:35:28 GMT
cache-control: max-age=600,public
etag: "61c2877e5bea56239c35fae61a8025a1"
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: w1yQsH1QyX-XXLO__EcoL6PdkkyVNfAAeM5ke8ljbG5iBlEmnyhdsg==
age: 253
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=20820&site=staging

3.208.149.104

302 Found

189 B

URL GET HTTP/2
www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=20820&site=staging
IP
3.208.149.104:443
ASN
#14618 AMAZON-AES

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerDigiCert Inc
Subject*.glancecdn.net
Fingerprint39:C5:84:26:01:E7:91:9A:1D:F8:E5:9E:8F:94:90:38:81:CA:B4:32
ValidityThu, 25 May 2023 00:00:00 GMT - Thu, 13 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
189 B (189 bytes)
Hash
78fc9e5216a5f79c30f856d0156b7fe5
d1fb524467f7f76f32e0040b9d87beb8fa3d4d34
1e4e2f59c13f835d42bfe8150b4c9d8c69c369ac947a8534743e01522333884d

HTTP Headers

GET /cobrowse/CobrowseJS.ashx?group=20820&site=staging HTTP/1.1
Host: www.glancecdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 07 Jun 2023 00:35:28 GMT
content-type: text/html; charset=utf-8
content-length: 189
location: https://storage.glancecdn.net/cobrowse/js/GlanceCobrowseLoader_5.8.2M.js
cache-control: max-age=3600
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=20820&site=production

3.208.149.104

302 Found

189 B

URL GET HTTP/2
www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=20820&site=production
IP
3.208.149.104:443
ASN
#14618 AMAZON-AES

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerDigiCert Inc
Subject*.glancecdn.net
Fingerprint39:C5:84:26:01:E7:91:9A:1D:F8:E5:9E:8F:94:90:38:81:CA:B4:32
ValidityThu, 25 May 2023 00:00:00 GMT - Thu, 13 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
189 B (189 bytes)
Hash
78fc9e5216a5f79c30f856d0156b7fe5
d1fb524467f7f76f32e0040b9d87beb8fa3d4d34
1e4e2f59c13f835d42bfe8150b4c9d8c69c369ac947a8534743e01522333884d

HTTP Headers

GET /cobrowse/CobrowseJS.ashx?group=20820&site=production HTTP/1.1
Host: www.glancecdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 07 Jun 2023 00:35:28 GMT
content-type: text/html; charset=utf-8
content-length: 189
location: https://storage.glancecdn.net/cobrowse/js/GlanceCobrowseLoader_5.8.2M.js
cache-control: max-age=3600
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
X-Firefox-Spdy: h2

adpusa.zyns.com/static/media/proximanova-regular.40c4c207.woff

15.204.162.181

301 Moved Permanently

707 B

URL GET HTTP/3
adpusa.zyns.com/static/media/proximanova-regular.40c4c207.woff
IP
15.204.162.181:443
ASN
#16276 OVH SAS

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerLet's Encrypt
Subjectadpusa.zyns.com
Fingerprint43:A7:11:68:AB:B9:40:C1:1F:55:45:06:5A:23:27:80:18:44:5C:DC
ValidityMon, 05 Jun 2023 10:45:18 GMT - Sun, 03 Sep 2023 10:45:17 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	ADP, LLC

HTTP Headers

GET /static/media/proximanova-regular.40c4c207.woff HTTP/1.1
Host: adpusa.zyns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/ADP/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
content-type: text/html
content-length: 707
date: Wed, 07 Jun 2023 00:35:28 GMT
server: LiteSpeed
location: https://adpusa.zyns.com/ADP/
vary: User-Agent

adpusa.zyns.com/static/media/proximanova-semibold.e29fe11b.woff

15.204.162.181

301 Moved Permanently

707 B

URL GET HTTP/3
adpusa.zyns.com/static/media/proximanova-semibold.e29fe11b.woff
IP
15.204.162.181:443
ASN
#16276 OVH SAS

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerLet's Encrypt
Subjectadpusa.zyns.com
Fingerprint43:A7:11:68:AB:B9:40:C1:1F:55:45:06:5A:23:27:80:18:44:5C:DC
ValidityMon, 05 Jun 2023 10:45:18 GMT - Sun, 03 Sep 2023 10:45:17 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	ADP, LLC

HTTP Headers

GET /static/media/proximanova-semibold.e29fe11b.woff HTTP/1.1
Host: adpusa.zyns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/ADP/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
content-type: text/html
content-length: 707
date: Wed, 07 Jun 2023 00:35:28 GMT
server: LiteSpeed
location: https://adpusa.zyns.com/ADP/
vary: User-Agent

adpusa.zyns.com/static/media/proximanova-light.1665eb88.woff

15.204.162.181

301 Moved Permanently

707 B

URL GET HTTP/3
adpusa.zyns.com/static/media/proximanova-light.1665eb88.woff
IP
15.204.162.181:443
ASN
#16276 OVH SAS

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerLet's Encrypt
Subjectadpusa.zyns.com
Fingerprint43:A7:11:68:AB:B9:40:C1:1F:55:45:06:5A:23:27:80:18:44:5C:DC
ValidityMon, 05 Jun 2023 10:45:18 GMT - Sun, 03 Sep 2023 10:45:17 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	ADP, LLC

HTTP Headers

GET /static/media/proximanova-light.1665eb88.woff HTTP/1.1
Host: adpusa.zyns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/ADP/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
content-type: text/html
content-length: 707
date: Wed, 07 Jun 2023 00:35:28 GMT
server: LiteSpeed
location: https://adpusa.zyns.com/ADP/
vary: User-Agent

adpusa.zyns.com/static/media/proximanova-bold.6bce1cc1.woff

15.204.162.181

301 Moved Permanently

707 B

URL GET HTTP/3
adpusa.zyns.com/static/media/proximanova-bold.6bce1cc1.woff
IP
15.204.162.181:443
ASN
#16276 OVH SAS

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerLet's Encrypt
Subjectadpusa.zyns.com
Fingerprint43:A7:11:68:AB:B9:40:C1:1F:55:45:06:5A:23:27:80:18:44:5C:DC
ValidityMon, 05 Jun 2023 10:45:18 GMT - Sun, 03 Sep 2023 10:45:17 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	ADP, LLC

HTTP Headers

GET /static/media/proximanova-bold.6bce1cc1.woff HTTP/1.1
Host: adpusa.zyns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/ADP/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
content-type: text/html
content-length: 707
date: Wed, 07 Jun 2023 00:35:28 GMT
server: LiteSpeed
location: https://adpusa.zyns.com/ADP/
vary: User-Agent

online.adp.com/api/brand-service/v1/brands/image?productId=rdbx&imageId=poweredByADP-red.png

