Submitted URL: https://dt.hrandpayrollmailer.com/t/click/OTA1NzU2LzUxMTA2Nzk3Ny8xODY0MzcxNy80ODQ5M2VlY2UwNzI0OTQyZDY4YzE5N2MzYjczMWI2ZQ==
Effective URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=e...
Submission: On September 22 via api from US — Scanned from DE

Summary

This website contacted 15 IPs in 2 countries across 13 domains to perform 108 HTTP transactions. The main IP is 52.0.214.116, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.hrandpayroll.com.
TLS certificate: Issued by R3 on September 5th 2021. Valid for: 3 months.
This is the only time www.hrandpayroll.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.21.75.51 13335 (CLOUDFLAR...)
9 52.0.214.116 14618 (AMAZON-AES)
45 143.204.101.179 16509 (AMAZON-02)
1 151.101.2.110 54113 (FASTLY)
3 143.204.98.61 16509 (AMAZON-02)
4 142.250.186.74 15169 (GOOGLE)
27 104.22.24.131 13335 (CLOUDFLAR...)
4 142.250.186.78 15169 (GOOGLE)
2 151.101.64.176 54113 (FASTLY)
5 142.250.185.195 15169 (GOOGLE)
1 54.186.23.98 16509 (AMAZON-02)
1 54.186.42.192 16509 (AMAZON-02)
2 172.67.38.66 13335 (CLOUDFLAR...)
2 13.32.121.85 16509 (AMAZON-02)
1 74.125.71.155 15169 (GOOGLE)
1 151.101.193.229 54113 (FASTLY)
108 15
Domain Requested by
45 d36ai2hkxl16us.cloudfront.net www.hrandpayroll.com
d36ai2hkxl16us.cloudfront.net
22 embed.tawk.to www.hrandpayroll.com
embed.tawk.to
9 www.hrandpayroll.com www.hrandpayroll.com
d36ai2hkxl16us.cloudfront.net
5 fonts.gstatic.com fonts.googleapis.com
4 vsb100.tawk.to embed.tawk.to
4 www.google-analytics.com www.hrandpayroll.com
www.google-analytics.com
4 fonts.googleapis.com www.hrandpayroll.com
embed.tawk.to
3 va.tawk.to embed.tawk.to
3 js.stripe.com www.hrandpayroll.com
js.stripe.com
2 f7imwt1lmg.execute-api.us-east-1.amazonaws.com d36ai2hkxl16us.cloudfront.net
2 m.stripe.network js.stripe.com
m.stripe.network
1 cdn.jsdelivr.net embed.tawk.to
1 stats.g.doubleclick.net www.google-analytics.com
1 m.stripe.com m.stripe.network
1 q.stripe.com www.hrandpayroll.com
1 fast.wistia.com www.hrandpayroll.com
1 dt.hrandpayrollmailer.com 1 redirects
108 17

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.pinterest.com
www.thoughtindustries.com
Subject Issuer Validity Valid
www.hrandpayroll.com
R3
2021-09-05 -
2021-12-04
3 months crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-03-22 -
2022-04-23
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2021-07-09 -
2021-11-03
4 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-08-30 -
2021-11-22
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-28 -
2022-06-27
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.stripe.com
DigiCert SHA2 Secure Server CA
2021-09-08 -
2022-09-07
a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-13 -
2021-11-03
4 months crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon
2020-10-27 -
2021-11-26
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020
2021-04-30 -
2022-06-01
a year crt.sh

This page contains 7 frames:

Primary Page: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Frame ID: 5150498CD71278F91A0A6FAF4C2448CE
Requests: 91 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
Frame ID: F456DD2D61276BFFC47C5191820025DF
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 98B4E4CD924C5F35E220116AF0A59316
Requests: 4 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/61483167bf6/css/min-widget.css
Frame ID: 2F6810E281F0D50AA9561B0882FE5D1B
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/61483167bf6/css/message-preview.css
Frame ID: 82472133BF7D163D61CFE2A495032539
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/61483167bf6/css/bubble-widget.css
Frame ID: 25933E55F9552064EE6843AFB0B3432C
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/61483167bf6/css/max-widget.css
Frame ID: FBA61E4381B85B4B7658B06CF49DCCD8
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://dt.hrandpayrollmailer.com/t/click/OTA1NzU2LzUxMTA2Nzk3Ny8xODY0MzcxNy80ODQ5M2VlY2UwNzI0OTQyZDY4YzE5N2Mz... HTTP 302
    https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

108
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

17
Subdomains

15
IPs

2
Countries

2261 kB
Transfer

8152 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dt.hrandpayrollmailer.com/t/click/OTA1NzU2LzUxMTA2Nzk3Ny8xODY0MzcxNy80ODQ5M2VlY2UwNzI0OTQyZDY4YzE5N2MzYjczMWI2ZQ== HTTP 302
    https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

108 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
www.hrandpayroll.com/courses/
Redirect Chain
  • https://dt.hrandpayrollmailer.com/t/click/OTA1NzU2LzUxMTA2Nzk3Ny8xODY0MzcxNy80ODQ5M2VlY2UwNzI0OTQyZDY4YzE5N2MzYjczMWI2ZQ==
  • https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
57 KB
15 KB
Document
General
Full URL
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.0.214.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-214-116.compute-1.amazonaws.com
Software
/
Resource Hash
2605cd2f9a2e600ef8dd70a820c53784c920511b26189275b4efd4d57ed2bb67
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.hrandpayroll.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Vary
Accept-Encoding
x-ua-compatible
IE=Edge,chrome=1
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=604800
X-Frame-Options
SAMEORIGIN
nonce
a1ycl8ofti6fom3gey5aeu6y
Set-Cookie
csrf-token=dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0; path=/; secure; httponly csrf-token.sig=riHNR7nOsc_Kd9q6pXNGfjA6XbU; path=/; secure; httponly visitId=0.3640069211761843; path=/; expires=Wed, 22 Sep 2021 16:52:44 GMT koa.sess=eyJzZWNyZXQiOiI2Unl2Qk8wU3pwRzVlYi0wS3A0aFhlY1ciLCJfZXhwaXJlIjoxNjMyNDE0MTY0OTQ4LCJfbWF4QWdlIjo4NjQwMDAwMH0=; path=/; secure; httponly koa.sess.sig=rR5zd6B7fLTyP_ZkVmoc91gXUM4; path=/; secure; httponly
csrfToken
dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0
Content-Type
text/html; charset=utf-8
Content-Encoding
br
Date
Wed, 22 Sep 2021 16:22:45 GMT
Transfer-Encoding
chunked