52.44.46.192

200 OK

6.4 kB

URL GET HTTP/1.1
online.adp.com/api/brand-service/v1/brands/image?productId=rdbx&imageId=poweredByADP-red.png
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
PNG image data, 165 x 111, 8-bit/color RGBA, non-interlaced\012- data
Size
6.4 kB (6381 bytes)
Hash
22f3f282f70e1e0f18a33c413b65da38
8d851ca48cf7b4dd4b87a4c06be30d86ac47cec0
cc087288a715d6c362464c2fa39eecf1a0be6687aa077d623f89bccd11302d93

HTTP Headers

GET /api/brand-service/v1/brands/image?productId=rdbx&imageId=poweredByADP-red.png HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Wed, 07 Jun 2023 00:35:28 GMT
content-type: image/png
content-length: 6381
strict-transport-security: max-age=15724800; includeSubDomains
x-powered-by: Express
etag: W/"18ed-jYUcpIz3tN1Lh6TAa+MNhqxHzsA"

wsv3cdn.audioeye.com/scripts/loader.js?d=online.adp.com&lang=en&cb=fc8000c

172.64.151.222

404 Not Found

29 B

URL GET HTTP/2
wsv3cdn.audioeye.com/scripts/loader.js?d=online.adp.com&lang=en&cb=fc8000c
IP
172.64.151.222:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEE:8B:07:1F:A3:E3:C1:17:AC:CF:C5:DE:FD:E0:83:D9:2E:B0:89:8A
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
29 B (29 bytes)
Hash
e8eacfe6d5c10c70b79875a1e49e70f4
406e1c098ed111fe1e5eb5aed29fbb3e5ab27163
8b3bc42630ce797308e3ad9ac29de81ae883fa51d646e0c84a1165b27646cffd

HTTP Headers

GET /scripts/loader.js?d=online.adp.com&lang=en&cb=fc8000c HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adpusa.zyns.com
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Wed, 07 Jun 2023 00:35:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 29
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34d0b539d6b500-OSL
X-Firefox-Spdy: h2

online.adp.com/nnlappsdk-8.0.0/iframe.jsp

52.44.46.192

200

542 B

URL GET HTTP/1.1
online.adp.com/nnlappsdk-8.0.0/iframe.jsp
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
542 B (542 bytes)
Hash
26f243397761314538051531e259145a
f1e66029c90dac18f07522032507da7b2af1972b
561b744bfd7622a94d4bbb21dbc9154a9a636e0aab8e19a9fe6f6f04e10a300a

HTTP Headers

GET /nnlappsdk-8.0.0/iframe.jsp HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
date: Wed, 07 Jun 2023 00:35:28 GMT
content-type: text/html;charset=UTF-8
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding, Accept-Encoding
cache-control: max-age=0, no-cache, no-store, must-revalidate
expires: Thu, 02 Dec 2017 06:41:12 GMT
content-encoding: gzip

online.adp.com/nnlappsdk-8.0.0/js/appsdk.js

52.44.46.192

200

26 kB

URL GET HTTP/1.1
online.adp.com/nnlappsdk-8.0.0/js/appsdk.js
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text
Size
26 kB (25945 bytes)
Hash
2a2af074efc372340f470f17b2486084
afdaa5bfbd90b2f2f6c5617091601050b15d6697
a97a65ee85cfaf4a08966bb8a2451a4aa76e314292519ceb809d5c7c4ac24c11

HTTP Headers

GET /nnlappsdk-8.0.0/js/appsdk.js HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
date: Wed, 07 Jun 2023 00:35:28 GMT
content-type: application/javascript
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-frame-options: DENY
x-content-type-options: nosniff
etag: W/"85434-1684040421205"
last-modified: Sun, 14 May 2023 05:00:21 GMT
content-encoding: gzip

wsv3cdn.audioeye.com/build/jquery.bundle.js?cb=fc8000c

172.64.151.222

404 Not Found

29 B

URL GET HTTP/2
wsv3cdn.audioeye.com/build/jquery.bundle.js?cb=fc8000c
IP
172.64.151.222:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEE:8B:07:1F:A3:E3:C1:17:AC:CF:C5:DE:FD:E0:83:D9:2E:B0:89:8A
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
29 B (29 bytes)
Hash
e8eacfe6d5c10c70b79875a1e49e70f4
406e1c098ed111fe1e5eb5aed29fbb3e5ab27163
8b3bc42630ce797308e3ad9ac29de81ae883fa51d646e0c84a1165b27646cffd

HTTP Headers

GET /build/jquery.bundle.js?cb=fc8000c HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 29
cf-cache-status: HIT
age: 1
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34d0ba49310b41-OSL
X-Firefox-Spdy: h2

wsv3cdn.audioeye.com/build/startup.bundle.js?cb=fc8000c

172.64.151.222

404 Not Found

29 B

URL GET HTTP/2
wsv3cdn.audioeye.com/build/startup.bundle.js?cb=fc8000c
IP
172.64.151.222:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEE:8B:07:1F:A3:E3:C1:17:AC:CF:C5:DE:FD:E0:83:D9:2E:B0:89:8A
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
29 B (29 bytes)
Hash
e8eacfe6d5c10c70b79875a1e49e70f4
406e1c098ed111fe1e5eb5aed29fbb3e5ab27163
8b3bc42630ce797308e3ad9ac29de81ae883fa51d646e0c84a1165b27646cffd

HTTP Headers

GET /build/startup.bundle.js?cb=fc8000c HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 29
cf-cache-status: HIT
age: 1
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34d0ba894f0b41-OSL
X-Firefox-Spdy: h2

online.adp.com/api/brand-service/v1/brands/image?productId=rdbx&imageId=background.jpg

52.44.46.192

200 OK

90 kB

URL GET HTTP/1.1
online.adp.com/api/brand-service/v1/brands/image?productId=rdbx&imageId=background.jpg
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2300x1528, components 3\012- data
Size
90 kB (89727 bytes)
Hash
845b193465b4329d5ababe4bb25265a3
6ddbad901b2057c32587a927b43b9a414a70b7af
88f6d5721640f988d73b7c754170fc9767c42433ead2fed06b89a643a86c9df5

HTTP Headers

GET /api/brand-service/v1/brands/image?productId=rdbx&imageId=background.jpg HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Wed, 07 Jun 2023 00:35:28 GMT
content-type: image/jpeg
content-length: 89727
strict-transport-security: max-age=15724800; includeSubDomains
x-powered-by: Express
etag: W/"15e7f-bdutkBsgV8Mlh6kntDuaQUpwt68"

adpusa.zyns.com/ADP/

15.204.162.181

200 OK

43 kB

URL GET HTTP/3
adpusa.zyns.com/ADP/
IP
15.204.162.181:443
ASN
#16276 OVH SAS

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerLet's Encrypt
Subjectadpusa.zyns.com
Fingerprint43:A7:11:68:AB:B9:40:C1:1F:55:45:06:5A:23:27:80:18:44:5C:DC
ValidityMon, 05 Jun 2023 10:45:18 GMT - Sun, 03 Sep 2023 10:45:17 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65065)
Size
43 kB (42672 bytes)
Hash
0d06099bf2b426a3e599219eb64d4843
3cbb3c501c48201124676b409d367ad05dca73a5
c5f90d59ca5f8dbcc13459182189991557fb2ae88954dac8a9f3404c380d56d8

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	ADP, LLC

HTTP Headers

GET /ADP/ HTTP/1.1
Host: adpusa.zyns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adpusa.zyns.com/ADP/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Wed, 07 Jun 2023 00:35:28 GMT
server: LiteSpeed

online.adp.com/nnlappsdk-8.0.0/js/iframe-utils.js

52.44.46.192

200

1.5 kB

URL GET HTTP/1.1
online.adp.com/nnlappsdk-8.0.0/js/iframe-utils.js
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text
Size
1.5 kB (1460 bytes)
Hash
259aeb186aa05c103234b9345d73ed03
a2ec5001287dd858710ce122f15e9ea23b67964f
53de306f72aa849f2d27dabfd06e389531714e81b3ebcf99e57e36e7a4a17b0a

HTTP Headers

GET /nnlappsdk-8.0.0/js/iframe-utils.js HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: application/javascript
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-frame-options: DENY
x-content-type-options: nosniff
etag: W/"4020-1684040499651"
last-modified: Sun, 14 May 2023 05:01:39 GMT
content-encoding: gzip

online.adp.com/nnlappsdk-8.0.0/js/iframe-metrics.js

52.44.46.192

200

768 B

URL GET HTTP/1.1
online.adp.com/nnlappsdk-8.0.0/js/iframe-metrics.js
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
768 B (768 bytes)
Hash
cf951ec270416f41a201fdde1d26bee2
0f19321d1e0a6090c5b91725b8e00080d9faca98
b1cbd3b872e492b90099bdbc53982c3fa93f323f9f4c604ecab9a681fa91dd83

HTTP Headers

GET /nnlappsdk-8.0.0/js/iframe-metrics.js HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: application/javascript
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-frame-options: DENY
x-content-type-options: nosniff
etag: W/"2324-1684040446017"
last-modified: Sun, 14 May 2023 05:00:46 GMT
content-encoding: gzip

wsv3cdn.audioeye.com/v2/build/startup.bundle.3fa2a6d.js

172.64.151.222

200 OK

118 kB

URL GET HTTP/2
wsv3cdn.audioeye.com/v2/build/startup.bundle.3fa2a6d.js
IP
172.64.151.222:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEE:8B:07:1F:A3:E3:C1:17:AC:CF:C5:DE:FD:E0:83:D9:2E:B0:89:8A
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65456)
Size
118 kB (118288 bytes)
Hash
3a536ebdff5546f7668b191d2cad86ec
95fc2797c6f960c0bda23710ec965b1ebc191533
37421f0ae4fd5dd45e8d2c6eb15d857acc32c2f5fa0f6d3e358425030207b5c5

HTTP Headers

GET /v2/build/startup.bundle.3fa2a6d.js HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 17:20:28 GMT
etag: W/"6476305c-6b180"
access-control-allow-origin: *
cf-cache-status: HIT
age: 3305
expires: Thu, 06 Jun 2024 00:35:29 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34d0ba49350b41-OSL
content-encoding: br
X-Firefox-Spdy: h2

online.adp.com/nnlappsdk-8.0.0/js/oob-rest.js

52.44.46.192

200

509 B

URL GET HTTP/1.1
online.adp.com/nnlappsdk-8.0.0/js/oob-rest.js
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text
Size
509 B (509 bytes)
Hash
366bd0d5783f61467031761bc8c1e3e9
be57d5024dc8f1371c77233c590ca3357adce52b
732f670be4b46c6729e3cdbfc07d89b10a6b234cdb7b74755fd241bcecc9ad00

HTTP Headers

GET /nnlappsdk-8.0.0/js/oob-rest.js HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: application/javascript
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-frame-options: DENY
x-content-type-options: nosniff
etag: W/"1681-1684040460591"
last-modified: Sun, 14 May 2023 05:01:00 GMT
content-encoding: gzip

online.adp.com/nnlappsdk-8.0.0/js/iframe-custom.js

52.44.46.192

200

4.2 kB

URL GET HTTP/1.1
online.adp.com/nnlappsdk-8.0.0/js/iframe-custom.js
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text
Size
4.2 kB (4235 bytes)
Hash
55261943568e6e64f2763efda82a079d
b414e19b876673991bfbe53ad27d10b7a95a8998
efdf415e3de9743705cf9748790543d1c83f81f983d21f7be809d54e39d78e99

HTTP Headers

GET /nnlappsdk-8.0.0/js/iframe-custom.js HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: application/javascript
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-frame-options: DENY
x-content-type-options: nosniff
etag: W/"23349-1684040500323"
last-modified: Sun, 14 May 2023 05:01:40 GMT
content-encoding: gzip

online.adp.com/nnlappsdk-8.0.0/js/utils.js

52.44.46.192

200

14 kB

URL GET HTTP/1.1
online.adp.com/nnlappsdk-8.0.0/js/utils.js
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
14 kB (14366 bytes)
Hash
2fa68dd31178e0e1bd50b71382d5e6da
7df9c9f260ac6f071e969a8e94abbbfee2f788b9
83cf0d21c234f01006ec7e1831508eea0cbb80584971ded5b962dd4267f2665c

HTTP Headers

GET /nnlappsdk-8.0.0/js/utils.js HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: application/javascript
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-frame-options: DENY
x-content-type-options: nosniff
etag: W/"46639-1684040461329"
last-modified: Sun, 14 May 2023 05:01:01 GMT
content-encoding: gzip

online.adp.com/nnlappsdk-8.0.0/webjars/jquery/3.5.1/jquery.min.js

52.44.46.192

200

37 kB

URL GET HTTP/1.1
online.adp.com/nnlappsdk-8.0.0/webjars/jquery/3.5.1/jquery.min.js
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65451)
Size
37 kB (36779 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /nnlappsdk-8.0.0/webjars/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: application/javascript
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-frame-options: DENY
x-content-type-options: nosniff
etag: W/"89476-1588743154000"
last-modified: Wed, 06 May 2020 05:32:34 GMT
content-encoding: gzip

wsv3cdn.audioeye.com/v2/build/smartrems.bundle.3fa2a6d.js

172.64.151.222

200 OK

46 kB

URL GET HTTP/2
wsv3cdn.audioeye.com/v2/build/smartrems.bundle.3fa2a6d.js
IP
172.64.151.222:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEE:8B:07:1F:A3:E3:C1:17:AC:CF:C5:DE:FD:E0:83:D9:2E:B0:89:8A
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
46 kB (45764 bytes)
Hash
f0a859cccda636fbd13cb4f927e0af5a
4fc37f012a6837e8de99d1aa240803c9e0f39ddb
d2ea3138e5edee8cd1f9b5fafcd394ed6aef1a1fbe037e8f379ba198f08f883c