Redirect headers

date
Wed, 22 Sep 2021 16:22:44 GMT
content-type
text/html; charset=UTF-8
location
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
x-server
anime1
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oc1y7WfJMj1BDm1KGf0w%2BMRx1U7DkcV8BrZkfPTV0hvNhVRTQkh2KJw7oiikPDCzpJi0Sgh6jKk22r68WnO%2BGUU1UHhdBYkj7QXGZRfXuUco63bbT2PbGyOua33hIyosGJmaoVkx8HqFP01n"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
692cdfae9cfa277c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
6800-6bd77394ae4e2b569b73.css
d36ai2hkxl16us.cloudfront.net/v3/dist/
695 KB
113 KB
Stylesheet
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/6800-6bd77394ae4e2b569b73.css
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00b6b79bf0bd879c4c226f64ad36e7363b228efcac141b613ade128c7fd71afc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 19:14:05 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 17:25:02 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:0e6a6549aef0c3d03cc9d2f7c681e689
age
76121
etag
W/"0e6a6549aef0c3d03cc9d2f7c681e689"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
text/css; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
pkpRFai-kQmpYx2cVPsRgaoyoUPlMk4MeCTwBBJeXHVna-WkAXj97Q==
1412-de18e4ae8d25b9d0d15c.css
d36ai2hkxl16us.cloudfront.net/v3/dist/
7 KB
2 KB
Stylesheet
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/1412-de18e4ae8d25b9d0d15c.css
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49602d801eaa91a5bd55a764c0692f97ce4273f71bc552a2ac4952e5b8628df5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 19:14:05 GMT
content-encoding
gzip
last-modified
Thu, 16 Sep 2021 00:42:03 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:02af5af5f8a1a4108e2fe1e86ff0a5e8
age
76121
etag
W/"02af5af5f8a1a4108e2fe1e86ff0a5e8"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
text/css; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
1vmqnsYIzyGy38zO44f0FUV-5TZQ3ToQVuLZTujg0toq7dNx2kpKdQ==
7f70b6a0-3ce8-4775-bc3e-c5befada0e1b--1920c7a855--v2.css
www.hrandpayroll.com/appearance/company/
1 KB
1 KB
Stylesheet
General
Full URL
https://www.hrandpayroll.com/appearance/company/7f70b6a0-3ce8-4775-bc3e-c5befada0e1b--1920c7a855--v2.css
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.0.214.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-214-116.compute-1.amazonaws.com
Software
/
Resource Hash
a3ddad0d85359172655db65676f5881f77cea8a0b7fe236d6cf2ab3c5d8bc4de
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.hrandpayroll.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Cookie
csrf-token=dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0; csrf-token.sig=riHNR7nOsc_Kd9q6pXNGfjA6XbU; visitId=0.3640069211761843; koa.sess=eyJzZWNyZXQiOiI2Unl2Qk8wU3pwRzVlYi0wS3A0aFhlY1ciLCJfZXhwaXJlIjoxNjMyNDE0MTY0OTQ4LCJfbWF4QWdlIjo4NjQwMDAwMH0=; koa.sess.sig=rR5zd6B7fLTyP_ZkVmoc91gXUM4
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Content-Encoding
br
X-Content-Type-Options
nosniff
nonce
dpp9hgkx18i5ga2bjxh8j3d4
csrfToken
dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0
Date
Wed, 22 Sep 2021 16:22:45 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
vendor.gulp.bundle.84a1729d.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
1 MB
290 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.84a1729d.js
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e64ab45cb57337d36b6ad4fc7fc3e64befdfa65474f043193c05aa8d26de53a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 14:22:58 GMT
content-encoding
gzip
last-modified
Fri, 03 Sep 2021 13:53:05 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:84a1729dd4d80f97f94f1d79a31c4e2d
age
1130388
etag
W/"84a1729dd4d80f97f94f1d79a31c4e2d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
fJwBF0g_P0Yj92z8djxJbCfflItuphTZSptjcrGTXhR5eIXp5oLrBg==
E-v1.js
fast.wistia.com/assets/external/
611 KB
116 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.110 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1a4b43fb07ad99458a8b4ae92ad50181ae3dab6be26dfcc32a91b7d1a821c364
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:22:45 GMT
content-encoding
br
vary
Accept-Encoding
age
1146
x-cache
HIT, HIT
content-length
117866
x-served-by
cache-dca17735-DCA, cache-hhn4020-HHN
access-control-allow-origin
*
x-browser-version
93
last-modified
Wed, 22 Sep 2021 13:48:34 GMT
x-timer
S1632327765.330649,VS0,VE0
etag
"614b3432-1cc6a"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 248
/
js.stripe.com/v3/
252 KB
67 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-61.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4092796ebf4b0ae48fca6e95f64ba8514ee39e12f39a320b8681a12847816515
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:22:13 GMT
content-encoding
gzip
vary
Accept-Encoding
age
33
x-cache
Hit from cloudfront
x-edge-origin-shield-skipped
0
x-amz-request-id
60NW2912AWDWBFZG
x-amz-id-2
iT58S83UUS/5nZ8FTEAkKlASmgL8islUtCCvKLU6nID/+8ii1I+FkP8dkcWZYC1PAAyGLpzrX10=
access-control-allow-origin
*
last-modified
Tue, 21 Sep 2021 01:11:52 GMT
server
AmazonS3
etag
W/"a1463552944321c59222c0605b762be4"
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control
max-age=60
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
fgZOfFj1lI2yfEYKw95Hf5tk2cxrfMs-5RtVMuLQeAsC4WSj3S5xSA==
4919-907d4b879c412cdccc70.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
324 KB
97 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/4919-907d4b879c412cdccc70.bundle.js
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93ad73f4f1106c621eb1be25a212eeea22579eb174029a121ec3fdfda5873f9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:22:54 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 19:21:31 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:42b17bbf825793f234f1077ea642b36b
age
676792
etag
W/"42b17bbf825793f234f1077ea642b36b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
L6OLBR_VCkCND_FBZbFB1LKo5RJ-JxcS180gVxBWoJVOELizaIcexQ==
1412-df73cdfcd48d6b9e8bd4.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
102 B
514 B
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/1412-df73cdfcd48d6b9e8bd4.bundle.js
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b24b5d0312cc95f04b1c6175d126943adc16bfee3584ea11026193a7504e713

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 01:03:53 GMT
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jul 2021 17:52:57 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:dbf1d68f372ebb4fcf7a4e14e55ac43a
age
1696733
etag
"dbf1d68f372ebb4fcf7a4e14e55ac43a"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
102
x-amz-cf-id
PeP0f0qXZOVHHz9rWYz80W-G-q0ohmSgch0pjhK2ANeGG5nti5MS4Q==
6800-c947e003a81a9d0e26b5.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
343 KB
63 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/6800-c947e003a81a9d0e26b5.bundle.js
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a09b7737e114a5740774de96a70f61bb6f0aae19a4c6acc6d48eb2d3cb49be0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 19:14:05 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 17:24:52 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:7256ec9d8b38875342762ae26c15f880
age
76121
etag
W/"7256ec9d8b38875342762ae26c15f880"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
JUhHtJLas2R3zRR8j1Ros92THIPIHJ3s6_1wu7ZOwjdJ7TtNjEOa4A==
app-0898d772eb6c220f0b9e.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
7 KB
4 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e09e76c14416d37e302120a42869bef9b0ee6c557ce18eda975b5a87c064d92f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 19:14:05 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 17:24:53 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:d0081ef1e1fb8eadc96309d664937f35
age
76121
etag
W/"d0081ef1e1fb8eadc96309d664937f35"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
k-g8odqglaceNrTHO_9jK8t1sLttPsqWlL2ajVwspqeWXI2iolpARg==
css?family=Bitter:300,400,700%7CSintony:300,400,700%7CNunito:300,400,600,700
fonts.googleapis.com/
12 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Bitter:300,400,700|Sintony:300,400,700|Nunito:300,400,600,700
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/appearance/company/7f70b6a0-3ce8-4775-bc3e-c5befada0e1b--1920c7a855--v2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
9bc0b9035c5c54e7642595bc171370eb508daba1a17d6687c1d377d08365d1f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:22:45 GMT
server
ESF
date
Wed, 22 Sep 2021 16:22:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Sep 2021 16:22:45 GMT
default
embed.tawk.to/5fb53e6c920fc91564c83a75/
2 KB
976 B
Script
General
Full URL
https://embed.tawk.to/5fb53e6c920fc91564c83a75/default
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed2052884ce03ed89bf478e38959c580cb62df214f0d72d2ab31ac73a539f4bd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hrandpayroll.com/
Origin
https://www.hrandpayroll.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:22:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
age
6158
etag
W/"stable-v4-61483167bf6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=3600
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
692cdfb5cbc05c74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
analytics.js
www.google-analytics.com/
48 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5445
date
Wed, 22 Sep 2021 14:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 22 Sep 2021 16:52:00 GMT
zazd71fdlwwp9ucucoac.jpg
d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/v1499701412/
43 KB
44 KB
Image
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/v1499701412/zazd71fdlwwp9ucucoac.jpg
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/appearance/company/7f70b6a0-3ce8-4775-bc3e-c5befada0e1b--1920c7a855--v2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
446eb45445ebc42055caeb49fc288b1e93498311bf7ef4673a9e2db57171409d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:01:44 GMT
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
6542461
x-cache
Hit from cloudfront
server-timing
fastly;dur=1;cpu=0;start=2021-07-08T23:01:44.182Z;desc=hit,rtt;dur=1
content-length
44049
last-modified
Mon, 10 Jul 2017 15:43:33 GMT
server
Cloudinary
etag
"2777382f5229810b5d5f660b94b47485"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
KGfn0v1e3q2a19Ul3pemlCmwvxrKVAA2UWgUDH7zsGvS-v-2M6Cq7g==
5815-e5f006ab9975c35bd03f.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
19 KB
5 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/5815-e5f006ab9975c35bd03f.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eaef57ceaab0c64acc7943629daba6c4c834138eb68c32db7a9057d8486c8c78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:22:55 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 19:21:32 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:412e30bf6829d5da1b8c1a2e1fbcfbba
age
676791
etag
W/"412e30bf6829d5da1b8c1a2e1fbcfbba"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
d5M_hRVIoRNC1vdPyeadznsAzDnSYLX-_qC1V_ALo4vzBNamD7u49A==
1372-6be809301b66d5cc7962.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
19 KB
4 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/1372-6be809301b66d5cc7962.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4d74cfa4e47740ff8cd9fde4fada3fa2d0f33478e868dfd892126e9388e251c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 23:40:14 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 16:23:47 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:e8768a836f85cb88df155374dbcb4736
age
1442552
etag
W/"e8768a836f85cb88df155374dbcb4736"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
3lpkv3_OAU5AROChKv2mSHGbmhqQbtam-r85MUGZrsiGK_5g5ssz7g==
1193-92dd5b31a65c4ae62e6c.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
21 KB
6 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/1193-92dd5b31a65c4ae62e6c.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6d83cefacfe1d2b02bf70c28982b9d8cfd5228d5c1c010f97e45a5bc7b98917