HTTP Headers

GET /v2/build/smartrems.bundle.3fa2a6d.js HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 17:20:28 GMT
etag: W/"6476305c-21d5a"
access-control-allow-origin: *
cf-cache-status: HIT
age: 2978
expires: Thu, 06 Jun 2024 00:35:29 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34d0bcb9f40b41-OSL
content-encoding: br
X-Firefox-Spdy: h2

online.adp.com/nnlappsdk-8.0.0/js/iframe-default.js

52.44.46.192

200

1.8 kB

URL GET HTTP/1.1
online.adp.com/nnlappsdk-8.0.0/js/iframe-default.js
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text
Size
1.8 kB (1814 bytes)
Hash
2bb90732fa2b49e1bc7e343b94930dbd
a1382d0ce61fdd76e984478ab967526a36f76fac
a7a98aa232013d4af06b300c0c53346e65cd695997e2cbaedd48bd7308593d79

HTTP Headers

GET /nnlappsdk-8.0.0/js/iframe-default.js HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: application/javascript
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-frame-options: DENY
x-content-type-options: nosniff
etag: W/"5223-1684040400555"
last-modified: Sun, 14 May 2023 05:00:00 GMT
content-encoding: gzip

adpusa.zyns.com/ADP/

15.204.162.181

200 OK

66 kB

URL GET HTTP/3
adpusa.zyns.com/ADP/
IP
15.204.162.181:443
ASN
#16276 OVH SAS

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerLet's Encrypt
Subjectadpusa.zyns.com
Fingerprint43:A7:11:68:AB:B9:40:C1:1F:55:45:06:5A:23:27:80:18:44:5C:DC
ValidityMon, 05 Jun 2023 10:45:18 GMT - Sun, 03 Sep 2023 10:45:17 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65065)
Size
66 kB (65877 bytes)
Hash
0d06099bf2b426a3e599219eb64d4843
3cbb3c501c48201124676b409d367ad05dca73a5
c5f90d59ca5f8dbcc13459182189991557fb2ae88954dac8a9f3404c380d56d8

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	ADP, LLC

HTTP Headers

GET /ADP/ HTTP/1.1
Host: adpusa.zyns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adpusa.zyns.com/ADP/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Wed, 07 Jun 2023 00:35:29 GMT
server: LiteSpeed

online.adp.com/inc/js/lib/6a8f894227f41759348779077d1e5851.js?cache=AECrQpOIAQAAbm0B19-zOoywpvusSchb6JggxNPo9HnixoYw5vgjKz7P0L3K&X-zuY25QsG--z=q

52.44.46.192

200 OK

140 kB

URL GET HTTP/1.1
online.adp.com/inc/js/lib/6a8f894227f41759348779077d1e5851.js?cache=AECrQpOIAQAAbm0B19-zOoywpvusSchb6JggxNPo9HnixoYw5vgjKz7P0L3K&X-zuY25QsG--z=q
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
140 kB (139667 bytes)
Hash
d231ded6214ccb2706325aa46e0ce53e
0eb4d6181ef415bed90d918c8ef2afe4a8cfd776
ed874f496348dc08c0e4b57dbbf4e78186f56e2fc807ab6a457f75183e6ebe61

HTTP Headers

GET /inc/js/lib/6a8f894227f41759348779077d1e5851.js?cache=AECrQpOIAQAAbm0B19-zOoywpvusSchb6JggxNPo9HnixoYw5vgjKz7P0L3K&X-zuY25QsG--z=q HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: application/javascript; charset=UTF-8
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
x-ion-hop: 1
cache-control: public, max-age=3600, immutable
content-encoding: gzip
set-cookie: k8Ksj346=A22yR5OIAQAAYW6izr4Fx8FCJvLltox32ph5YwjZD2f_PUjmTO2TgKKkIRNZAVtaKpqcuNk0wH8AADQwAAAAAA|1|0|0f9e383b6fc11e39cd643b9ba11c411fa7a7ff62; Path=/; Max-Age=1577847600; Domain=adp.com

ocsp.r2m02.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b97c69e31c9d64eeb7298e7e634f6a14
ca8c790ce03d14d8f26b52c7cafab8d2c4ee4842
ef4643f21e12aff4af992efbfe437dfd27b8fa462a6fba0dd7af5ab8d708f6a8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 07 Jun 2023 00:35:29 GMT
Last-Modified: Wed, 07 Jun 2023 00:13:41 GMT
Server: ECAcc (nya/1C5C)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SVvqqn1hlz33D9vgqH53a4Yk3RTZGXM27DPj1ZOyeCYWVuhg-cRhWA==
Age: 1308

analytics.audioeye.com/air/v0/send

44.232.191.118

200 OK

0 B

URL POST HTTP/2
analytics.audioeye.com/air/v0/send
IP
44.232.191.118:443
ASN
#16509 AMAZON-02

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerAmazon
Subjectreport-prod.audioeye.com
Fingerprint9F:82:18:0B:5E:60:CF:4C:82:20:29:CF:EC:BB:B2:2D:FE:E7:A9:65
ValidityMon, 17 Oct 2022 00:00:00 GMT - Wed, 15 Nov 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /air/v0/send HTTP/1.1
Host: analytics.audioeye.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 224
Origin: https://adpusa.zyns.com
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Jun 2023 00:35:30 GMT
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

online.adp.com/nnlappsdk-8.0.0/js/iframe.js

52.44.46.192

200

1.4 kB

URL GET HTTP/1.1
online.adp.com/nnlappsdk-8.0.0/js/iframe.js
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text
Size
1.4 kB (1414 bytes)
Hash
0337a75dfc6d3b2e627f07e28f147188
33dc708871acc5381e6117609bcfc7696e96e0e0
d2bab07b33afe2692c6b2159484c4e2f34d4f03c4b2b0dd50ea6e162093ec60d

HTTP Headers

GET /nnlappsdk-8.0.0/js/iframe.js HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
date: Wed, 07 Jun 2023 00:35:30 GMT
content-type: application/javascript
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-frame-options: DENY
x-content-type-options: nosniff
etag: W/"3503-1684040491798"
last-modified: Sun, 14 May 2023 05:01:31 GMT
content-encoding: gzip

online.adp.com/nnlappsdk-8.0.0/js/metrics.js

52.44.46.192

200

4.3 kB

URL GET HTTP/1.1
online.adp.com/nnlappsdk-8.0.0/js/metrics.js
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
4.3 kB (4342 bytes)
Hash
ff874142e466218a1d077e897bc015a7
d125a0feae91d3311cdec52971be93d37ca97245
5594a1b411141c05793e9cd1ed3e1f31ffd94275ff277463f2d25619c1b3b577

HTTP Headers

GET /nnlappsdk-8.0.0/js/metrics.js HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
date: Wed, 07 Jun 2023 00:35:30 GMT
content-type: application/javascript
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-frame-options: DENY
x-content-type-options: nosniff
etag: W/"14765-1684040397736"
last-modified: Sun, 14 May 2023 04:59:57 GMT
content-encoding: gzip

adpusa.zyns.com/ADP/

15.204.162.181

200 OK

42 kB

URL GET HTTP/3
adpusa.zyns.com/ADP/
IP
15.204.162.181:443
ASN
#16276 OVH SAS

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerLet's Encrypt
Subjectadpusa.zyns.com
Fingerprint43:A7:11:68:AB:B9:40:C1:1F:55:45:06:5A:23:27:80:18:44:5C:DC
ValidityMon, 05 Jun 2023 10:45:18 GMT - Sun, 03 Sep 2023 10:45:17 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65065)
Size
42 kB (42133 bytes)
Hash
0d06099bf2b426a3e599219eb64d4843
3cbb3c501c48201124676b409d367ad05dca73a5
c5f90d59ca5f8dbcc13459182189991557fb2ae88954dac8a9f3404c380d56d8

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	ADP, LLC

HTTP Headers

GET /ADP/ HTTP/1.1
Host: adpusa.zyns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adpusa.zyns.com/ADP/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Wed, 07 Jun 2023 00:35:28 GMT
server: LiteSpeed

online.adp.com/nnlappsdk-8.0.0/html/utils.html

52.44.46.192

200

167 B

URL GET HTTP/1.1
online.adp.com/nnlappsdk-8.0.0/html/utils.html
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
exported SGML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
a838af9c285a9c9cbd5ef90e01771555
7d0b7a18cf471111ede9e83e48ebcdb52f8b817b
ef6b344e451f4668d4fdea28b99a8b6fd9a6f0408c6a9af126d57a96372ae1a3

HTTP Headers

GET /nnlappsdk-8.0.0/html/utils.html HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
date: Wed, 07 Jun 2023 00:35:30 GMT
content-type: text/html
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-frame-options: DENY
x-content-type-options: nosniff
etag: W/"301-1684040366137"
last-modified: Sun, 14 May 2023 04:59:26 GMT
content-encoding: gzip

online.adp.com/nnlappsdk-8.0.0/js/fido-client.js

52.44.46.192

200

4.8 kB

URL GET HTTP/1.1
online.adp.com/nnlappsdk-8.0.0/js/fido-client.js
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text
Size
4.8 kB (4781 bytes)
Hash
02e4d35d34a678a3232e7db9f0d089f2
38dd665f81728019bb8dc6023cac6f7adfeee011
7048a11bb2082fbf680eb178bc95775f7ec7aa21c2b42674c92a74fe9f881683

HTTP Headers

GET /nnlappsdk-8.0.0/js/fido-client.js HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
date: Wed, 07 Jun 2023 00:35:30 GMT
content-type: application/javascript
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-frame-options: DENY
x-content-type-options: nosniff
etag: W/"14338-1684040397736"
last-modified: Sun, 14 May 2023 04:59:57 GMT
content-encoding: gzip

adpusa.zyns.com/ADP/

15.204.162.181

200 OK

42 kB

URL GET HTTP/3
adpusa.zyns.com/ADP/
IP
15.204.162.181:443
ASN
#16276 OVH SAS

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerLet's Encrypt
Subjectadpusa.zyns.com
Fingerprint43:A7:11:68:AB:B9:40:C1:1F:55:45:06:5A:23:27:80:18:44:5C:DC
ValidityMon, 05 Jun 2023 10:45:18 GMT - Sun, 03 Sep 2023 10:45:17 GMT

File type
data
Size
42 kB (41596 bytes)
Hash
afbdc1a44c5a6619c679dd1e48f99a65
09b08b91aef43ed53a9e28738f7f7a47b712c31a
f305123fdfa6cd3083daac3ad12b9155f202487bf34efeed24455c1d907361e8

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	ADP, LLC

HTTP Headers

GET /ADP/ HTTP/1.1
Host: adpusa.zyns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adpusa.zyns.com/ADP/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Wed, 07 Jun 2023 00:35:28 GMT
server: LiteSpeed

online.adp.com/nnlappsdk-8.0.0/js/outcome.js

52.44.46.192

200

3.5 kB

URL GET HTTP/1.1
online.adp.com/nnlappsdk-8.0.0/js/outcome.js
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text
Size
3.5 kB (3505 bytes)
Hash
dacf5d5435e1eecdf4f7a0249f1cd9d9
0ac1ffea5491d186f9fb0ca2741853a90a96c135
fab34c78013b28d87cb8a83d66389feb49a7fc130858052fb6fefd651a42b86d

HTTP Headers

GET /nnlappsdk-8.0.0/js/outcome.js HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
date: Wed, 07 Jun 2023 00:35:30 GMT
content-type: application/javascript
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-frame-options: DENY
x-content-type-options: nosniff
etag: W/"14315-1684040491798"
last-modified: Sun, 14 May 2023 05:01:31 GMT
content-encoding: gzip

online.adp.com/nnlappsdk-8.0.0/html/registrations-list-ui.html

52.44.46.192

200

614 B

URL GET HTTP/1.1
online.adp.com/nnlappsdk-8.0.0/html/registrations-list-ui.html
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
exported SGML document, ASCII text, with CRLF line terminators
Size
614 B (614 bytes)
Hash
83ebbcfd719a1a1f88ea04f85e49ed2c
0a2f7f433d0dad9a58a4e7b231e25562ad9f69c3
9e9dda76315ea6af57e9cc6bb07fdcf7ed85c21444d7cea0b5cd8e410563577e

HTTP Headers

GET /nnlappsdk-8.0.0/html/registrations-list-ui.html HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
date: Wed, 07 Jun 2023 00:35:30 GMT
content-type: text/html
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-frame-options: DENY
x-content-type-options: nosniff
etag: W/"2037-1684040461217"
last-modified: Sun, 14 May 2023 05:01:01 GMT
content-encoding: gzip

online.adp.com/nnlappsdk-8.0.0/js/fido-method-ui.js

52.44.46.192

200

2.0 kB

URL GET HTTP/1.1
online.adp.com/nnlappsdk-8.0.0/js/fido-method-ui.js
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
2.0 kB (2036 bytes)
Hash
ed83ac799d7f19d00a3c3aa06f6a2ebb
096b4da8575059615bc03b41ce34e93c45438c24
fa7c822a259928fe475d30a98e2aabc6a98a25167b28693322cee38184dc136d

HTTP Headers

GET /nnlappsdk-8.0.0/js/fido-method-ui.js HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
date: Wed, 07 Jun 2023 00:35:30 GMT
content-type: application/javascript
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-frame-options: DENY
x-content-type-options: nosniff
etag: W/"5897-1684040421209"
last-modified: Sun, 14 May 2023 05:00:21 GMT
content-encoding: gzip

online.adp.com/nnlappsdk-8.0.0/html/oob-ui.html

52.44.46.192

200

270 B

URL GET HTTP/1.1
online.adp.com/nnlappsdk-8.0.0/html/oob-ui.html
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
270 B (270 bytes)
Hash
6e7ba6e1c23d33906268702d4a7bdceb
04bfd01003080f0dbeb697c664a96a9a486e589f
7b4b68b4473eb1f35e6c9fcb026374eec26010a24f050d0d140ea6f328cb5fb9