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 14:13:17 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 16:23:47 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:3ccfe634bd2cdf77f51d1fc3cba8e852
age
612569
etag
W/"3ccfe634bd2cdf77f51d1fc3cba8e852"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
PCqTSMB8xE0kw27eLbbv_PNaL3BEKeN7Bp1sBXk3IEUrPobIAgN2rg==
8320-91e9c60f3a3282091980.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
32 KB
4 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/8320-91e9c60f3a3282091980.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
791e85b8b8506f5e83cefaec053174a1103b5eae9106a9cea441e0466d5e82fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:22:55 GMT
content-encoding
gzip
last-modified
Fri, 27 Aug 2021 14:08:49 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:d71c37e915ebbe0be075c3861e34c2e2
age
676791
etag
W/"d71c37e915ebbe0be075c3861e34c2e2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
67T3Iri1ZFztWkd3nvTZxRhWdoQR6wza2w4O7OTb9PZQNbLuwBWb6g==
8893-24ff7da0f11c7de956af.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
15 KB
3 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/8893-24ff7da0f11c7de956af.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00a07b864adc8bac32ca067ecf7bae1faacb48b2c583006f65dea8485be64277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 00:59:59 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 16:24:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:b11d32bb8cf7ea667173f5aa2a1aaa41
age
3338567
etag
W/"b11d32bb8cf7ea667173f5aa2a1aaa41"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Ebj5CqufNzAxNVBQNMW61TJ0qfb9WBpeYVIviiwmWhGI5H8LW0N8rA==
7764-b0329baa5e6c7ed18651.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
13 KB
3 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/7764-b0329baa5e6c7ed18651.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
36049c48883873de2904d5dab1e586964c0a9fc57035604537861b09db20d9e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:22:55 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 19:21:36 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:e8cf23559936472809cffbce482762fa
age
676791
etag
W/"e8cf23559936472809cffbce482762fa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Pfcjcp9BOQ2cPtibNYOuMxSFGXIrQm7ggG-Oekp_EHzvtpfvvVuqAw==
8282-c407a156755878fb4d20.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
76 KB
11 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/8282-c407a156755878fb4d20.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f54030f20de234824d8dace638f601ec2ed7d6f63205087a65fa377b781e86d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:22:55 GMT
content-encoding
gzip
last-modified
Mon, 09 Aug 2021 17:16:57 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:cf8dfc7824475feb3a32fb7bdd1a94b3
age
676791
etag
W/"cf8dfc7824475feb3a32fb7bdd1a94b3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
aHpn78u8kNFP8E1EhWsUnsNBfjWeyZHTFkmrDf0vfSxnJ3TBv7rIKA==
4017-a68ebb49eb9c05d6d74e.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
14 KB
3 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/4017-a68ebb49eb9c05d6d74e.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0dc572dd267f2996fe337488999895f2cf1f1b80e2f4c8abb5e6c217c42beefc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 14:13:17 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 16:23:55 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:36d1f35de519aaa680c4407ef58efd7e
age
612569
etag
W/"36d1f35de519aaa680c4407ef58efd7e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ZLD3oCdw-s0oPpwwAZnvY7IeXme8TakAYigQNWPs8at3jmjs3dpRmQ==
2438-f24e15a145873b0929a8.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
17 KB
4 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/2438-f24e15a145873b0929a8.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90d2b0510233cff4541c6014a2a1fc529deda36e8d769c79c8ce523ccd1efec8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 19:14:06 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 17:24:52 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:0e9315b3ca2219367ed60d4fbea1c9f9
age
76120
etag
W/"0e9315b3ca2219367ed60d4fbea1c9f9"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
v25P4TgJTMC9B2m5AX_DQXdMHxJ-xa94zcZiwttTn2YwaSKUcwJvSw==
9504-1bc2e371749316d1a0c2.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
20 KB
5 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/9504-1bc2e371749316d1a0c2.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4371defbb2c4b1d2cc0998da9ed03dbabbbc7c7e8d84f219c2cbbb424225cfbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:22:55 GMT
content-encoding
gzip
last-modified
Fri, 27 Aug 2021 21:26:06 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:6a86b71c5e74dbe2fcd671fba17a8e65
age
676791
etag
W/"6a86b71c5e74dbe2fcd671fba17a8e65"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
urCW_cJIsbvgLcYxbQXVeJyhcRyXVQrSejotlLuloMY04CnCkTHOdQ==
1561-8f75f5b06fc4e08f730c.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
21 KB
4 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/1561-8f75f5b06fc4e08f730c.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
858063f0b98aa6a926881c9e905161e3df72eec1e1bce66d40979c134c29e3f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:22:55 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 19:21:24 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:b492506ed2c074a8660cbba9e74a239d
age
676791
etag
W/"b492506ed2c074a8660cbba9e74a239d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
8uxhhMi7ex-J8qyNMc0O_yAo4q-VzRYH4vXEZ3fr1rfq_89osw8hxQ==
3889-5022b6d34c20d09e1c4a.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
144 KB
17 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/3889-5022b6d34c20d09e1c4a.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
76d79a986d18a06ac041c58c147e30a1c93f715949b1add86d960f00905f906e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:22:55 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 19:21:28 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:35484cadd62ffbba1cdffb2a56aafaf7
age
676791
etag
W/"35484cadd62ffbba1cdffb2a56aafaf7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
oEJOQiIV2fgJUU0pJofNvbFDYLiiHhWt8WxeGYVA4kzZDmwMgABhEA==
748-6b6e7ce2a2b867c97b24.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
84 KB
12 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/748-6b6e7ce2a2b867c97b24.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2e7eadb13210c8ea76cd5ddc0729e4e494e1daf5b3af7e5ee34ca88a9204ecf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:22:55 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 19:21:35 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:becc0f8aa712cd71131b3788f04e64a4
age
676791
etag
W/"becc0f8aa712cd71131b3788f04e64a4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
usmjn5ewjgytFk3zkPeO9PdbGV52l2vHksiUyTH6LTsDZZipgEyBow==
1798-8b22f6e976d56d3b4504.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
32 KB
6 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/1798-8b22f6e976d56d3b4504.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
045017c703164390ff405c941f7e2797bdb9a53b2c2ddabee90f0b142d66620f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 19:14:06 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 15:22:26 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:785c8dac741f316255ac462e5f4c6a20
age
76120
etag
W/"785c8dac741f316255ac462e5f4c6a20"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
_Y96HKVjbzDkF9mvx_Lyx-NPugf3C7hKMPBmYE0NaCBP2KjBkHmXRA==
8799-f350686be6eaf633f6f8.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
21 KB
4 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/8799-f350686be6eaf633f6f8.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6a1cf85600d92fbbf309d9d0011c2fb4349bb176013a13819c51ff50ea8b90d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:22:55 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 19:21:37 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:6d5b0a9365e5bab78855aef6309d1773
age
676791
etag
W/"6d5b0a9365e5bab78855aef6309d1773"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
BVMwYFS30yE-F6ChdiStLeDnilVLMIseNBfyuq7QqgHQYQYParxTTg==
4747-2aed91aabfc0dec2b02d.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
22 KB
4 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/4747-2aed91aabfc0dec2b02d.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
149c88660e089fdfddc792b85b71763eb12838d0ed3635fb82ea46cd65bbb80a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 23:21:16 GMT
content-encoding
gzip
last-modified
Thu, 05 Aug 2021 14:44:22 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:37baeaeefab765d3a9e2f2d6fb56c13e
age
838890
etag
W/"37baeaeefab765d3a9e2f2d6fb56c13e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ZOIEqf71Y53VPBNyX-K33kr0Q85JIaT7wjuiRHc8v7qQnvAlnQN-dQ==
7750-6a182d1df8b8d8ec30e1.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
79 KB
14 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/7750-6a182d1df8b8d8ec30e1.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
32de0a2874e50bcfbdce01d8fede1aa8538233a7744d3e49f81911c55377c6e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:22:55 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 19:21:35 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:816eb473a47bf026ea2ec54622621a14
age
676791
etag
W/"816eb473a47bf026ea2ec54622621a14"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
G6PpFD9onWzhV0b232A9EXKrelqfjjvkYBJfDCiQ3u3Cr2N0_F4Y_Q==
6896-cd3c0fcfd906e03fe77a.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
52 KB
8 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/6896-cd3c0fcfd906e03fe77a.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5573e3723d3818affbae59da403df9159cb760557fe3f728f9a22d6a42d63fd3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:22:55 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 19:21:34 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:dddca4c3f782f7196066a6110c0b0172
age
676791
etag
W/"dddca4c3f782f7196066a6110c0b0172"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Krs8LeljVHigJSJM87_862Jz8K4GH6h2jE4O3Tbh6ZoXoKl_nny5NA==
2647-599e9cf118e303c0dd3a.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
28 KB
6 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/2647-599e9cf118e303c0dd3a.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b803e76d8f10df36e733d13a90574a2b122955b080dea2af63df56478ab57c33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:22:55 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 19:21:27 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:bd11c5e133286941453c0c27c12ac830
age
676791
etag
W/"bd11c5e133286941453c0c27c12ac830"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
3eFVaOxmvvD-CgwqaQ4HujEOPNfHI4qJcVghBYHVYVZQq10IymalSg==
655-b674d6e0488ce7086548.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
15 KB
4 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/655-b674d6e0488ce7086548.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95bc885b240826113afec5f417f8976dbc42ecb2373ce9788868a5419df91b05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:22:55 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 19:21:33 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:2022ba1e2610a5303bf548f036d34360
age
676791
etag
W/"2022ba1e2610a5303bf548f036d34360"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
BQPWDXJ_zYHT5X60XIs8Pf439rwZaMEUkgmZRPaS2sMR6cduGmfhtQ==
4097-41fd3041ad188cd204fc.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
80 KB
11 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/4097-41fd3041ad188cd204fc.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab1c42d4644a5a4fad242c723d105dab1587f7481a075ebf58a30684afa1e830