HTTP Headers

GET /nnlappsdk-8.0.0/html/oob-ui.html HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
date: Wed, 07 Jun 2023 00:35:30 GMT
content-type: text/html
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-frame-options: DENY
x-content-type-options: nosniff
etag: W/"639-1684040460563"
last-modified: Sun, 14 May 2023 05:01:00 GMT
content-encoding: gzip

wsv3cdn.audioeye.com/v2/build/jquery.bundle.3fa2a6d.js

172.64.151.222

200 OK

98 kB

URL GET HTTP/2
wsv3cdn.audioeye.com/v2/build/jquery.bundle.3fa2a6d.js
IP
172.64.151.222:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEE:8B:07:1F:A3:E3:C1:17:AC:CF:C5:DE:FD:E0:83:D9:2E:B0:89:8A
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type

Size
98 kB (97674 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v2/build/jquery.bundle.3fa2a6d.js HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 17:20:28 GMT
etag: W/"6476305c-17d8a"
access-control-allow-origin: *
cf-cache-status: HIT
age: 3305
expires: Thu, 06 Jun 2024 00:35:29 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34d0ba49340b41-OSL
content-encoding: br
X-Firefox-Spdy: h2

wsv3cdn.audioeye.com/v2/build/5121.bundle.3fa2a6d.js

172.64.151.222

200 OK

382 B

URL GET HTTP/2
wsv3cdn.audioeye.com/v2/build/5121.bundle.3fa2a6d.js
IP
172.64.151.222:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEE:8B:07:1F:A3:E3:C1:17:AC:CF:C5:DE:FD:E0:83:D9:2E:B0:89:8A
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (400), with no line terminators
Size
382 B (382 bytes)
Hash
9e8cec962bcd8aada36d3cbce5c27cea
82d30c3b3e578d02ac706ec60b2a112970a04379
40c8f477fc470603f0a453ff081d1a545b6954e372c2880ae338092157f31d3e

HTTP Headers

GET /v2/build/5121.bundle.3fa2a6d.js HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 17:20:28 GMT
etag: W/"6476305c-17e"
access-control-allow-origin: *
cf-cache-status: HIT
age: 2985
expires: Thu, 06 Jun 2024 00:35:29 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34d0bd2a200b41-OSL
content-encoding: br
X-Firefox-Spdy: h2

online.adp.com/nnlappsdk-8.0.0/css/nnlsdk.css

52.44.46.192

200

8.5 kB

URL GET HTTP/1.1
online.adp.com/nnlappsdk-8.0.0/css/nnlsdk.css
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text, with very long lines (9566), with no line terminators
Size
8.5 kB (8503 bytes)
Hash
55bc366c87c32d6b441bea05a586a5e2
becb8bd3fe843bac75e88067a06eac609a87487a
9062431ecdac24255e2daa70619a78feee04e9961649a78c423c0c68e2f1bc6c

HTTP Headers

GET /nnlappsdk-8.0.0/css/nnlsdk.css HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
date: Wed, 07 Jun 2023 00:35:30 GMT
content-type: text/css
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
etag: W/"8503-1684040441767"
last-modified: Sun, 14 May 2023 05:00:41 GMT
content-encoding: gzip

storage.glancecdn.net/cobrowse/js/GlanceCobrowseLoader_5.8.2M.js

54.230.111.114

200 OK

12 kB

URL GET HTTP/2
storage.glancecdn.net/cobrowse/js/GlanceCobrowseLoader_5.8.2M.js
IP
54.230.111.114:443
ASN
#16509 AMAZON-02

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerDigiCert Inc
Subject*.glancecdn.net
Fingerprint39:C5:84:26:01:E7:91:9A:1D:F8:E5:9E:8F:94:90:38:81:CA:B4:32
ValidityThu, 25 May 2023 00:00:00 GMT - Thu, 13 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (930)
Size
12 kB (11832 bytes)
Hash
cae412f433319b367d836e9d18942301
3d37b9db080ffe39c5467cf3542158bedcf7a196
c419b9c22cfa6d7f0b5afcecd7f1c6c6506d4371d6a78de03a1d6ffb86df7b65

HTTP Headers

GET /cobrowse/js/GlanceCobrowseLoader_5.8.2M.js HTTP/1.1
Host: storage.glancecdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adpusa.zyns.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Thu, 26 Jan 2023 09:51:52 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
x-amz-replication-status: COMPLETED
last-modified: Thu, 10 Nov 2022 17:11:08 GMT
etag: W/"cae412f433319b367d836e9d18942301"
cache-control: public, max-age=31556926
x-amz-version-id: B45UBg74pvAM1foKHXz9OuqrFmgTdOw0
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XTimfDF4qw5IAzKkExDo-2Gn0sqgyNHt7xkm32I1wsdiX5PlVlo7MA==
age: 11371417
X-Firefox-Spdy: h2

wsv3cdn.audioeye.com/v2/build/compliance.bundle.3fa2a6d.js

172.64.151.222

200 OK

155 kB

URL GET HTTP/2
wsv3cdn.audioeye.com/v2/build/compliance.bundle.3fa2a6d.js
IP
172.64.151.222:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEE:8B:07:1F:A3:E3:C1:17:AC:CF:C5:DE:FD:E0:83:D9:2E:B0:89:8A
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type

Size
155 kB (154690 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v2/build/compliance.bundle.3fa2a6d.js HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 07 Jun 2023 00:35:32 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 17:20:28 GMT
etag: W/"6476305c-25c42"
access-control-allow-origin: *
cf-cache-status: HIT
age: 2978
expires: Thu, 06 Jun 2024 00:35:32 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34d0cfdfda0b41-OSL
content-encoding: br
X-Firefox-Spdy: h2

wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=3fa2a6d

172.64.151.222

200 OK

92 B

URL GET HTTP/2
wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=3fa2a6d
IP
172.64.151.222:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEE:8B:07:1F:A3:E3:C1:17:AC:CF:C5:DE:FD:E0:83:D9:2E:B0:89:8A
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
92 B (92 bytes)
Hash
b89ed9eb03721fd0b4336ef9e5a79cc4
0b045adfefcc9ac8c0ab2d0715fe6a46558ee687
07f3f7f99cd18fe116fdc53b0e9f024b8835ae854ad836e050ae9c2ea8e13a18

HTTP Headers

GET /v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=3fa2a6d HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=365000000, immutable
last-modified: Tue, 30 May 2023 17:21:20 GMT
cf-cache-status: HIT
age: 630817
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34d0bd1a140b41-OSL
content-encoding: br
X-Firefox-Spdy: h2

wsv3cdn.audioeye.com/v2/scripts/loader.js?h=52efded7263d54aeb85806644ce63802&lang=en&cb=3fa2a6d

172.64.151.222

200 OK

48 kB

URL GET HTTP/2
wsv3cdn.audioeye.com/v2/scripts/loader.js?h=52efded7263d54aeb85806644ce63802&lang=en&cb=3fa2a6d
IP
172.64.151.222:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEE:8B:07:1F:A3:E3:C1:17:AC:CF:C5:DE:FD:E0:83:D9:2E:B0:89:8A
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (27861)
Size
48 kB (48269 bytes)
Hash
51a1a8e899e1533bf36e1a76d2d6cf81
33f2a3dbd887a67aed6f6052986c60beb093940d
a4038c123f91d8b6f5e25752da8c079443758863b2935a8a7ec12017ccfa4d9a

HTTP Headers

GET /v2/scripts/loader.js?h=52efded7263d54aeb85806644ce63802&lang=en&cb=3fa2a6d HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adpusa.zyns.com
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60, s-maxage=7200, max-stale=86400, stale-while-revalidate=86400, public
surrogate-key: prod 52efded7263d54aeb85806644ce63802 3fa2a6d
last-modified: Tue, 06 Jun 2023 23:42:23 GMT
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34d0ba4cf1b500-OSL
content-encoding: br
X-Firefox-Spdy: h2

online.adp.com/nnlappsdk-8.0.0/js/oob-ui.js

52.44.46.192

200

7.7 kB

URL GET HTTP/1.1
online.adp.com/nnlappsdk-8.0.0/js/oob-ui.js
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text, with very long lines (8427), with no line terminators
Size
7.7 kB (7705 bytes)
Hash
f9f3ac4f34932f0be91c53ddb665d263
27b10ed890c0f488bb718b60a13ad815be10e155
1539d574956ef04b516208725ec0fdad8ae53dd28ddbcf46b1190d20cb80b905

HTTP Headers

GET /nnlappsdk-8.0.0/js/oob-ui.js HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
date: Wed, 07 Jun 2023 00:35:30 GMT
content-type: application/javascript
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-frame-options: DENY
x-content-type-options: nosniff
etag: W/"7705-1684040366181"
last-modified: Sun, 14 May 2023 04:59:26 GMT
content-encoding: gzip

wsv3cdn.audioeye.com/v2/build/874.bundle.3fa2a6d.js

172.64.151.222

200 OK

193 B

URL GET HTTP/2
wsv3cdn.audioeye.com/v2/build/874.bundle.3fa2a6d.js
IP
172.64.151.222:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEE:8B:07:1F:A3:E3:C1:17:AC:CF:C5:DE:FD:E0:83:D9:2E:B0:89:8A
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
193 B (193 bytes)
Hash
aec9cc058b42d8eba2f8448d937a0bd4
0d93fb7caa5e55742aedb8f0aaa1cc04d72a4bbd
716d1649f39cbd3dea0ebbff07036b4f6f59d6f2ab71f3ee1e91f54724e73f74

HTTP Headers

GET /v2/build/874.bundle.3fa2a6d.js HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 17:20:28 GMT
etag: W/"6476305c-c1"
access-control-allow-origin: *
cf-cache-status: HIT
age: 2984
expires: Thu, 06 Jun 2024 00:35:29 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34d0bd3a230b41-OSL
content-encoding: br
X-Firefox-Spdy: h2

ws.audioeye.com/ae.js

172.64.151.222

200 OK

1.0 kB

URL GET HTTP/2
ws.audioeye.com/ae.js
IP
172.64.151.222:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint41:85:5F:E6:C4:98:25:0E:56:4F:3D:90:D3:01:08:FF:AB:B0:2F:D5
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1068), with no line terminators
Size
1.0 kB (1020 bytes)
Hash
2183eb89ebc92535b3b5080d018f69e7
d664353a40b8439bfbdde04cf0bbcd84fc523a31
3c8ce21442faeae06843628c5619a00b6eb37397482baeb19e01bcf04be1954c

HTTP Headers

GET /ae.js HTTP/1.1
Host: ws.audioeye.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 07 Jun 2023 00:35:28 GMT
content-type: application/javascript; charset=UTF-8
etag: W/"c5f5d23dbd841fb0868078e4bfbbd713"
cache-control: max-age=3600
cache-tags: 
surrogate-keys: 
cf-cache-status: HIT
age: 197
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34d0b54ddc1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2

online.adp.com/inc/js/lib/6a8f894227f41759348779077d1e5851.js

52.44.46.192

200 OK

1.0 kB

URL GET HTTP/1.1
online.adp.com/inc/js/lib/6a8f894227f41759348779077d1e5851.js
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text, with very long lines (1046), with no line terminators
Size
1.0 kB (1016 bytes)
Hash
f1725256a07fb21b53bbfcb19ffddff6
ed8fe98872fff511fa4dbf591b2eb142ed092819
f83593d0d8f9e5f4e638c99ba0877cb72439c94eea19c2c98b4afdd03ed640e4

HTTP Headers

GET /inc/js/lib/6a8f894227f41759348779077d1e5851.js HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: application/javascript; charset=UTF-8
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
x-ion-hop: 1
expires: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-encoding: gzip
set-cookie: k8Ksj346=A02xR5OIAQAAfWbW_WLdXYQ-Btli5xXUeiHCNQgrs6jL9JzR5BU63hvjtGGrAVtaKpqcuNk0wH8AADQwAAAAAA|1|0|ec28b11216d2a3aa86a22c98be0c393c5076aeec; Path=/; Max-Age=1577847600; Domain=adp.com

wsv3cdn.audioeye.com/bootstrap.js?d=adpusa.zyns.com

172.64.151.222

200 OK

44 kB

URL GET HTTP/2
wsv3cdn.audioeye.com/bootstrap.js?d=adpusa.zyns.com
IP
172.64.151.222:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEE:8B:07:1F:A3:E3:C1:17:AC:CF:C5:DE:FD:E0:83:D9:2E:B0:89:8A
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type

Size
44 kB (44451 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bootstrap.js?d=adpusa.zyns.com HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: application/javascript; charset=UTF-8
etag: W/"4b3e140220aa284b0af8d8cb46fafc9e"
cache-control: max-age=120
cache-tags: adpusa.zyns.com
surrogate-keys: adpusa.zyns.com
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34d0bb49830b41-OSL
content-encoding: br
X-Firefox-Spdy: h2

ws.audioeye.com/ae.js

172.64.151.222

200 OK

1.0 kB

URL GET HTTP/2
ws.audioeye.com/ae.js
IP
172.64.151.222:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint41:85:5F:E6:C4:98:25:0E:56:4F:3D:90:D3:01:08:FF:AB:B0:2F:D5
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1068), with no line terminators
Size
1.0 kB (1020 bytes)
Hash
2183eb89ebc92535b3b5080d018f69e7
d664353a40b8439bfbdde04cf0bbcd84fc523a31
3c8ce21442faeae06843628c5619a00b6eb37397482baeb19e01bcf04be1954c