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:22:55 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 19:21:29 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:84e9d4ce10234876c9c6238247884158
age
676791
etag
W/"84e9d4ce10234876c9c6238247884158"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
A6bw8KghYIDWoiWJG5Omo-CDGCbRKczcqFyZzUJ6ep9mogWWmcCK2w==
3423-c0fb675b99e97a8cea7d.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
24 KB
5 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/3423-c0fb675b99e97a8cea7d.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
34942cb04a732f9c361a51d1a0c5c767c9ac7e02d2335a710ab2c90b4fadc6bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:22:55 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 19:21:28 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:7227617f4d14d26b046c28f291e61002
age
676791
etag
W/"7227617f4d14d26b046c28f291e61002"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
9iEC7TA3VMSH51sBzAJH292TKKCNVJYuB7ky_Dn2xb66deoU0QfluA==
6046-62f02ff80a06d47f2c58.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
24 KB
4 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/6046-62f02ff80a06d47f2c58.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
305efbdc95fd674370c2caa2b2d14428dbca655a764c2e87423defb5a92e8f0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 19:14:06 GMT
content-encoding
gzip
last-modified
Thu, 26 Aug 2021 15:33:13 GMT
server
AmazonS3
age
76120
etag
W/"4b9c9cd4704d9ad8fc91ed230fc2953e"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
epaKaxStJptV_mWKmrnJtTWhJIlydC6QOv6RQSxLzFPd_eSa2JlnTg==
3622-eb9d4a13705299ea93c0.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
21 KB
5 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/3622-eb9d4a13705299ea93c0.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4ad0c234031b965ad9a54fd4254392c6aadf7c4a7d8fc6039ff8da538d1f5a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:22:55 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 19:21:28 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:b2e4c6c7c964761cae57098ee70641ff
age
676791
etag
W/"b2e4c6c7c964761cae57098ee70641ff"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
cuJJv1FeteRbDaR3owFOfzZWv2_w5PbhYu2xJyyGWrQkS9l8BobwsQ==
3464-f61abc36aa4d8f5627b3.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
19 KB
4 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/3464-f61abc36aa4d8f5627b3.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6109c96d40793c803c9c7d62245516e0540916416aeb7a28a7a281cfa9782c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 18:20:13 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 16:23:54 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:c7fde918de895f9cc71ab30f14972ee1
age
4312953
etag
W/"c7fde918de895f9cc71ab30f14972ee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
GT9YBu8m9pBhxDWu2c8ufQ_AMTTU2UFt9Ju8kYUY34S2GR2QWJhg4Q==
7970-7a31bbf02157952b54a1.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
18 KB
5 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/7970-7a31bbf02157952b54a1.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca4b8ac1dd404575bb669c07a653c378aeb907651b7369440f1e70bf86b0db2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:22:55 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 19:21:36 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:f53e8b08478c380ea4cdc6b402eca222
age
676791
etag
W/"f53e8b08478c380ea4cdc6b402eca222"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
t21hRuKVgs9ty6dd7Z6pNQ66NBUB3ioB2c_-1wO3hKtw-4PnKNRgcg==
1988-2db68516f8b37cc6db76.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
1 MB
162 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/1988-2db68516f8b37cc6db76.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb481741fcc0a89db407810577d0bbe5560c547a7353efce1b191aa3657dabf3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 19:14:06 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 17:24:51 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:41c901635d6a8560b01cb859d4bef799
age
76120
etag
W/"41c901635d6a8560b01cb859d4bef799"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
DyjnAR4iZERNcuP5QYBQy9wABl1vggNF05e7EWy73PEhxEA3HTOLZA==
2345-152f6a9cdafa93a1c8d0.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
12 KB
3 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/2345-152f6a9cdafa93a1c8d0.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dcb82635faab53e8f4da8621aab0ab40d3e5c08e45c86348d319f35262f3320b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:22:55 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 19:21:26 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:0354cfc886696d2a366101c6310566e5
age
676791
etag
W/"0354cfc886696d2a366101c6310566e5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
z0q8EkBGLU_niIs1Yg1JG8w3OO7pE4c7wyCupKn5jNoMGslxdYuMjA==
9564-b6a15b380d20766bd404.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
46 KB
8 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/9564-b6a15b380d20766bd404.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98b158ad5698e0a0905ab6399f960451f8254420301b1fffae143f58cd42b51f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:22:56 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 19:21:38 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:50d509b4f236577e953fa3e9f7d12b2a
age
676790
etag
W/"50d509b4f236577e953fa3e9f7d12b2a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
OijnhY1VSHYdPNHWn-DpbyhkbyVde4XM3Iol6O_7ThqjBAd2QndUfA==
8413-ae660815c2d7c6d39f8a.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
43 KB
7 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/8413-ae660815c2d7c6d39f8a.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
128ec282be568988b2c99db759825d407ab4823bea477a3c6be3c0c00612c802

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:22:56 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 19:21:36 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:fcead44464b6b4d1664baafbc231fd76
age
676790
etag
W/"fcead44464b6b4d1664baafbc231fd76"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
qozI_KfqEO8V7gOfKbjOPEet3_WxgQ4aKoa6iy8dtiaEtV1i9uY08A==
4935-584a0e506ef6dfc31975.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
61 KB
10 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/4935-584a0e506ef6dfc31975.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc1b40576d26bec5320424aa50da1f6a95c0aa588542ee26a6dea9169902498b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:23:04 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 19:21:31 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:17fac24dd859d3d81920abeecd75a67a
age
676782
etag
W/"17fac24dd859d3d81920abeecd75a67a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
hMuQKFD6EHB7LupoX-YLy1ByfE3GzjlLEkfp7bohMQxNZQvoc-SAFA==
m-outer-9475bd26486e6119b23924eebd3d561a.html
js.stripe.com/v3/ Frame F456
215 B
969 B
Document
General
Full URL
https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-61.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13e44ac91c0d0e34922532b04d931246156aef649b2ac9cacc69ad75ce63ad00
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hrandpayroll.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/

Response headers

content-type
text/html; charset=utf-8
content-length
215
x-amz-id-2
7BLLiJ1gHrxR5/kRpUgXri9j/MhI5X+SwKW9nYdJNFbRc12NHz/0pctqArC7jxIBe7xoJno4r6Y=
x-amz-request-id
CJDF9R78BB42M5ES
last-modified
Wed, 01 Sep 2021 21:34:43 GMT
accept-ranges
bytes
server
AmazonS3
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
access-control-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
x-edge-origin-shield-skipped
0
date
Wed, 22 Sep 2021 16:22:10 GMT
cache-control
max-age=60
etag
"9475bd26486e6119b23924eebd3d561a"
x-cache
Hit from cloudfront
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
95G2fEQdVn5j2xq18xy9E4LdnwmKTMrVO9tad_I3Cmqe-8590OGU1Q==
age
35
ecommerce.js
www.google-analytics.com/plugins/ua/
1 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:16:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
392
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 22 Sep 2021 17:16:13 GMT
m-outer-f045e3b6b64aa0e635a6cabefc84daae.js
js.stripe.com/v3/fingerprinted/js/ Frame F456
1 KB
2 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-61.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8e9871cf0af9019f2a0094a2ce12eb7794c104f7f38d9f75e7017c9d26e7cf6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
W/"01f873d478053c6a0368329ea08f7a10"
age
32
x-cache
Hit from cloudfront
x-edge-origin-shield-skipped
0
x-amz-request-id
YGTEE86DW9FT29Q3
x-amz-id-2
+JLOt/VPb6id54QNpxQYIxR0G27wKadkHiY0/nuXO+KOe1wJ3nU20+o436UY2S++CYuv+2ycA0c=
access-control-allow-origin
*
last-modified
Wed, 01 Sep 2021 21:34:46 GMT
server
AmazonS3
date
Wed, 22 Sep 2021 16:22:14 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control
max-age=60
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
B-tqnPKHkpJxo0XtP1vadDfszDJp7wsOlUsrSUuVNcVSmUJWBNzd7Q==
cart
www.hrandpayroll.com/orders/
37 B
493 B
XHR
General
Full URL
https://www.hrandpayroll.com/orders/cart
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.84a1729d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.0.214.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-214-116.compute-1.amazonaws.com
Software
/
Resource Hash
ef7f208ee05b21c55a88213ab9fe90d3fa3a8fc6349b46bb576d31dc3150909c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
nonce
a1ycl8ofti6fom3gey5aeu6y
Accept-Language
de-DE,de;q=0.9
X-Requested-With
XMLHttpRequest
Sec-Fetch-Dest
empty
Accept-Encoding
gzip, deflate, br
Cookie
csrf-token=dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0; csrf-token.sig=riHNR7nOsc_Kd9q6pXNGfjA6XbU; visitId=0.3640069211761843; koa.sess=eyJzZWNyZXQiOiI2Unl2Qk8wU3pwRzVlYi0wS3A0aFhlY1ciLCJfZXhwaXJlIjoxNjMyNDE0MTY0OTQ4LCJfbWF4QWdlIjo4NjQwMDAwMH0=; koa.sess.sig=rR5zd6B7fLTyP_ZkVmoc91gXUM4; _ga=GA1.2.131228663.1632327766; _gid=GA1.2.1792467144.1632327766
Connection
keep-alive
Pragma
no-cache
Host
www.hrandpayroll.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken
Accept
application/json, text/javascript, */*; q=0.01
Cache-Control
no-cache
Referer
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Sec-Fetch-Site
same-origin
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
nonce
a1ycl8ofti6fom3gey5aeu6y
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=604800
X-Content-Type-Options
nosniff
Date
Wed, 22 Sep 2021 16:22:45 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Vary
Accept-Encoding
Content-Length
37
X-XSS-Protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
7f70b6a0-3ce8-4775-bc3e-c5befada0e1b
www.hrandpayroll.com/learn/appearanceBlocks/
741 B
1 KB
XHR
General
Full URL
https://www.hrandpayroll.com/learn/appearanceBlocks/7f70b6a0-3ce8-4775-bc3e-c5befada0e1b
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.84a1729d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.0.214.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-214-116.compute-1.amazonaws.com
Software
/
Resource Hash
8fce468a96af3813141e60e330274e58d8a8b7fae01f24aef07e162fc3873de4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
nonce
a1ycl8ofti6fom3gey5aeu6y
Accept-Language
de-DE,de;q=0.9
X-Requested-With
XMLHttpRequest
Sec-Fetch-Dest
empty
Accept-Encoding
gzip, deflate, br
Cookie
csrf-token=dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0; csrf-token.sig=riHNR7nOsc_Kd9q6pXNGfjA6XbU; visitId=0.3640069211761843; koa.sess=eyJzZWNyZXQiOiI2Unl2Qk8wU3pwRzVlYi0wS3A0aFhlY1ciLCJfZXhwaXJlIjoxNjMyNDE0MTY0OTQ4LCJfbWF4QWdlIjo4NjQwMDAwMH0=; koa.sess.sig=rR5zd6B7fLTyP_ZkVmoc91gXUM4; _ga=GA1.2.131228663.1632327766; _gid=GA1.2.1792467144.1632327766
Connection
keep-alive
Pragma
no-cache
Host
www.hrandpayroll.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken
Accept
application/json, text/javascript, */*; q=0.01
Cache-Control
no-cache
Referer
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Sec-Fetch-Site
same-origin
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
nonce
a1ycl8ofti6fom3gey5aeu6y
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken

Response headers

Strict-Transport-Security
max-age=604800
X-Content-Type-Options
nosniff
nonce
ohr3z3pfpe95m149zzk6y7g1
csrfToken
dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0
Date
Wed, 22 Sep 2021 16:22:45 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Vary
Accept-Encoding
Content-Length
741
X-XSS-Protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
a61ba6d5-8e84-458c-99d4-390ccdc78b46
www.hrandpayroll.com/learn/micrositeFooterBlocks/
320 B
722 B
XHR
General
Full URL
https://www.hrandpayroll.com/learn/micrositeFooterBlocks/a61ba6d5-8e84-458c-99d4-390ccdc78b46
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.84a1729d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.0.214.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-214-116.compute-1.amazonaws.com
Software
/
Resource Hash
ee685f9d7cb5b597ec3e74bbff5f3dd31ab69cf9315ddcb9cdfe991b2da649f6
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
nonce
a1ycl8ofti6fom3gey5aeu6y
Accept-Language
de-DE,de;q=0.9
X-Requested-With
XMLHttpRequest
Sec-Fetch-Dest
empty
Accept-Encoding
gzip, deflate, br
Cookie
csrf-token=dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0; csrf-token.sig=riHNR7nOsc_Kd9q6pXNGfjA6XbU; visitId=0.3640069211761843; koa.sess=eyJzZWNyZXQiOiI2Unl2Qk8wU3pwRzVlYi0wS3A0aFhlY1ciLCJfZXhwaXJlIjoxNjMyNDE0MTY0OTQ4LCJfbWF4QWdlIjo4NjQwMDAwMH0=; koa.sess.sig=rR5zd6B7fLTyP_ZkVmoc91gXUM4; _ga=GA1.2.131228663.1632327766; _gid=GA1.2.1792467144.1632327766
Connection
keep-alive
Pragma
no-cache
Host
www.hrandpayroll.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken
Accept
application/json, text/javascript, */*; q=0.01
Cache-Control
no-cache
Referer
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Sec-Fetch-Site
same-origin
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
nonce
a1ycl8ofti6fom3gey5aeu6y
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken

Response headers

Strict-Transport-Security
max-age=604800
X-Content-Type-Options
nosniff
nonce
1ac0uguefrhyr6z3zjhxd8xb
csrfToken
dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0
Date
Wed, 22 Sep 2021 16:22:46 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Vary
Accept-Encoding
Content-Length
320
X-XSS-Protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
288d778f-8c4f-42fe-8342-9ed9842f2da8?
www.hrandpayroll.com/learn/micrositeHeaderBlocks/
599 B
1001 B
XHR
General
Full URL
https://www.hrandpayroll.com/learn/micrositeHeaderBlocks/288d778f-8c4f-42fe-8342-9ed9842f2da8?
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.84a1729d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.0.214.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-214-116.compute-1.amazonaws.com
Software
/
Resource Hash
1823032a9fe743626313a25beaaa1e473778dcb343043736eee4350b3aabfda4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
nonce
a1ycl8ofti6fom3gey5aeu6y
Accept-Language
de-DE,de;q=0.9
X-Requested-With
XMLHttpRequest
Sec-Fetch-Dest
empty
Accept-Encoding
gzip, deflate, br
Cookie
csrf-token=dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0; csrf-token.sig=riHNR7nOsc_Kd9q6pXNGfjA6XbU; visitId=0.3640069211761843; koa.sess=eyJzZWNyZXQiOiI2Unl2Qk8wU3pwRzVlYi0wS3A0aFhlY1ciLCJfZXhwaXJlIjoxNjMyNDE0MTY0OTQ4LCJfbWF4QWdlIjo4NjQwMDAwMH0=; koa.sess.sig=rR5zd6B7fLTyP_ZkVmoc91gXUM4; _ga=GA1.2.131228663.1632327766; _gid=GA1.2.1792467144.1632327766
Connection
keep-alive
Pragma
no-cache
Host
www.hrandpayroll.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken
Accept
*/*
Cache-Control
no-cache
Referer
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Sec-Fetch-Site
same-origin
Accept
*/*
Referer
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
nonce
a1ycl8ofti6fom3gey5aeu6y
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken

Response headers

Strict-Transport-Security
max-age=604800
X-Content-Type-Options
nosniff
nonce
9peqkp46g4i2snw64tg221xn
csrfToken
dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0
Date
Wed, 22 Sep 2021 16:22:46 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Vary
Accept-Encoding
Content-Length
599
X-XSS-Protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
inner.html
m.stripe.network/ Frame 98B4
932 B
1 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
m.stripe.network
:scheme
https
:path
/inner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.stripe.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
max-age=300, public
content-security-policy
connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
server
Fastly
accept-ranges
bytes
date
Wed, 22 Sep 2021 16:22:45 GMT
via
1.1 varnish
age
62
x-served-by
cache-fra19168-FRA
x-cache
HIT
x-cache-hits
55
x-timer
S1632327766.887133,VS0,VE0
vary
Accept-Encoding, Origin
content-length
932
rax8HiqOu8IVPmn7f4xp.woff2
fonts.gstatic.com/s/bitter/v19/
30 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/bitter/v19/rax8HiqOu8IVPmn7f4xp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:300,400,700|Sintony:300,400,700|Nunito:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
ebb47fd79ee856806fec5c85f947b3a908cbe3cfef92099fa4c9b481f092f6f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.hrandpayroll.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 17:48:25 GMT
x-content-type-options
nosniff
age
254060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30792
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 23:04:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Sep 2022 17:48:25 GMT
csp-report
q.stripe.com/ Frame 98B4
96 B
260 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
584031dc928dc12e2556bfc8692ef390bb6d43c3eaa3527707ca8486f1fe48f0

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 22 Sep 2021 16:22:46 GMT
x-envoy-upstream-service-time
0
x-stripe-response-code-rewrite
502
server
nginx
x-stripe-no-route
cdn-csp-report-srv.service.envoy
content-length
96
content-type
text/plain
out-4.5.40.js
m.stripe.network/ Frame 98B4
85 KB
85 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.40.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
via
1.1 varnish
x-content-type-options
nosniff
server
Fastly
age
3
date
Wed, 22 Sep 2021 16:22:45 GMT
x-served-by
cache-fra19168-FRA
vary
Accept-Encoding, Origin
x-cache
HIT
content-type
application/javascript
cache-control
max-age=300, public
accept-ranges
bytes
x-timer
S1632327766.901051,VS0,VE0
content-length
87228
x-cache-hits
2
twk-main.js
embed.tawk.to/_s/v4/app/61483167bf6/js/
121 B
507 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb53e6c920fc91564c83a75/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hrandpayroll.com/
Origin
https://www.hrandpayroll.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
151828
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"da5bb1dc647470204df0e49f5afac2de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
692cdfb98a26699b-FRA
twk-vendor.js
embed.tawk.to/_s/v4/app/61483167bf6/js/
76 KB
27 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb53e6c920fc91564c83a75/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hrandpayroll.com/
Origin
https://www.hrandpayroll.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
151828
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"7dcb496e4882926f93f2e73fa87062c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
692cdfb98a31699b-FRA
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/61483167bf6/js/
191 KB
57 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb53e6c920fc91564c83a75/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee71aa15bd6f5e9f650cb2fd28073635fe050d7e71b61a7dae31094f5466236
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hrandpayroll.com/
Origin
https://www.hrandpayroll.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
151829
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"f5397b5e368531031773bbfe6ac26ab8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
692cdfb98a20699b-FRA
twk-chunk-common.js
embed.tawk.to/_s/v4/app/61483167bf6/js/
136 KB
34 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb53e6c920fc91564c83a75/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
509e2fdc820147df1cdc5f27fca75ad561761f95af1b68faab42160013f8f2c3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hrandpayroll.com/
Origin
https://www.hrandpayroll.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
151828
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"9bc7c334899155070faef320af658bae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
692cdfb98a1f699b-FRA
twk-runtime.js
embed.tawk.to/_s/v4/app/61483167bf6/js/
2 KB
1 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb53e6c920fc91564c83a75/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
631105904eaf607e58b401a5bb1b8cf111d9c22e0576a6571cb39077aaac3211
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hrandpayroll.com/
Origin
https://www.hrandpayroll.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
151829
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"c9988f3f6096def2f280e804e16e18fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
692cdfb98a28699b-FRA
twk-app.js
embed.tawk.to/_s/v4/app/61483167bf6/js/
151 B
495 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb53e6c920fc91564c83a75/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hrandpayroll.com/
Origin
https://www.hrandpayroll.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
151829
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
692cdfb98a1a699b-FRA
6
m.stripe.com/ Frame 98B4
156 B
517 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.42.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-42-192.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
9c6629528a3fe2e5226157b8650be9f9cbe5a47331854f9a1963b8fc865a0f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 22 Sep 2021 16:22:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
strict-transport-security
max-age=31556926; includeSubDomains; preload
access-control-allow-headers
Content-Type
register
va.tawk.to/
1 KB
2 KB
Fetch
General
Full URL
https://va.tawk.to/register
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16b2b45d45011a0d727a9a44bde08ed051561eb0f100f1c3991117f16df27f52
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hrandpayroll.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Sep 2021 16:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
visitor-application-preemptive-3sxk
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://www.hrandpayroll.com
vary
Accept-Encoding
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
692cdfba5dc9323c-FRA
access-control-allow-headers
content-type,x-tawk-token
widget-settings?propertyId=5fb53e6c920fc91564c83a75&widgetId=default&sv=undefined
va.tawk.to/v1/
2 KB
1 KB
Fetch
General
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=5fb53e6c920fc91564c83a75&widgetId=default&sv=undefined
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e443ba2a4d5822b7d8ff47e94a53966d25055e9cc22fc952f8aea2512d3de7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
visitor-application-preemptive-lh56
server
cloudflare
etag
W/"2-8-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
692cdfba3edd5c74-FRA
access-control-allow-headers
content-type,x-tawk-token
8243-4649b242c2369269c87f.bundle.js
d36ai2hkxl16us.cloudfront.net/v3/dist/
552 KB
130 KB
Script
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/v3/dist/8243-4649b242c2369269c87f.bundle.js
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3928531c34679a1d5bede57b36f81497b3f1769b3486fe81dfcaa7df8e1bd0fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 19:14:08 GMT
content-encoding
gzip
last-modified
Thu, 16 Sep 2021 00:41:56 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:780338fec39ba0fbdab688e3426dcd60
age
76119
etag
W/"780338fec39ba0fbdab688e3426dcd60"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript; charset=utf-8
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
QtgoKFe1ACCaPqqlcaopStaqMg8phVQazfMEF-zU94kyCqp7W7EJtQ==
nbxkunvv9iex-HRPayrollLogoFINAL_pngfilecopy.png
d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/a_exif,c_lfill,h_150,dpr_2.0/v1/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/
14 KB
14 KB
Image
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/a_exif,c_lfill,h_150,dpr_2.0/v1/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/nbxkunvv9iex-HRPayrollLogoFINAL_pngfilecopy.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
b54afb8c17fa8cda50fe0ef2bc109178c905df1ed71d2836f5443ed4e86f466b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 07:58:17 GMT
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
203069
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
server-timing
fastly;dur=1;cpu=0;start=2021-09-20T07:58:17.203Z;desc=hit,rtt;dur=3
content-length
13847
last-modified
Thu, 15 Oct 2020 16:10:45 GMT
server
Cloudinary
etag
"ca6beead094c4b62903dad92f4b3e2c9"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
IrUw-BayQl59tYAWsAC2Jq4P0SYdCQEUA1Oz2IVG_6_XkRvVEZu_nA==
graphql
www.hrandpayroll.com/
17 KB
5 KB
Fetch
General
Full URL
https://www.hrandpayroll.com/graphql
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/4919-907d4b879c412cdccc70.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.0.214.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-214-116.compute-1.amazonaws.com
Software
/
Resource Hash
be534bf7510c834e284b20351b1c1b7f39443c6a605381a640ce52e3cc4be58f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://www.hrandpayroll.com
nonce
9peqkp46g4i2snw64tg221xn
Accept-Language
de-DE,de;q=0.9
Sec-Fetch-Dest
empty
Accept-Encoding
gzip, deflate, br
Cookie
csrf-token=dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0; csrf-token.sig=riHNR7nOsc_Kd9q6pXNGfjA6XbU; visitId=0.3640069211761843; koa.sess=eyJzZWNyZXQiOiI2Unl2Qk8wU3pwRzVlYi0wS3A0aFhlY1ciLCJfZXhwaXJlIjoxNjMyNDE0MTY0OTQ4LCJfbWF4QWdlIjo4NjQwMDAwMH0=; koa.sess.sig=rR5zd6B7fLTyP_ZkVmoc91gXUM4; _ga=GA1.2.131228663.1632327766; _gid=GA1.2.1792467144.1632327766; TawkConnectionTime=1632327766300
Connection
keep-alive
Content-Length
4813
Pragma
no-cache
Host
www.hrandpayroll.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken
Accept
*/*
Cache-Control
no-cache
Referer
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Sec-Fetch-Site
same-origin
Content-Type
application/json
Accept
*/*
Referer
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
nonce
9peqkp46g4i2snw64tg221xn
authToken
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=604800
Content-Encoding
br
X-Content-Type-Options
nosniff
nonce
br0hegeh0af970fynur2kak8
csrfToken
dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0
Date
Wed, 22 Sep 2021 16:22:46 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
views
f7imwt1lmg.execute-api.us-east-1.amazonaws.com/latest/ Frame
0
0
Preflight
General
Full URL
https://f7imwt1lmg.execute-api.us-east-1.amazonaws.com/latest/views
Protocol
HTTP/1.1
Server
13.32.121.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-85.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authtoken,nonce
Origin
https://www.hrandpayroll.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
application/json
Content-Length
0
Connection
keep-alive
Date
Wed, 22 Sep 2021 16:22:46 GMT
x-amzn-RequestId
38d667c7-3214-4d56-a630-84b727367af6
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Api-Version,X-CSRF-Token,Authentication,nonce,authToken
x-amz-apigw-id
GEq9mFPRIAMFobw=
Access-Control-Allow-Methods
POST,OPTIONS
X-Cache
Miss from cloudfront
Via
1.1 814952d19d560b49ff15ad2f71e400d3.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
X-Amz-Cf-Id
tJ5XrfMz7YBa7558NFycwTSpGoE5ZHujLAe0ZcrU_plqH9Ba8Ccn0g==
views
f7imwt1lmg.execute-api.us-east-1.amazonaws.com/latest/
224 B
881 B
XHR
General
Full URL
https://f7imwt1lmg.execute-api.us-east-1.amazonaws.com/latest/views
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.84a1729d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-85.fra60.r.cloudfront.net
Software
/
Resource Hash
59466721c11d4594facf64ceb667280c9d509c47142166064be0c26c7627247b

Request headers

Accept
*/*
Referer
https://www.hrandpayroll.com/
nonce
9peqkp46g4i2snw64tg221xn
Accept-Language
de-DE,de;q=0.9
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken

Response headers

Date
Wed, 22 Sep 2021 16:22:47 GMT
Via
1.1 814952d19d560b49ff15ad2f71e400d3.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
x-amzn-RequestId
b93e61ef-5472-4987-9bea-58bf72d0c476
X-Cache
Miss from cloudfront
Content-Type
text/plain
Access-Control-Allow-Origin
*
X-Amzn-Trace-Id
Root=1-614b5857-6ca5e0fc722092ce72f72836;Sampled=0
Access-Control-Allow-Headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Api-Version,X-CSRF-Token,Authentication,nonce,authToken
Connection
keep-alive
x-amz-apigw-id
GEq9pF44oAMFqGg=
Content-Length
224
X-Amz-Cf-Id
4EwqNkTSzhF43SuePM8nGWQ_iasOjqX_cjYTvl30X_ptIznVr60-uw==
keep_alive
www.hrandpayroll.com/learn/
22 B
423 B
XHR
General
Full URL
https://www.hrandpayroll.com/learn/keep_alive
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.84a1729d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.0.214.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-214-116.compute-1.amazonaws.com
Software
/
Resource Hash
769d05e66129d07f000aaa2857f96cb208ceb8e9a65175430ee3e747bde97abd
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
nonce
9peqkp46g4i2snw64tg221xn
Accept-Language
de-DE,de;q=0.9
X-Requested-With
XMLHttpRequest
Sec-Fetch-Dest
empty
Accept-Encoding
gzip, deflate, br
Cookie
csrf-token=dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0; csrf-token.sig=riHNR7nOsc_Kd9q6pXNGfjA6XbU; visitId=0.3640069211761843; koa.sess=eyJzZWNyZXQiOiI2Unl2Qk8wU3pwRzVlYi0wS3A0aFhlY1ciLCJfZXhwaXJlIjoxNjMyNDE0MTY0OTQ4LCJfbWF4QWdlIjo4NjQwMDAwMH0=; koa.sess.sig=rR5zd6B7fLTyP_ZkVmoc91gXUM4; _ga=GA1.2.131228663.1632327766; _gid=GA1.2.1792467144.1632327766; TawkConnectionTime=0
Connection
keep-alive
Pragma
no-cache
Host
www.hrandpayroll.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken
Accept
*/*
Cache-Control
no-cache
Referer
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Sec-Fetch-Site
same-origin
Accept
*/*
Referer
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
nonce
9peqkp46g4i2snw64tg221xn
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken

Response headers

Strict-Transport-Security
max-age=604800
X-Content-Type-Options
nosniff
nonce
c7ndtu30fa7knyj0idkmx0xy
csrfToken
dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0
Date
Wed, 22 Sep 2021 16:22:46 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Vary
Accept-Encoding
Content-Length
22
X-XSS-Protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-186820055-1&cid=131228663.1632327766&jid=583902432&gjid=397230188&_gid=1792467144.1632327766&_u=KGBAgEIRAAAAAE~&z=1281485553
stats.g.doubleclick.net/j/
1 B
464 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-186820055-1&cid=131228663.1632327766&jid=583902432&gjid=397230188&_gid=1792467144.1632327766&_u=KGBAgEIRAAAAAE~&z=1281485553
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.71.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hrandpayroll.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 22 Sep 2021 16:22:46 GMT
content-type
text/plain
access-control-allow-origin
https://www.hrandpayroll.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect?v=1&_v=j93&a=70683090&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fthe-ins-and-outs-of-the-form-i-9-and-e-verify%3Futm_source%3DNewsmanapp4_092221%26utm_medium%3Demail%...
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=70683090&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fthe-ins-and-outs-of-the-form-i-9-and-e-verify%3Futm_source%3DNewsmanapp4_092221%26utm_medium%3Demail%26utm_content%3DI9E%26utm_campaign%3DE-Verify%2Band%2BForm%2BI-9%2BRequirements&dp=%2Fcourses%2Fthe-ins-and-outs-of-the-form-i-9-and-e-verify%3Futm_source%3DNewsmanapp4_092221%26utm_medium%3Demail%26utm_content%3DI9E%26utm_campaign%3DE-Verify%2Band%2BForm%2BI-9%2BRequirements&ul=en-us&de=UTF-8&dt=%2Fcourses%2Fthe-ins-and-outs-of-the-form-i-9-and-e-verify%3Futm_source%3DNewsmanapp4_092221%26utm_medium%3Demail%26utm_content%3DI9E%26utm_campaign%3DE-Verify%2Band%2BForm%2BI-9%2BRequirements&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgEIR~&jid=583902432&gjid=397230188&cid=131228663.1632327766&tid=UA-186820055-1&_gid=1792467144.1632327766&z=1881877954
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 00:35:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56830
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ci71jblqc2ck-eretretrt.png
d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/a_exif,c_fill,w_800,h_433/v1/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/
391 KB
392 KB
Image
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/a_exif,c_fill,w_800,h_433/v1/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/ci71jblqc2ck-eretretrt.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
a4f7169a3076525379e4922323f84098f2631967ecf2cec540b65c33980531e7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 13:12:18 GMT
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
11428
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
server-timing
fastly;dur=222;cpu=0;start=2021-09-22T13:12:17.916Z;desc=miss,rtt;dur=0,cloudinary;dur=131;start=2021-09-22T13:12:17.960Z
content-length
400562
last-modified
Mon, 06 Sep 2021 11:36:09 GMT
server
Cloudinary
etag
"5b62f0f7954f60406ba4c453df9c5f1f"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
xb2YfERpaq72fzm7S538uEGEXd8F-n95MGhCgfvG-iXQ818icpINEA==
j34pc39jvqs4-ApprovedProvider_Seal4.jpg
d36ai2hkxl16us.cloudfront.net/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/
9 KB
9 KB
Image
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/j34pc39jvqs4-ApprovedProvider_Seal4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70026d8402ecfe013750a85fa763334ad010576eb059de54e0701eda4b66340d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 12:57:36 GMT
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified
Fri, 16 Apr 2021 11:25:40 GMT
server
AmazonS3
age
185111
etag
"25cde6b8d387381a757589b7547b8d48"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
8767
x-amz-cf-id
k7JS0A8LsLvJ4Mgtz71zDkNs7-Z5niy4d-7T4ZBIGHTuzhn6w7RJnw==
jfali3gakh5h-SHRMRecertificationProviderCP-SCPSeal2021.png
d36ai2hkxl16us.cloudfront.net/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/
14 KB
14 KB
Image
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/jfali3gakh5h-SHRMRecertificationProviderCP-SCPSeal2021.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f1d6834ee682c971705a1a145151df34bd54fae7ccb836115cb1f7164b27d3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 12:57:36 GMT
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified
Tue, 27 Apr 2021 16:09:02 GMT
server
AmazonS3
age
185111
etag
"3101f04b676133d9bcdfab25d201c2db"
x-edge-origin-shield-skipped
0
content-type
image/png
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
14112
x-amz-cf-id
C9EtRiZgL73BnRBTE5G0_TCoFMUzUOjLUL53XZWN5Kw3IS_B0Kdq5g==
XoHj2YDqR7-98cVUGYgIr9AJkw.woff2
fonts.gstatic.com/s/sintony/v8/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sintony/v8/XoHj2YDqR7-98cVUGYgIr9AJkw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:300,400,700|Sintony:300,400,700|Nunito:300,400,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
e73db0900053cb7929c23d8ed2d667dfbec582b4c67c61e2d0e4d184e7188b36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.hrandpayroll.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 05:02:39 GMT
x-content-type-options
nosniff
age
472807
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8324
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:23:06 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Sep 2022 05:02:39 GMT
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v16/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:300,400,700|Sintony:300,400,700|Nunito:300,400,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.hrandpayroll.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 17:39:15 GMT
x-content-type-options
nosniff
age
600211
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18972
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 02:44:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 17:39:15 GMT
XoHm2YDqR7-98cVUETMtug.woff2
fonts.gstatic.com/s/sintony/v8/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sintony/v8/XoHm2YDqR7-98cVUETMtug.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:300,400,700|Sintony:300,400,700|Nunito:300,400,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
bbd80981dfc0174f878b36a16f2df70fb71f52d418aedcc654d3020ff8e3faa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.hrandpayroll.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 17:46:55 GMT
x-content-type-options
nosniff
age
254151
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8548
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:23:05 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Sep 2022 17:46:55 GMT
ti-icons-rev2.2.6.ttf
d36ai2hkxl16us.cloudfront.net/fonts/
65 KB
65 KB
Font
General
Full URL
https://d36ai2hkxl16us.cloudfront.net/fonts/ti-icons-rev2.2.6.ttf
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/6800-6bd77394ae4e2b569b73.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-179.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9377ac882a4e9b858aacee6d8451768b9d851a4aab5ac966ead2b1470f3b8e24

Request headers

Referer
https://d36ai2hkxl16us.cloudfront.net/v3/dist/6800-6bd77394ae4e2b569b73.css
Origin
https://www.hrandpayroll.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 07:58:19 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
vary
Origin
age
203068
x-cache
Hit from cloudfront
content-length
66060
last-modified
Tue, 01 Dec 2020 00:22:43 GMT
server
AmazonS3
etag
"ce4a2dfa4b9fbe97aa8b16639b1c58e7"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT
x-amz-version-id
F4shChbtuwJP5Z37P_oK8MUpB6o8ptFI
access-control-allow-origin
*
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
binary/octet-stream
x-amz-cf-id
M5vuij61RB-V40FiLGQUElBCJ94FBRWt1NIATDsWAooq_CvpCwJ2Bg==
collect?v=1&_v=j93&a=70683090&t=timing&_s=2&dl=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fthe-ins-and-outs-of-the-form-i-9-and-e-verify%3Futm_source%3DNewsmanapp4_092221%26utm_medium%3Demail%26...
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=70683090&t=timing&_s=2&dl=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fthe-ins-and-outs-of-the-form-i-9-and-e-verify%3Futm_source%3DNewsmanapp4_092221%26utm_medium%3Demail%26utm_content%3DI9E%26utm_campaign%3DE-Verify%2Band%2BForm%2BI-9%2BRequirements&ul=en-us&de=UTF-8&dt=The%20In%E2%80%99s%20and%20Out%E2%80%99s%20of%20the%20Form%20I-9%20and%20E-Verify%3A%20Best%20Practices%20to%20Avoid%20Steep%20Penalties%20-%20HR%20and%20Payroll%20Academy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1801&pdt=100&dns=171&rrt=197&srt=252&tcp=320&dit=1340&clt=1340&_gst=1178&_gbt=1461&_u=KGBAgEIRAAAAAE~&jid=&gjid=&cid=131228663.1632327766&tid=UA-186820055-1&_gid=1792467144.1632327766&z=450354990
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 00:35:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56830
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
graphql
www.hrandpayroll.com/
130 B
526 B
Fetch
General
Full URL
https://www.hrandpayroll.com/graphql
Requested by
Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/4919-907d4b879c412cdccc70.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.0.214.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-214-116.compute-1.amazonaws.com
Software
/
Resource Hash
fbbcca06c7513f3b22bd31842d61cfebdc805a482d4719dfe6b45ee308350510
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://www.hrandpayroll.com
nonce
9peqkp46g4i2snw64tg221xn
Accept-Language
de-DE,de;q=0.9
Sec-Fetch-Dest
empty
Accept-Encoding
gzip, deflate, br
Cookie
csrf-token=dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0; csrf-token.sig=riHNR7nOsc_Kd9q6pXNGfjA6XbU; visitId=0.3640069211761843; koa.sess=eyJzZWNyZXQiOiI2Unl2Qk8wU3pwRzVlYi0wS3A0aFhlY1ciLCJfZXhwaXJlIjoxNjMyNDE0MTY0OTQ4LCJfbWF4QWdlIjo4NjQwMDAwMH0=; koa.sess.sig=rR5zd6B7fLTyP_ZkVmoc91gXUM4; _ga=GA1.2.131228663.1632327766; _gid=GA1.2.1792467144.1632327766; TawkConnectionTime=0; _gat=1
Connection
keep-alive
Content-Length
462
Pragma
no-cache
Host
www.hrandpayroll.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken
Accept
*/*
Cache-Control
no-cache
Referer
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Sec-Fetch-Site
same-origin
Content-Type
application/json
Accept
*/*
Referer
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
nonce
9peqkp46g4i2snw64tg221xn
authToken
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=604800
X-Content-Type-Options
nosniff
nonce
vcj2y1gdhr9wvdx21q3btetw
csrfToken
dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0
Date
Wed, 22 Sep 2021 16:22:46 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Vary
Accept-Encoding
Content-Length
130
X-XSS-Protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
en.js
embed.tawk.to/_s/v4/app/61483167bf6/languages/
16 KB
4 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/languages/en.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c4a4f6b701712b8f32107c462990f7a822fee1af946043c293b21294289bfe7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hrandpayroll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
206447
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"c3edce989b37d8be81c7d5c99d7eba08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
692cdfbe1edf42cf-FRA
twk-chunk-2d0d2b7c.js
embed.tawk.to/_s/v4/app/61483167bf6/js/
7 KB
2 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d0d2b7c.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js