HTTP Headers

GET /ae.js HTTP/1.1
Host: ws.audioeye.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 07 Jun 2023 00:35:30 GMT
content-type: application/javascript; charset=UTF-8
etag: W/"c5f5d23dbd841fb0868078e4bfbbd713"
cache-control: max-age=3600
cache-tags: 
surrogate-keys: 
cf-cache-status: HIT
age: 199
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34d0c1ba8e1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2

online.adp.com/nnlappsdk-8.0.0/webjars/requirejs/2.3.6/require.js

52.44.46.192

200

86 kB

URL GET HTTP/1.1
online.adp.com/nnlappsdk-8.0.0/webjars/requirejs/2.3.6/require.js
IP
52.44.46.192:443
ASN
#14618 AMAZON-AES

Requested by
https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Certificate
IssuerDigiCert Inc
Subjectonline.adp.com
FingerprintFA:71:B8:94:EE:F9:C9:EF:A8:C9:33:A1:DE:51:DC:43:22:E2:76:83
ValidityMon, 03 Oct 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text
Size
86 kB (86483 bytes)
Hash
f0cc8bbb2fcef87fc194fecbb632fcfa
33bc97e78f4905e72b4c1eb2ca0a4662588443e3
9485f0917f97fcf4f63a5ea365200ffd57f123f451382a2f9a1ad2e2fd51ac9b

HTTP Headers

GET /nnlappsdk-8.0.0/webjars/requirejs/2.3.6/require.js HTTP/1.1
Host: online.adp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://online.adp.com/nnlappsdk-8.0.0/iframe.jsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: application/javascript
transfer-encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-frame-options: DENY
x-content-type-options: nosniff
etag: W/"86483-1542000072000"
last-modified: Mon, 12 Nov 2018 05:21:12 GMT
content-encoding: gzip

wsv3cdn.audioeye.com/frame/cookieStorage.html?build=prod&pscb=

172.64.151.222

200 OK

1.1 kB

URL GET HTTP/2
wsv3cdn.audioeye.com/frame/cookieStorage.html?build=prod&pscb=
IP
172.64.151.222:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEE:8B:07:1F:A3:E3:C1:17:AC:CF:C5:DE:FD:E0:83:D9:2E:B0:89:8A
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1208), with no line terminators
Size
1.1 kB (1122 bytes)
Hash
93597c5e9b26bf8b2fd7bb799ca459ea
2567e3f2bd8b1b8c0f7d6d9f9a013e0d5d0af18b
08afafeb2bd46a161659bbd21f18fc83ed84b3f5209c96da75fca2fc7a51cac8

HTTP Headers

GET /frame/cookieStorage.html?build=prod&pscb= HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=365000000, immutable
vary: Accept-Encoding
last-modified: Thu, 14 Apr 2022 20:20:56 GMT
cf-cache-status: HIT
age: 10766
server: cloudflare
cf-ray: 7d34d0baf96f0b41-OSL
content-encoding: br
X-Firefox-Spdy: h2

wsv3cdn.audioeye.com/v2/build/3772.bundle.3fa2a6d.js

172.64.151.222

200 OK

480 B

URL GET HTTP/2
wsv3cdn.audioeye.com/v2/build/3772.bundle.3fa2a6d.js
IP
172.64.151.222:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEE:8B:07:1F:A3:E3:C1:17:AC:CF:C5:DE:FD:E0:83:D9:2E:B0:89:8A
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (522), with no line terminators
Size
480 B (480 bytes)
Hash
77d77972457cc321dcffb36a7a825c19
86e192fce522b43b843bc8d2a471b8fd033616a5
758b9b328bf659b388a4acc07bb017434b86b0c1c40c78cc9de27762187b060a

HTTP Headers

GET /v2/build/3772.bundle.3fa2a6d.js HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 07 Jun 2023 00:35:29 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 17:20:28 GMT
etag: W/"6476305c-1e0"
access-control-allow-origin: *
cf-cache-status: HIT
age: 2985
expires: Thu, 06 Jun 2024 00:35:29 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34d0bd2a1f0b41-OSL
content-encoding: br
X-Firefox-Spdy: h2

wsv3cdn.audioeye.com/bootstrap.js?d=online.adp.com

172.64.151.222

200 OK

45 kB

URL GET HTTP/2
wsv3cdn.audioeye.com/bootstrap.js?d=online.adp.com
IP
172.64.151.222:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEE:8B:07:1F:A3:E3:C1:17:AC:CF:C5:DE:FD:E0:83:D9:2E:B0:89:8A
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type

Size
45 kB (44785 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bootstrap.js?d=online.adp.com HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adpusa.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 07 Jun 2023 00:35:28 GMT
content-type: application/javascript; charset=UTF-8
etag: W/"4160b77776bfd0c912b71ebfece30be7"
cache-control: max-age=120
cache-tags: online.adp.com
surrogate-keys: online.adp.com
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34d0b53fad0b41-OSL
content-encoding: br
X-Firefox-Spdy: h2

storage.glancecdn.net/cobrowse/js/GlanceCobrowseLoader_5.8.2M.js

54.230.111.114

200 OK

12 kB

URL GET HTTP/2
storage.glancecdn.net/cobrowse/js/GlanceCobrowseLoader_5.8.2M.js
IP
54.230.111.114:443
ASN
#16509 AMAZON-02

Requested by
https://adpusa.zyns.com/ADP/
Certificate
IssuerDigiCert Inc
Subject*.glancecdn.net
Fingerprint39:C5:84:26:01:E7:91:9A:1D:F8:E5:9E:8F:94:90:38:81:CA:B4:32
ValidityThu, 25 May 2023 00:00:00 GMT - Thu, 13 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (930)
Size
12 kB (11832 bytes)
Hash
cae412f433319b367d836e9d18942301
3d37b9db080ffe39c5467cf3542158bedcf7a196
c419b9c22cfa6d7f0b5afcecd7f1c6c6506d4371d6a78de03a1d6ffb86df7b65

HTTP Headers

GET /cobrowse/js/GlanceCobrowseLoader_5.8.2M.js HTTP/1.1
Host: storage.glancecdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adpusa.zyns.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Thu, 26 Jan 2023 09:51:52 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
x-amz-replication-status: COMPLETED
last-modified: Thu, 10 Nov 2022 17:11:08 GMT
etag: W/"cae412f433319b367d836e9d18942301"
cache-control: public, max-age=31556926
x-amz-version-id: B45UBg74pvAM1foKHXz9OuqrFmgTdOw0
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UqkHpC-egs82bhbajTtq8nL55RnGOABu3hYLO7X0QiYUoveEaYumJA==
age: 11371417
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (54)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML