www.hrandpayroll.com Open in urlscan Pro
52.0.214.116 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dt.hrandpayrollmailer.com/t/click/OTA1NzU2LzUxMTA2Nzk3Ny8xODY0MzcxNy80ODQ5M2VlY2UwNzI0OTQyZDY4YzE5N2MzYjczMWI2ZQ==
Effective URL:
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=e...
Submission: On September 22 via api (September 22nd 2021, 4:22:51 pm UTC) from US — Scanned from DE

Summary HTTP 108 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 13 domains to perform 108 HTTP transactions. The main IP is 52.0.214.116, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.hrandpayroll.com.
TLS certificate: Issued by R3 on September 5th 2021. Valid for: 3 months.

This is the only time www.hrandpayroll.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.21.75.51 104.21.75.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	52.0.214.116 52.0.214.116	14618 (AMAZON-AES) (AMAZON-AES)
45	143.204.101.179 143.204.101.179	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.110 151.101.2.110	54113 (FASTLY) (FASTLY)
3	143.204.98.61 143.204.98.61	16509 (AMAZON-02) (AMAZON-02)
4	142.250.186.74 142.250.186.74	15169 (GOOGLE) (GOOGLE)
27	104.22.24.131 104.22.24.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
2	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
5	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
1	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1	54.186.42.192 54.186.42.192	16509 (AMAZON-02) (AMAZON-02)
2	172.67.38.66 172.67.38.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.32.121.85 13.32.121.85	16509 (AMAZON-02) (AMAZON-02)
1	74.125.71.155 74.125.71.155	15169 (GOOGLE) (GOOGLE)
1	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
108	15

1 104.21.75.51 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dt.hrandpayrollmailer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.0.214.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-214-116.compute-1.amazonaws.com

www.hrandpayroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 143.204.101.179 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-179.fra50.r.cloudfront.net

d36ai2hkxl16us.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.110 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-61.fra50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.22.24.131 (None, )

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vsb100.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.186.42.192 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-42-192.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.38.66 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vsb100.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-85.fra60.r.cloudfront.net

f7imwt1lmg.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.71.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	cloudfront.net d36ai2hkxl16us.cloudfront.net	2 MB
29	tawk.to embed.tawk.to va.tawk.to vsb100.tawk.to	208 KB
9	hrandpayroll.com www.hrandpayroll.com	25 KB
5	gstatic.com fonts.gstatic.com	89 KB
5	stripe.com js.stripe.com q.stripe.com m.stripe.com	70 KB
4	google-analytics.com www.google-analytics.com	21 KB
4	googleapis.com fonts.googleapis.com	3 KB
2	amazonaws.com f7imwt1lmg.execute-api.us-east-1.amazonaws.com	881 B
2	stripe.network m.stripe.network	87 KB
1	jsdelivr.net cdn.jsdelivr.net	53 KB
1	doubleclick.net stats.g.doubleclick.net	464 B
1	wistia.com fast.wistia.com	116 KB
1	hrandpayrollmailer.com 1 redirects dt.hrandpayrollmailer.com	716 B
108	13

	Domain	Requested by
45	d36ai2hkxl16us.cloudfront.net	www.hrandpayroll.com d36ai2hkxl16us.cloudfront.net
22	embed.tawk.to	www.hrandpayroll.com embed.tawk.to
9	www.hrandpayroll.com	www.hrandpayroll.com d36ai2hkxl16us.cloudfront.net
5	fonts.gstatic.com	fonts.googleapis.com
4	vsb100.tawk.to	embed.tawk.to
4	www.google-analytics.com	www.hrandpayroll.com www.google-analytics.com
4	fonts.googleapis.com	www.hrandpayroll.com embed.tawk.to
3	va.tawk.to	embed.tawk.to
3	js.stripe.com	www.hrandpayroll.com js.stripe.com
2	f7imwt1lmg.execute-api.us-east-1.amazonaws.com	d36ai2hkxl16us.cloudfront.net
2	m.stripe.network	js.stripe.com m.stripe.network
1	cdn.jsdelivr.net	embed.tawk.to
1	stats.g.doubleclick.net	www.google-analytics.com
1	m.stripe.com	m.stripe.network
1	q.stripe.com	www.hrandpayroll.com
1	fast.wistia.com	www.hrandpayroll.com
1	dt.hrandpayrollmailer.com	1 redirects
108	17

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.pinterest.com
www.thoughtindustries.com

Subject Issuer	Validity	Valid
www.hrandpayroll.com R3	`2021-09-05` - `2021-12-04`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2021-11-03`	4 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-28` - `2022-06-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2021-11-03`	4 months	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2020-10-27` - `2021-11-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Frame ID: 5150498CD71278F91A0A6FAF4C2448CE
Requests: 91 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
Frame ID: F456DD2D61276BFFC47C5191820025DF
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 98B4E4CD924C5F35E220116AF0A59316
Requests: 4 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/61483167bf6/css/min-widget.css
Frame ID: 2F6810E281F0D50AA9561B0882FE5D1B
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/61483167bf6/css/message-preview.css
Frame ID: 82472133BF7D163D61CFE2A495032539
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/61483167bf6/css/bubble-widget.css
Frame ID: 25933E55F9552064EE6843AFB0B3432C
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/61483167bf6/css/max-widget.css
Frame ID: FBA61E4381B85B4B7658B06CF49DCCD8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The In’s and Out’s of the Form I-9 and E-Verify: Best Practices to Avoid Steep Penalties - HR and Payroll Academy

Page URL History Show full URLs

https://dt.hrandpayrollmailer.com/t/click/OTA1NzU2LzUxMTA2Nzk3Ny8xODY0MzcxNy80ODQ5M2VlY2UwNzI0OTQyZDY4YzE5N2Mz... HTTP 302
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4... Page URL

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

108
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

17
Subdomains

15
IPs

2
Countries

2261 kB
Transfer

8152 kB
Size

13
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fthe-ins-and-outs-of-the-form-i-9-and-e-verify

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=The+In%E2%80%99s+and+Out%E2%80%99s+of+the+Form+I-9+and+E-Verify%3A+Best+Practices+to+Avoid+Steep+Penalties&url=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fthe-ins-and-outs-of-the-form-i-9-and-e-verify

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/cws/share?url=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fthe-ins-and-outs-of-the-form-i-9-and-e-verify&xdOrigin=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fthe-ins-and-outs-of-the-form-i-9-and-e-verify%3Futm_source%3DNewsmanapp4_092221%26utm_medium%3Demail%26utm_content%3DI9E%26utm_campaign%3DE-Verify%2Band%2BForm%2BI-9%2BRequirements&xdChannel=186e4c94-c7cf-47dc-98d7-71979c6daa48&xd_origin_host=https%3A%2F%2Fwww.hrandpayroll.com

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?description=The+In%E2%80%99s+and+Out%E2%80%99s+of+the+Form+I-9+and+E-Verify%3A+Best+Practices+to+Avoid+Steep+Penalties&url=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fthe-ins-and-outs-of-the-form-i-9-and-e-verify&media=https%3A%2F%2Fd36ai2hkxl16us.cloudfront.net%2Fthoughtindustries%2Fimage%2Fupload%2Fa_exif%2Cc_lfill%2Cw_600%2Ch_600%2Fv1%2Fcourse-uploads%2F7d71cfc6-62ee-4cfc-8f15-ede17fde5685%2Fci71jblqc2ck-eretretrt.png

Search URL Search Domain Scan URL

URL: https://www.thoughtindustries.com/
Title: Thought Industries

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dt.hrandpayrollmailer.com/t/click/OTA1NzU2LzUxMTA2Nzk3Ny8xODY0MzcxNy80ODQ5M2VlY2UwNzI0OTQyZDY4YzE5N2MzYjczMWI2ZQ== HTTP 302
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

108 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set the-ins-and-outs-of-the-form-i-9-and-e-verify Show response
www.hrandpayroll.com/courses/
Redirect Chain

https://dt.hrandpayrollmailer.com/t/click/OTA1NzU2LzUxMTA2Nzk3Ny8xODY0MzcxNy80ODQ5M2VlY2UwNzI0OTQyZDY4YzE5N2MzYjczMWI2ZQ==
https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements

57 KB
15 KB

743ms
252ms

Document
text/html

52.0.214.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.0.214.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-214-116.compute-1.amazonaws.com

Software

Resource Hash

2605cd2f9a2e600ef8dd70a820c53784c920511b26189275b4efd4d57ed2bb67

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.hrandpayroll.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Vary: Accept-Encoding
x-ua-compatible: IE=Edge,chrome=1
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=604800
X-Frame-Options: SAMEORIGIN
nonce: a1ycl8ofti6fom3gey5aeu6y
Set-Cookie: csrf-token=dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0; path=/; secure; httponly csrf-token.sig=riHNR7nOsc_Kd9q6pXNGfjA6XbU; path=/; secure; httponly visitId=0.3640069211761843; path=/; expires=Wed, 22 Sep 2021 16:52:44 GMT koa.sess=eyJzZWNyZXQiOiI2Unl2Qk8wU3pwRzVlYi0wS3A0aFhlY1ciLCJfZXhwaXJlIjoxNjMyNDE0MTY0OTQ4LCJfbWF4QWdlIjo4NjQwMDAwMH0=; path=/; secure; httponly koa.sess.sig=rR5zd6B7fLTyP_ZkVmoc91gXUM4; path=/; secure; httponly
csrfToken: dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0
Content-Type: text/html; charset=utf-8
Content-Encoding: br
Date: Wed, 22 Sep 2021 16:22:45 GMT
Transfer-Encoding: chunked

Redirect headers

date: Wed, 22 Sep 2021 16:22:44 GMT
content-type: text/html; charset=UTF-8
location: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
x-server: anime1
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oc1y7WfJMj1BDm1KGf0w%2BMRx1U7DkcV8BrZkfPTV0hvNhVRTQkh2KJw7oiikPDCzpJi0Sgh6jKk22r68WnO%2BGUU1UHhdBYkj7QXGZRfXuUco63bbT2PbGyOua33hIyosGJmaoVkx8HqFP01n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 692cdfae9cfa277c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 6800-6bd77394ae4e2b569b73.css
d36ai2hkxl16us.cloudfront.net/v3/dist/ 695 KB
113 KB 51ms
13ms Stylesheet
text/css 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/6800-6bd77394ae4e2b569b73.css
Requested by: Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00b6b79bf0bd879c4c226f64ad36e7363b228efcac141b613ade128c7fd71afc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 19:14:05 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 17:25:02 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:0e6a6549aef0c3d03cc9d2f7c681e689
age: 76121
etag: W/"0e6a6549aef0c3d03cc9d2f7c681e689"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: text/css; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: pkpRFai-kQmpYx2cVPsRgaoyoUPlMk4MeCTwBBJeXHVna-WkAXj97Q==

GET
H2 200 1412-de18e4ae8d25b9d0d15c.css
d36ai2hkxl16us.cloudfront.net/v3/dist/ 7 KB
2 KB 46ms
8ms Stylesheet
text/css 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/1412-de18e4ae8d25b9d0d15c.css
Requested by: Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 49602d801eaa91a5bd55a764c0692f97ce4273f71bc552a2ac4952e5b8628df5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 19:14:05 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 00:42:03 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:02af5af5f8a1a4108e2fe1e86ff0a5e8
age: 76121
etag: W/"02af5af5f8a1a4108e2fe1e86ff0a5e8"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: text/css; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 1vmqnsYIzyGy38zO44f0FUV-5TZQ3ToQVuLZTujg0toq7dNx2kpKdQ==

GET
H/1.1 200
OK 7f70b6a0-3ce8-4775-bc3e-c5befada0e1b--1920c7a855--v2.css
www.hrandpayroll.com/appearance/company/ 1 KB
1 KB 141ms
140ms Stylesheet
text/css 52.0.214.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hrandpayroll.com/appearance/company/7f70b6a0-3ce8-4775-bc3e-c5befada0e1b--1920c7a855--v2.css

Requested by

Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.0.214.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-214-116.compute-1.amazonaws.com

Software

Resource Hash

a3ddad0d85359172655db65676f5881f77cea8a0b7fe236d6cf2ab3c5d8bc4de

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hrandpayroll.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Cookie: csrf-token=dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0; csrf-token.sig=riHNR7nOsc_Kd9q6pXNGfjA6XbU; visitId=0.3640069211761843; koa.sess=eyJzZWNyZXQiOiI2Unl2Qk8wU3pwRzVlYi0wS3A0aFhlY1ciLCJfZXhwaXJlIjoxNjMyNDE0MTY0OTQ4LCJfbWF4QWdlIjo4NjQwMDAwMH0=; koa.sess.sig=rR5zd6B7fLTyP_ZkVmoc91gXUM4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: br
X-Content-Type-Options: nosniff
nonce: dpp9hgkx18i5ga2bjxh8j3d4
csrfToken: dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0
Date: Wed, 22 Sep 2021 16:22:45 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 vendor.gulp.bundle.84a1729d.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 1 MB
290 KB 58ms
21ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.84a1729d.js
Requested by: Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e64ab45cb57337d36b6ad4fc7fc3e64befdfa65474f043193c05aa8d26de53a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 14:22:58 GMT
content-encoding: gzip
last-modified: Fri, 03 Sep 2021 13:53:05 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:84a1729dd4d80f97f94f1d79a31c4e2d
age: 1130388
etag: W/"84a1729dd4d80f97f94f1d79a31c4e2d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: fJwBF0g_P0Yj92z8djxJbCfflItuphTZSptjcrGTXhR5eIXp5oLrBg==

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 611 KB
116 KB 44ms
12ms Script
application/javascript 151.101.2.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.110 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1a4b43fb07ad99458a8b4ae92ad50181ae3dab6be26dfcc32a91b7d1a821c364

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:45 GMT
content-encoding: br
vary: Accept-Encoding
age: 1146
x-cache: HIT, HIT
content-length: 117866
x-served-by: cache-dca17735-DCA, cache-hhn4020-HHN
access-control-allow-origin: *
x-browser-version: 93
last-modified: Wed, 22 Sep 2021 13:48:34 GMT
x-timer: S1632327765.330649,VS0,VE0
etag: "614b3432-1cc6a"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 248

GET
H2 200 / Show response
js.stripe.com/v3/ 252 KB
67 KB 93ms
28ms Script
application/javascript 143.204.98.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-61.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4092796ebf4b0ae48fca6e95f64ba8514ee39e12f39a320b8681a12847816515

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:13 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 33
x-cache: Hit from cloudfront
x-edge-origin-shield-skipped: 0
x-amz-request-id: 60NW2912AWDWBFZG
x-amz-id-2: iT58S83UUS/5nZ8FTEAkKlASmgL8islUtCCvKLU6nID/+8ii1I+FkP8dkcWZYC1PAAyGLpzrX10=
access-control-allow-origin: *
last-modified: Tue, 21 Sep 2021 01:11:52 GMT
server: AmazonS3
etag: W/"a1463552944321c59222c0605b762be4"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control: max-age=60
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: fgZOfFj1lI2yfEYKw95Hf5tk2cxrfMs-5RtVMuLQeAsC4WSj3S5xSA==

GET
H2 200 4919-907d4b879c412cdccc70.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 324 KB
97 KB 15ms
14ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/4919-907d4b879c412cdccc70.bundle.js
Requested by: Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93ad73f4f1106c621eb1be25a212eeea22579eb174029a121ec3fdfda5873f9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:22:54 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 19:21:31 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:42b17bbf825793f234f1077ea642b36b
age: 676792
etag: W/"42b17bbf825793f234f1077ea642b36b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: L6OLBR_VCkCND_FBZbFB1LKo5RJ-JxcS180gVxBWoJVOELizaIcexQ==

GET
H2 200 1412-df73cdfcd48d6b9e8bd4.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 102 B
514 B 14ms
12ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/1412-df73cdfcd48d6b9e8bd4.bundle.js
Requested by: Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b24b5d0312cc95f04b1c6175d126943adc16bfee3584ea11026193a7504e713

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:03:53 GMT
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified: Wed, 21 Jul 2021 17:52:57 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:dbf1d68f372ebb4fcf7a4e14e55ac43a
age: 1696733
etag: "dbf1d68f372ebb4fcf7a4e14e55ac43a"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 102
x-amz-cf-id: PeP0f0qXZOVHHz9rWYz80W-G-q0ohmSgch0pjhK2ANeGG5nti5MS4Q==

GET
H2 200 6800-c947e003a81a9d0e26b5.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 343 KB
63 KB 49ms
48ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/6800-c947e003a81a9d0e26b5.bundle.js
Requested by: Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a09b7737e114a5740774de96a70f61bb6f0aae19a4c6acc6d48eb2d3cb49be0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 19:14:05 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 17:24:52 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:7256ec9d8b38875342762ae26c15f880
age: 76121
etag: W/"7256ec9d8b38875342762ae26c15f880"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: JUhHtJLas2R3zRR8j1Ros92THIPIHJ3s6_1wu7ZOwjdJ7TtNjEOa4A==

GET
H2 200 app-0898d772eb6c220f0b9e.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 7 KB
4 KB 29ms
29ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Requested by: Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e09e76c14416d37e302120a42869bef9b0ee6c557ce18eda975b5a87c064d92f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 19:14:05 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 17:24:53 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:d0081ef1e1fb8eadc96309d664937f35
age: 76121
etag: W/"d0081ef1e1fb8eadc96309d664937f35"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: k-g8odqglaceNrTHO_9jK8t1sLttPsqWlL2ajVwspqeWXI2iolpARg==

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 69ms
29ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bitter:300,400,700|Sintony:300,400,700|Nunito:300,400,600,700

Requested by

Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/appearance/company/7f70b6a0-3ce8-4775-bc3e-c5befada0e1b--1920c7a855--v2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

9bc0b9035c5c54e7642595bc171370eb508daba1a17d6687c1d377d08365d1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:22:45 GMT
server: ESF
date: Wed, 22 Sep 2021 16:22:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Sep 2021 16:22:45 GMT

GET
H2 200 default Show response
embed.tawk.to/5fb53e6c920fc91564c83a75/ 2 KB
976 B 48ms
17ms Script
application/x-javascript 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5fb53e6c920fc91564c83a75/default

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed2052884ce03ed89bf478e38959c580cb62df214f0d72d2ab31ac73a539f4bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
Origin: https://www.hrandpayroll.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 6158
etag: W/"stable-v4-61483167bf6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 692cdfb5cbc05c74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 53ms
16ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 5445
date: Wed, 22 Sep 2021 14:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 22 Sep 2021 16:52:00 GMT

GET
H2 200 zazd71fdlwwp9ucucoac.jpg
d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/v1499701412/ 43 KB
44 KB 53ms
53ms Image
image/jpeg 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/v1499701412/zazd71fdlwwp9ucucoac.jpg

Requested by

Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/appearance/company/7f70b6a0-3ce8-4775-bc3e-c5befada0e1b--1920c7a855--v2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.179 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-179.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

446eb45445ebc42055caeb49fc288b1e93498311bf7ef4673a9e2db57171409d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 23:01:44 GMT
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6542461
x-cache: Hit from cloudfront
server-timing: fastly;dur=1;cpu=0;start=2021-07-08T23:01:44.182Z;desc=hit,rtt;dur=1
content-length: 44049
last-modified: Mon, 10 Jul 2017 15:43:33 GMT
server: Cloudinary
etag: "2777382f5229810b5d5f660b94b47485"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: KGfn0v1e3q2a19Ul3pemlCmwvxrKVAA2UWgUDH7zsGvS-v-2M6Cq7g==

GET
H2 200 5815-e5f006ab9975c35bd03f.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 19 KB
5 KB 26ms
24ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/5815-e5f006ab9975c35bd03f.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eaef57ceaab0c64acc7943629daba6c4c834138eb68c32db7a9057d8486c8c78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:22:55 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 19:21:32 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:412e30bf6829d5da1b8c1a2e1fbcfbba
age: 676791
etag: W/"412e30bf6829d5da1b8c1a2e1fbcfbba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: d5M_hRVIoRNC1vdPyeadznsAzDnSYLX-_qC1V_ALo4vzBNamD7u49A==

GET
H2 200 1372-6be809301b66d5cc7962.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 19 KB
4 KB 10ms
7ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/1372-6be809301b66d5cc7962.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4d74cfa4e47740ff8cd9fde4fada3fa2d0f33478e868dfd892126e9388e251c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:40:14 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 16:23:47 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:e8768a836f85cb88df155374dbcb4736
age: 1442552
etag: W/"e8768a836f85cb88df155374dbcb4736"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 3lpkv3_OAU5AROChKv2mSHGbmhqQbtam-r85MUGZrsiGK_5g5ssz7g==

GET
H2 200 1193-92dd5b31a65c4ae62e6c.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 21 KB
6 KB 11ms
8ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/1193-92dd5b31a65c4ae62e6c.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6d83cefacfe1d2b02bf70c28982b9d8cfd5228d5c1c010f97e45a5bc7b98917

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 14:13:17 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 16:23:47 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:3ccfe634bd2cdf77f51d1fc3cba8e852
age: 612569
etag: W/"3ccfe634bd2cdf77f51d1fc3cba8e852"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: PCqTSMB8xE0kw27eLbbv_PNaL3BEKeN7Bp1sBXk3IEUrPobIAgN2rg==

GET
H2 200 8320-91e9c60f3a3282091980.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 32 KB
4 KB 12ms
10ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/8320-91e9c60f3a3282091980.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 791e85b8b8506f5e83cefaec053174a1103b5eae9106a9cea441e0466d5e82fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:22:55 GMT
content-encoding: gzip
last-modified: Fri, 27 Aug 2021 14:08:49 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:d71c37e915ebbe0be075c3861e34c2e2
age: 676791
etag: W/"d71c37e915ebbe0be075c3861e34c2e2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 67T3Iri1ZFztWkd3nvTZxRhWdoQR6wza2w4O7OTb9PZQNbLuwBWb6g==

GET
H2 200 8893-24ff7da0f11c7de956af.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 15 KB
3 KB 13ms
10ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/8893-24ff7da0f11c7de956af.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00a07b864adc8bac32ca067ecf7bae1faacb48b2c583006f65dea8485be64277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 00:59:59 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 16:24:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:b11d32bb8cf7ea667173f5aa2a1aaa41
age: 3338567
etag: W/"b11d32bb8cf7ea667173f5aa2a1aaa41"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Ebj5CqufNzAxNVBQNMW61TJ0qfb9WBpeYVIviiwmWhGI5H8LW0N8rA==

GET
H2 200 7764-b0329baa5e6c7ed18651.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 13 KB
3 KB 13ms
10ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/7764-b0329baa5e6c7ed18651.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36049c48883873de2904d5dab1e586964c0a9fc57035604537861b09db20d9e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:22:55 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 19:21:36 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:e8cf23559936472809cffbce482762fa
age: 676791
etag: W/"e8cf23559936472809cffbce482762fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Pfcjcp9BOQ2cPtibNYOuMxSFGXIrQm7ggG-Oekp_EHzvtpfvvVuqAw==

GET
H2 200 8282-c407a156755878fb4d20.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 76 KB
11 KB 13ms
10ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/8282-c407a156755878fb4d20.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f54030f20de234824d8dace638f601ec2ed7d6f63205087a65fa377b781e86d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:22:55 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 17:16:57 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:cf8dfc7824475feb3a32fb7bdd1a94b3
age: 676791
etag: W/"cf8dfc7824475feb3a32fb7bdd1a94b3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: aHpn78u8kNFP8E1EhWsUnsNBfjWeyZHTFkmrDf0vfSxnJ3TBv7rIKA==

GET
H2 200 4017-a68ebb49eb9c05d6d74e.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 14 KB
3 KB 14ms
10ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/4017-a68ebb49eb9c05d6d74e.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0dc572dd267f2996fe337488999895f2cf1f1b80e2f4c8abb5e6c217c42beefc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 14:13:17 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 16:23:55 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:36d1f35de519aaa680c4407ef58efd7e
age: 612569
etag: W/"36d1f35de519aaa680c4407ef58efd7e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ZLD3oCdw-s0oPpwwAZnvY7IeXme8TakAYigQNWPs8at3jmjs3dpRmQ==

GET
H2 200 2438-f24e15a145873b0929a8.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 17 KB
4 KB 25ms
22ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/2438-f24e15a145873b0929a8.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90d2b0510233cff4541c6014a2a1fc529deda36e8d769c79c8ce523ccd1efec8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 19:14:06 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 17:24:52 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:0e9315b3ca2219367ed60d4fbea1c9f9
age: 76120
etag: W/"0e9315b3ca2219367ed60d4fbea1c9f9"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: v25P4TgJTMC9B2m5AX_DQXdMHxJ-xa94zcZiwttTn2YwaSKUcwJvSw==

GET
H2 200 9504-1bc2e371749316d1a0c2.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 20 KB
5 KB 25ms
21ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/9504-1bc2e371749316d1a0c2.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4371defbb2c4b1d2cc0998da9ed03dbabbbc7c7e8d84f219c2cbbb424225cfbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:22:55 GMT
content-encoding: gzip
last-modified: Fri, 27 Aug 2021 21:26:06 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:6a86b71c5e74dbe2fcd671fba17a8e65
age: 676791
etag: W/"6a86b71c5e74dbe2fcd671fba17a8e65"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: urCW_cJIsbvgLcYxbQXVeJyhcRyXVQrSejotlLuloMY04CnCkTHOdQ==

GET
H2 200 1561-8f75f5b06fc4e08f730c.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 21 KB
4 KB 25ms
22ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/1561-8f75f5b06fc4e08f730c.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 858063f0b98aa6a926881c9e905161e3df72eec1e1bce66d40979c134c29e3f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:22:55 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 19:21:24 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:b492506ed2c074a8660cbba9e74a239d
age: 676791
etag: W/"b492506ed2c074a8660cbba9e74a239d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 8uxhhMi7ex-J8qyNMc0O_yAo4q-VzRYH4vXEZ3fr1rfq_89osw8hxQ==

GET
H2 200 3889-5022b6d34c20d09e1c4a.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 144 KB
17 KB 35ms
32ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/3889-5022b6d34c20d09e1c4a.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 76d79a986d18a06ac041c58c147e30a1c93f715949b1add86d960f00905f906e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:22:55 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 19:21:28 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:35484cadd62ffbba1cdffb2a56aafaf7
age: 676791
etag: W/"35484cadd62ffbba1cdffb2a56aafaf7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: oEJOQiIV2fgJUU0pJofNvbFDYLiiHhWt8WxeGYVA4kzZDmwMgABhEA==

GET
H2 200 748-6b6e7ce2a2b867c97b24.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 84 KB
12 KB 25ms
22ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/748-6b6e7ce2a2b867c97b24.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b2e7eadb13210c8ea76cd5ddc0729e4e494e1daf5b3af7e5ee34ca88a9204ecf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:22:55 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 19:21:35 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:becc0f8aa712cd71131b3788f04e64a4
age: 676791
etag: W/"becc0f8aa712cd71131b3788f04e64a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: usmjn5ewjgytFk3zkPeO9PdbGV52l2vHksiUyTH6LTsDZZipgEyBow==

GET
H2 200 1798-8b22f6e976d56d3b4504.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 32 KB
6 KB 35ms
32ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/1798-8b22f6e976d56d3b4504.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 045017c703164390ff405c941f7e2797bdb9a53b2c2ddabee90f0b142d66620f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 19:14:06 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 15:22:26 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:785c8dac741f316255ac462e5f4c6a20
age: 76120
etag: W/"785c8dac741f316255ac462e5f4c6a20"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: _Y96HKVjbzDkF9mvx_Lyx-NPugf3C7hKMPBmYE0NaCBP2KjBkHmXRA==

GET
H2 200 8799-f350686be6eaf633f6f8.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 21 KB
4 KB 25ms
22ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/8799-f350686be6eaf633f6f8.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6a1cf85600d92fbbf309d9d0011c2fb4349bb176013a13819c51ff50ea8b90d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:22:55 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 19:21:37 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:6d5b0a9365e5bab78855aef6309d1773
age: 676791
etag: W/"6d5b0a9365e5bab78855aef6309d1773"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: BVMwYFS30yE-F6ChdiStLeDnilVLMIseNBfyuq7QqgHQYQYParxTTg==

GET
H2 200 4747-2aed91aabfc0dec2b02d.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 22 KB
4 KB 26ms
23ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/4747-2aed91aabfc0dec2b02d.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 149c88660e089fdfddc792b85b71763eb12838d0ed3635fb82ea46cd65bbb80a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 23:21:16 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 14:44:22 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:37baeaeefab765d3a9e2f2d6fb56c13e
age: 838890
etag: W/"37baeaeefab765d3a9e2f2d6fb56c13e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ZOIEqf71Y53VPBNyX-K33kr0Q85JIaT7wjuiRHc8v7qQnvAlnQN-dQ==

GET
H2 200 7750-6a182d1df8b8d8ec30e1.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 79 KB
14 KB 26ms
23ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/7750-6a182d1df8b8d8ec30e1.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 32de0a2874e50bcfbdce01d8fede1aa8538233a7744d3e49f81911c55377c6e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:22:55 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 19:21:35 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:816eb473a47bf026ea2ec54622621a14
age: 676791
etag: W/"816eb473a47bf026ea2ec54622621a14"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: G6PpFD9onWzhV0b232A9EXKrelqfjjvkYBJfDCiQ3u3Cr2N0_F4Y_Q==

GET
H2 200 6896-cd3c0fcfd906e03fe77a.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 52 KB
8 KB 26ms
23ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/6896-cd3c0fcfd906e03fe77a.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5573e3723d3818affbae59da403df9159cb760557fe3f728f9a22d6a42d63fd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:22:55 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 19:21:34 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:dddca4c3f782f7196066a6110c0b0172
age: 676791
etag: W/"dddca4c3f782f7196066a6110c0b0172"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Krs8LeljVHigJSJM87_862Jz8K4GH6h2jE4O3Tbh6ZoXoKl_nny5NA==

GET
H2 200 2647-599e9cf118e303c0dd3a.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 28 KB
6 KB 35ms
32ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/2647-599e9cf118e303c0dd3a.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b803e76d8f10df36e733d13a90574a2b122955b080dea2af63df56478ab57c33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:22:55 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 19:21:27 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:bd11c5e133286941453c0c27c12ac830
age: 676791
etag: W/"bd11c5e133286941453c0c27c12ac830"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 3eFVaOxmvvD-CgwqaQ4HujEOPNfHI4qJcVghBYHVYVZQq10IymalSg==

GET
H2 200 655-b674d6e0488ce7086548.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 15 KB
4 KB 27ms
25ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/655-b674d6e0488ce7086548.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95bc885b240826113afec5f417f8976dbc42ecb2373ce9788868a5419df91b05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:22:55 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 19:21:33 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:2022ba1e2610a5303bf548f036d34360
age: 676791
etag: W/"2022ba1e2610a5303bf548f036d34360"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: BQPWDXJ_zYHT5X60XIs8Pf439rwZaMEUkgmZRPaS2sMR6cduGmfhtQ==

GET
H2 200 4097-41fd3041ad188cd204fc.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 80 KB
11 KB 27ms
25ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/4097-41fd3041ad188cd204fc.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ab1c42d4644a5a4fad242c723d105dab1587f7481a075ebf58a30684afa1e830

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:22:55 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 19:21:29 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:84e9d4ce10234876c9c6238247884158
age: 676791
etag: W/"84e9d4ce10234876c9c6238247884158"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: A6bw8KghYIDWoiWJG5Omo-CDGCbRKczcqFyZzUJ6ep9mogWWmcCK2w==

GET
H2 200 3423-c0fb675b99e97a8cea7d.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 24 KB
5 KB 34ms
32ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/3423-c0fb675b99e97a8cea7d.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 34942cb04a732f9c361a51d1a0c5c767c9ac7e02d2335a710ab2c90b4fadc6bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:22:55 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 19:21:28 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:7227617f4d14d26b046c28f291e61002
age: 676791
etag: W/"7227617f4d14d26b046c28f291e61002"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 9iEC7TA3VMSH51sBzAJH292TKKCNVJYuB7ky_Dn2xb66deoU0QfluA==

GET
H2 200 6046-62f02ff80a06d47f2c58.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 24 KB
4 KB 26ms
24ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/6046-62f02ff80a06d47f2c58.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 305efbdc95fd674370c2caa2b2d14428dbca655a764c2e87423defb5a92e8f0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 19:14:06 GMT
content-encoding: gzip
last-modified: Thu, 26 Aug 2021 15:33:13 GMT
server: AmazonS3
age: 76120
etag: W/"4b9c9cd4704d9ad8fc91ed230fc2953e"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: epaKaxStJptV_mWKmrnJtTWhJIlydC6QOv6RQSxLzFPd_eSa2JlnTg==

GET
H2 200 3622-eb9d4a13705299ea93c0.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 21 KB
5 KB 26ms
24ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/3622-eb9d4a13705299ea93c0.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4ad0c234031b965ad9a54fd4254392c6aadf7c4a7d8fc6039ff8da538d1f5a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:22:55 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 19:21:28 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:b2e4c6c7c964761cae57098ee70641ff
age: 676791
etag: W/"b2e4c6c7c964761cae57098ee70641ff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: cuJJv1FeteRbDaR3owFOfzZWv2_w5PbhYu2xJyyGWrQkS9l8BobwsQ==

GET
H2 200 3464-f61abc36aa4d8f5627b3.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 19 KB
4 KB 27ms
26ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/3464-f61abc36aa4d8f5627b3.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6109c96d40793c803c9c7d62245516e0540916416aeb7a28a7a281cfa9782c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:20:13 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 16:23:54 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:c7fde918de895f9cc71ab30f14972ee1
age: 4312953
etag: W/"c7fde918de895f9cc71ab30f14972ee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: GT9YBu8m9pBhxDWu2c8ufQ_AMTTU2UFt9Ju8kYUY34S2GR2QWJhg4Q==

GET
H2 200 7970-7a31bbf02157952b54a1.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 18 KB
5 KB 27ms
26ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/7970-7a31bbf02157952b54a1.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca4b8ac1dd404575bb669c07a653c378aeb907651b7369440f1e70bf86b0db2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:22:55 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 19:21:36 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:f53e8b08478c380ea4cdc6b402eca222
age: 676791
etag: W/"f53e8b08478c380ea4cdc6b402eca222"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: t21hRuKVgs9ty6dd7Z6pNQ66NBUB3ioB2c_-1wO3hKtw-4PnKNRgcg==

GET
H2 200 1988-2db68516f8b37cc6db76.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 1 MB
162 KB 43ms
42ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/1988-2db68516f8b37cc6db76.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb481741fcc0a89db407810577d0bbe5560c547a7353efce1b191aa3657dabf3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 19:14:06 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 17:24:51 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:41c901635d6a8560b01cb859d4bef799
age: 76120
etag: W/"41c901635d6a8560b01cb859d4bef799"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: DyjnAR4iZERNcuP5QYBQy9wABl1vggNF05e7EWy73PEhxEA3HTOLZA==

GET
H2 200 2345-152f6a9cdafa93a1c8d0.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 12 KB
3 KB 28ms
27ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/2345-152f6a9cdafa93a1c8d0.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dcb82635faab53e8f4da8621aab0ab40d3e5c08e45c86348d319f35262f3320b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:22:55 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 19:21:26 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:0354cfc886696d2a366101c6310566e5
age: 676791
etag: W/"0354cfc886696d2a366101c6310566e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: z0q8EkBGLU_niIs1Yg1JG8w3OO7pE4c7wyCupKn5jNoMGslxdYuMjA==

GET
H2 200 9564-b6a15b380d20766bd404.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 46 KB
8 KB 28ms
27ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/9564-b6a15b380d20766bd404.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 98b158ad5698e0a0905ab6399f960451f8254420301b1fffae143f58cd42b51f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:22:56 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 19:21:38 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:50d509b4f236577e953fa3e9f7d12b2a
age: 676790
etag: W/"50d509b4f236577e953fa3e9f7d12b2a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: OijnhY1VSHYdPNHWn-DpbyhkbyVde4XM3Iol6O_7ThqjBAd2QndUfA==

GET
H2 200 8413-ae660815c2d7c6d39f8a.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 43 KB
7 KB 38ms
38ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/8413-ae660815c2d7c6d39f8a.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 128ec282be568988b2c99db759825d407ab4823bea477a3c6be3c0c00612c802

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:22:56 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 19:21:36 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:fcead44464b6b4d1664baafbc231fd76
age: 676790
etag: W/"fcead44464b6b4d1664baafbc231fd76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: qozI_KfqEO8V7gOfKbjOPEet3_WxgQ4aKoa6iy8dtiaEtV1i9uY08A==

GET
H2 200 4935-584a0e506ef6dfc31975.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 61 KB
10 KB 35ms
34ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/4935-584a0e506ef6dfc31975.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc1b40576d26bec5320424aa50da1f6a95c0aa588542ee26a6dea9169902498b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:23:04 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 19:21:31 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:17fac24dd859d3d81920abeecd75a67a
age: 676782
etag: W/"17fac24dd859d3d81920abeecd75a67a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: hMuQKFD6EHB7LupoX-YLy1ByfE3GzjlLEkfp7bohMQxNZQvoc-SAFA==

GET
H2 200 m-outer-9475bd26486e6119b23924eebd3d561a.html Show response
js.stripe.com/v3/ Frame F456 215 B
969 B 31ms
30ms Document
text/html 143.204.98.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-61.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

13e44ac91c0d0e34922532b04d931246156aef649b2ac9cacc69ad75ce63ad00

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hrandpayroll.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 215
x-amz-id-2: 7BLLiJ1gHrxR5/kRpUgXri9j/MhI5X+SwKW9nYdJNFbRc12NHz/0pctqArC7jxIBe7xoJno4r6Y=
x-amz-request-id: CJDF9R78BB42M5ES
last-modified: Wed, 01 Sep 2021 21:34:43 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
x-edge-origin-shield-skipped: 0
date: Wed, 22 Sep 2021 16:22:10 GMT
cache-control: max-age=60
etag: "9475bd26486e6119b23924eebd3d561a"
x-cache: Hit from cloudfront
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 95G2fEQdVn5j2xq18xy9E4LdnwmKTMrVO9tad_I3Cmqe-8590OGU1Q==
age: 35

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
1 KB 15ms
15ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Sep 2021 17:16:13 GMT

GET
H2 200 m-outer-f045e3b6b64aa0e635a6cabefc84daae.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F456 1 KB
2 KB 24ms
24ms Script
application/javascript 143.204.98.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-61.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e8e9871cf0af9019f2a0094a2ce12eb7794c104f7f38d9f75e7017c9d26e7cf6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"01f873d478053c6a0368329ea08f7a10"
age: 32
x-cache: Hit from cloudfront
x-edge-origin-shield-skipped: 0
x-amz-request-id: YGTEE86DW9FT29Q3
x-amz-id-2: +JLOt/VPb6id54QNpxQYIxR0G27wKadkHiY0/nuXO+KOe1wJ3nU20+o436UY2S++CYuv+2ycA0c=
access-control-allow-origin: *
last-modified: Wed, 01 Sep 2021 21:34:46 GMT
server: AmazonS3
date: Wed, 22 Sep 2021 16:22:14 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control: max-age=60
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: B-tqnPKHkpJxo0XtP1vadDfszDJp7wsOlUsrSUuVNcVSmUJWBNzd7Q==

GET
H/1.1 200
OK cart Show response
www.hrandpayroll.com/orders/ 37 B
493 B 224ms
224ms XHR
application/json 52.0.214.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hrandpayroll.com/orders/cart

Requested by

Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.84a1729d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.0.214.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-214-116.compute-1.amazonaws.com

Software

Resource Hash

ef7f208ee05b21c55a88213ab9fe90d3fa3a8fc6349b46bb576d31dc3150909c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
nonce: a1ycl8ofti6fom3gey5aeu6y
Accept-Language: de-DE,de;q=0.9
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Cookie: csrf-token=dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0; csrf-token.sig=riHNR7nOsc_Kd9q6pXNGfjA6XbU; visitId=0.3640069211761843; koa.sess=eyJzZWNyZXQiOiI2Unl2Qk8wU3pwRzVlYi0wS3A0aFhlY1ciLCJfZXhwaXJlIjoxNjMyNDE0MTY0OTQ4LCJfbWF4QWdlIjo4NjQwMDAwMH0=; koa.sess.sig=rR5zd6B7fLTyP_ZkVmoc91gXUM4; _ga=GA1.2.131228663.1632327766; _gid=GA1.2.1792467144.1632327766
Connection: keep-alive
Pragma: no-cache
Host: www.hrandpayroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
Referer: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Sec-Fetch-Site: same-origin
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
nonce: a1ycl8ofti6fom3gey5aeu6y
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
Date: Wed, 22 Sep 2021 16:22:45 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Vary: Accept-Encoding
Content-Length: 37
X-XSS-Protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK 7f70b6a0-3ce8-4775-bc3e-c5befada0e1b Show response
www.hrandpayroll.com/learn/appearanceBlocks/ 741 B
1 KB 116ms
116ms XHR
application/json 52.0.214.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hrandpayroll.com/learn/appearanceBlocks/7f70b6a0-3ce8-4775-bc3e-c5befada0e1b

Requested by

Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.84a1729d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.0.214.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-214-116.compute-1.amazonaws.com

Software

Resource Hash

8fce468a96af3813141e60e330274e58d8a8b7fae01f24aef07e162fc3873de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
nonce: a1ycl8ofti6fom3gey5aeu6y
Accept-Language: de-DE,de;q=0.9
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Cookie: csrf-token=dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0; csrf-token.sig=riHNR7nOsc_Kd9q6pXNGfjA6XbU; visitId=0.3640069211761843; koa.sess=eyJzZWNyZXQiOiI2Unl2Qk8wU3pwRzVlYi0wS3A0aFhlY1ciLCJfZXhwaXJlIjoxNjMyNDE0MTY0OTQ4LCJfbWF4QWdlIjo4NjQwMDAwMH0=; koa.sess.sig=rR5zd6B7fLTyP_ZkVmoc91gXUM4; _ga=GA1.2.131228663.1632327766; _gid=GA1.2.1792467144.1632327766
Connection: keep-alive
Pragma: no-cache
Host: www.hrandpayroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
Referer: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Sec-Fetch-Site: same-origin
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
nonce: a1ycl8ofti6fom3gey5aeu6y
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken

Response headers

Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
nonce: ohr3z3pfpe95m149zzk6y7g1
csrfToken: dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0
Date: Wed, 22 Sep 2021 16:22:45 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding
Content-Length: 741
X-XSS-Protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK a61ba6d5-8e84-458c-99d4-390ccdc78b46 Show response
www.hrandpayroll.com/learn/micrositeFooterBlocks/ 320 B
722 B 242ms
127ms XHR
application/json 52.0.214.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hrandpayroll.com/learn/micrositeFooterBlocks/a61ba6d5-8e84-458c-99d4-390ccdc78b46

Requested by

Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.84a1729d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.0.214.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-214-116.compute-1.amazonaws.com

Software

Resource Hash

ee685f9d7cb5b597ec3e74bbff5f3dd31ab69cf9315ddcb9cdfe991b2da649f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
nonce: a1ycl8ofti6fom3gey5aeu6y
Accept-Language: de-DE,de;q=0.9
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Cookie: csrf-token=dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0; csrf-token.sig=riHNR7nOsc_Kd9q6pXNGfjA6XbU; visitId=0.3640069211761843; koa.sess=eyJzZWNyZXQiOiI2Unl2Qk8wU3pwRzVlYi0wS3A0aFhlY1ciLCJfZXhwaXJlIjoxNjMyNDE0MTY0OTQ4LCJfbWF4QWdlIjo4NjQwMDAwMH0=; koa.sess.sig=rR5zd6B7fLTyP_ZkVmoc91gXUM4; _ga=GA1.2.131228663.1632327766; _gid=GA1.2.1792467144.1632327766
Connection: keep-alive
Pragma: no-cache
Host: www.hrandpayroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
Referer: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Sec-Fetch-Site: same-origin
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
nonce: a1ycl8ofti6fom3gey5aeu6y
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken

Response headers

Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
nonce: 1ac0uguefrhyr6z3zjhxd8xb
csrfToken: dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0
Date: Wed, 22 Sep 2021 16:22:46 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding
Content-Length: 320
X-XSS-Protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK 288d778f-8c4f-42fe-8342-9ed9842f2da8 Show response
www.hrandpayroll.com/learn/micrositeHeaderBlocks/ 599 B
1001 B 297ms
112ms XHR
application/json 52.0.214.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hrandpayroll.com/learn/micrositeHeaderBlocks/288d778f-8c4f-42fe-8342-9ed9842f2da8?

Requested by

Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.84a1729d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.0.214.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-214-116.compute-1.amazonaws.com

Software

Resource Hash

1823032a9fe743626313a25beaaa1e473778dcb343043736eee4350b3aabfda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
nonce: a1ycl8ofti6fom3gey5aeu6y
Accept-Language: de-DE,de;q=0.9
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Cookie: csrf-token=dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0; csrf-token.sig=riHNR7nOsc_Kd9q6pXNGfjA6XbU; visitId=0.3640069211761843; koa.sess=eyJzZWNyZXQiOiI2Unl2Qk8wU3pwRzVlYi0wS3A0aFhlY1ciLCJfZXhwaXJlIjoxNjMyNDE0MTY0OTQ4LCJfbWF4QWdlIjo4NjQwMDAwMH0=; koa.sess.sig=rR5zd6B7fLTyP_ZkVmoc91gXUM4; _ga=GA1.2.131228663.1632327766; _gid=GA1.2.1792467144.1632327766
Connection: keep-alive
Pragma: no-cache
Host: www.hrandpayroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken
Accept: */*
Cache-Control: no-cache
Referer: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Sec-Fetch-Site: same-origin
Accept: */*
Referer: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
nonce: a1ycl8ofti6fom3gey5aeu6y
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken

Response headers

Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
nonce: 9peqkp46g4i2snw64tg221xn
csrfToken: dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0
Date: Wed, 22 Sep 2021 16:22:46 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding
Content-Length: 599
X-XSS-Protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 98B4 932 B
1 KB 55ms
6ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: max-age=300, public
content-security-policy: connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
accept-ranges: bytes
date: Wed, 22 Sep 2021 16:22:45 GMT
via: 1.1 varnish
age: 62
x-served-by: cache-fra19168-FRA
x-cache: HIT
x-cache-hits: 55
x-timer: S1632327766.887133,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 932

GET
H2 200 rax8HiqOu8IVPmn7f4xp.woff2
fonts.gstatic.com/s/bitter/v19/ 30 KB
31 KB 58ms
17ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v19/rax8HiqOu8IVPmn7f4xp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:300,400,700|Sintony:300,400,700|Nunito:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

ebb47fd79ee856806fec5c85f947b3a908cbe3cfef92099fa4c9b481f092f6f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hrandpayroll.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 17:48:25 GMT
x-content-type-options: nosniff
age: 254060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30792
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 23:04:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Sep 2022 17:48:25 GMT

POST
H2 421 csp-report
q.stripe.com/ Frame 98B4 96 B
260 B 694ms
169ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.hrandpayroll.com
URL: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: 584031dc928dc12e2556bfc8692ef390bb6d43c3eaa3527707ca8486f1fe48f0

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
x-envoy-upstream-service-time: 0
x-stripe-response-code-rewrite: 502
server: nginx
x-stripe-no-route: cdn-csp-report-srv.service.envoy
content-length: 96
content-type: text/plain

GET
H2 200 out-4.5.40.js Show response
m.stripe.network/ Frame 98B4 85 KB
85 KB 6ms
6ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.40.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
via: 1.1 varnish
x-content-type-options: nosniff
server: Fastly
age: 3
date: Wed, 22 Sep 2021 16:22:45 GMT
x-served-by: cache-fra19168-FRA
vary: Accept-Encoding, Origin
x-cache: HIT
content-type: application/javascript
cache-control: max-age=300, public
accept-ranges: bytes
x-timer: S1632327766.901051,VS0,VE0
content-length: 87228
x-cache-hits: 2

GET
H3 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/61483167bf6/js/ 121 B
507 B 28ms
18ms Script
application/javascript 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5fb53e6c920fc91564c83a75/default

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
Origin: https://www.hrandpayroll.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 151828
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 07:01:03 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 692cdfb98a26699b-FRA

GET
H3 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/61483167bf6/js/ 76 KB
27 KB 38ms
30ms Script
application/javascript 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5fb53e6c920fc91564c83a75/default

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
Origin: https://www.hrandpayroll.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 151828
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 07:01:03 GMT
server: cloudflare
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 692cdfb98a31699b-FRA

GET
H3 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/61483167bf6/js/ 191 KB
57 KB 36ms
28ms Script
application/javascript 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5fb53e6c920fc91564c83a75/default

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ee71aa15bd6f5e9f650cb2fd28073635fe050d7e71b61a7dae31094f5466236

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
Origin: https://www.hrandpayroll.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 151829
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 07:01:03 GMT
server: cloudflare
etag: W/"f5397b5e368531031773bbfe6ac26ab8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 692cdfb98a20699b-FRA

GET
H3 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/61483167bf6/js/ 136 KB
34 KB 77ms
69ms Script
application/javascript 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5fb53e6c920fc91564c83a75/default

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

509e2fdc820147df1cdc5f27fca75ad561761f95af1b68faab42160013f8f2c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
Origin: https://www.hrandpayroll.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 151828
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 07:01:03 GMT
server: cloudflare
etag: W/"9bc7c334899155070faef320af658bae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 692cdfb98a1f699b-FRA

GET
H3 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/61483167bf6/js/ 2 KB
1 KB 30ms
22ms Script
application/javascript 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5fb53e6c920fc91564c83a75/default

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

631105904eaf607e58b401a5bb1b8cf111d9c22e0576a6571cb39077aaac3211

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
Origin: https://www.hrandpayroll.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 151829
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 07:01:03 GMT
server: cloudflare
etag: W/"c9988f3f6096def2f280e804e16e18fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 692cdfb98a28699b-FRA

GET
H3 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/61483167bf6/js/ 151 B
495 B 49ms
41ms Script
application/javascript 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5fb53e6c920fc91564c83a75/default

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
Origin: https://www.hrandpayroll.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 151829
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 07:01:03 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 692cdfb98a1a699b-FRA

POST
H2 200 6 Show response
m.stripe.com/ Frame 98B4 156 B
517 B 2971ms
172ms XHR
text/plain 54.186.42.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.42.192 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-42-192.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9c6629528a3fe2e5226157b8650be9f9cbe5a47331854f9a1963b8fc865a0f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 Sep 2021 16:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

POST
H2 200 register Show response
va.tawk.to/ 1 KB
2 KB 231ms
201ms Fetch
application/json 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/register

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16b2b45d45011a0d727a9a44bde08ed051561eb0f100f1c3991117f16df27f52

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: visitor-application-preemptive-3sxk
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.hrandpayroll.com
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 692cdfba5dc9323c-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 2 KB
1 KB 523ms
509ms Fetch
application/json 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5fb53e6c920fc91564c83a75&widgetId=default&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7e443ba2a4d5822b7d8ff47e94a53966d25055e9cc22fc952f8aea2512d3de7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: visitor-application-preemptive-lh56
server: cloudflare
etag: W/"2-8-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 692cdfba3edd5c74-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H2 200 8243-4649b242c2369269c87f.bundle.js Show response
d36ai2hkxl16us.cloudfront.net/v3/dist/ 552 KB
130 KB 67ms
66ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/8243-4649b242c2369269c87f.bundle.js
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/app-0898d772eb6c220f0b9e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3928531c34679a1d5bede57b36f81497b3f1769b3486fe81dfcaa7df8e1bd0fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 19:14:08 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 00:41:56 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:780338fec39ba0fbdab688e3426dcd60
age: 76119
etag: W/"780338fec39ba0fbdab688e3426dcd60"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: QtgoKFe1ACCaPqqlcaopStaqMg8phVQazfMEF-zU94kyCqp7W7EJtQ==

GET
H2 200 nbxkunvv9iex-HRPayrollLogoFINAL_pngfilecopy.png
d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/a_exif,c_lfill,h_150,dpr_2.0/v1/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/ 14 KB
14 KB 12ms
12ms Image
image/png 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/a_exif,c_lfill,h_150,dpr_2.0/v1/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/nbxkunvv9iex-HRPayrollLogoFINAL_pngfilecopy.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.179 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-179.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

b54afb8c17fa8cda50fe0ef2bc109178c905df1ed71d2836f5443ed4e86f466b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 07:58:17 GMT
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 203069
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
server-timing: fastly;dur=1;cpu=0;start=2021-09-20T07:58:17.203Z;desc=hit,rtt;dur=3
content-length: 13847
last-modified: Thu, 15 Oct 2020 16:10:45 GMT
server: Cloudinary
etag: "ca6beead094c4b62903dad92f4b3e2c9"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: IrUw-BayQl59tYAWsAC2Jq4P0SYdCQEUA1Oz2IVG_6_XkRvVEZu_nA==

POST
H/1.1 200
OK graphql Show response
www.hrandpayroll.com/ 17 KB
5 KB 303ms
303ms Fetch
text/plain 52.0.214.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hrandpayroll.com/graphql

Requested by

Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/4919-907d4b879c412cdccc70.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.0.214.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-214-116.compute-1.amazonaws.com

Software

Resource Hash

be534bf7510c834e284b20351b1c1b7f39443c6a605381a640ce52e3cc4be58f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Origin: https://www.hrandpayroll.com
nonce: 9peqkp46g4i2snw64tg221xn
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Cookie: csrf-token=dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0; csrf-token.sig=riHNR7nOsc_Kd9q6pXNGfjA6XbU; visitId=0.3640069211761843; koa.sess=eyJzZWNyZXQiOiI2Unl2Qk8wU3pwRzVlYi0wS3A0aFhlY1ciLCJfZXhwaXJlIjoxNjMyNDE0MTY0OTQ4LCJfbWF4QWdlIjo4NjQwMDAwMH0=; koa.sess.sig=rR5zd6B7fLTyP_ZkVmoc91gXUM4; _ga=GA1.2.131228663.1632327766; _gid=GA1.2.1792467144.1632327766; TawkConnectionTime=1632327766300
Connection: keep-alive
Content-Length: 4813
Pragma: no-cache
Host: www.hrandpayroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken
Accept: */*
Cache-Control: no-cache
Referer: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Sec-Fetch-Site: same-origin
Content-Type: application/json
Accept: */*
Referer: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
nonce: 9peqkp46g4i2snw64tg221xn
authToken
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: br
X-Content-Type-Options: nosniff
nonce: br0hegeh0af970fynur2kak8
csrfToken: dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0
Date: Wed, 22 Sep 2021 16:22:46 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1

OPTIONS
H/1.1 200
OK views
f7imwt1lmg.execute-api.us-east-1.amazonaws.com/latest/ Frame 0
0 315ms
277ms Preflight
application/json 13.32.121.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f7imwt1lmg.execute-api.us-east-1.amazonaws.com/latest/views
Protocol: HTTP/1.1
Server: 13.32.121.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-85.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authtoken,nonce
Origin: https://www.hrandpayroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: application/json
Content-Length: 0
Connection: keep-alive
Date: Wed, 22 Sep 2021 16:22:46 GMT
x-amzn-RequestId: 38d667c7-3214-4d56-a630-84b727367af6
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Api-Version,X-CSRF-Token,Authentication,nonce,authToken
x-amz-apigw-id: GEq9mFPRIAMFobw=
Access-Control-Allow-Methods: POST,OPTIONS
X-Cache: Miss from cloudfront
Via: 1.1 814952d19d560b49ff15ad2f71e400d3.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P1
X-Amz-Cf-Id: tJ5XrfMz7YBa7558NFycwTSpGoE5ZHujLAe0ZcrU_plqH9Ba8Ccn0g==

POST
H/1.1 201
Created views Show response
f7imwt1lmg.execute-api.us-east-1.amazonaws.com/latest/ 224 B
881 B 378ms
377ms XHR
text/plain 13.32.121.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f7imwt1lmg.execute-api.us-east-1.amazonaws.com/latest/views
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.84a1729d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-85.fra60.r.cloudfront.net
Software: /
Resource Hash: 59466721c11d4594facf64ceb667280c9d509c47142166064be0c26c7627247b

Request headers

Accept: */*
Referer: https://www.hrandpayroll.com/
nonce: 9peqkp46g4i2snw64tg221xn
Accept-Language: de-DE,de;q=0.9
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken

Response headers

Date: Wed, 22 Sep 2021 16:22:47 GMT
Via: 1.1 814952d19d560b49ff15ad2f71e400d3.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P1
x-amzn-RequestId: b93e61ef-5472-4987-9bea-58bf72d0c476
X-Cache: Miss from cloudfront
Content-Type: text/plain
Access-Control-Allow-Origin: *
X-Amzn-Trace-Id: Root=1-614b5857-6ca5e0fc722092ce72f72836;Sampled=0
Access-Control-Allow-Headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Api-Version,X-CSRF-Token,Authentication,nonce,authToken
Connection: keep-alive
x-amz-apigw-id: GEq9pF44oAMFqGg=
Content-Length: 224
X-Amz-Cf-Id: 4EwqNkTSzhF43SuePM8nGWQ_iasOjqX_cjYTvl30X_ptIznVr60-uw==

GET
H/1.1 200
OK keep_alive Show response
www.hrandpayroll.com/learn/ 22 B
423 B 108ms
108ms XHR
application/json 52.0.214.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hrandpayroll.com/learn/keep_alive

Requested by

Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/vendor.gulp.bundle.84a1729d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.0.214.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-214-116.compute-1.amazonaws.com

Software

Resource Hash

769d05e66129d07f000aaa2857f96cb208ceb8e9a65175430ee3e747bde97abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
nonce: 9peqkp46g4i2snw64tg221xn
Accept-Language: de-DE,de;q=0.9
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Cookie: csrf-token=dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0; csrf-token.sig=riHNR7nOsc_Kd9q6pXNGfjA6XbU; visitId=0.3640069211761843; koa.sess=eyJzZWNyZXQiOiI2Unl2Qk8wU3pwRzVlYi0wS3A0aFhlY1ciLCJfZXhwaXJlIjoxNjMyNDE0MTY0OTQ4LCJfbWF4QWdlIjo4NjQwMDAwMH0=; koa.sess.sig=rR5zd6B7fLTyP_ZkVmoc91gXUM4; _ga=GA1.2.131228663.1632327766; _gid=GA1.2.1792467144.1632327766; TawkConnectionTime=0
Connection: keep-alive
Pragma: no-cache
Host: www.hrandpayroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken
Accept: */*
Cache-Control: no-cache
Referer: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Sec-Fetch-Site: same-origin
Accept: */*
Referer: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
nonce: 9peqkp46g4i2snw64tg221xn
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken

Response headers

Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
nonce: c7ndtu30fa7knyj0idkmx0xy
csrfToken: dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0
Date: Wed, 22 Sep 2021 16:22:46 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding
Content-Length: 22
X-XSS-Protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
464 B 44ms
15ms XHR
text/plain 74.125.71.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-186820055-1&cid=131228663.1632327766&jid=583902432&gjid=397230188&_gid=1792467144.1632327766&_u=KGBAgEIRAAAAAE~&z=1281485553

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.71.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wn-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 22 Sep 2021 16:22:46 GMT
content-type: text/plain
access-control-allow-origin: https://www.hrandpayroll.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=70683090&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fthe-ins-and-outs-of-the-form-i-9-and-e-verify%3Futm_source%3DNewsmanapp4_092221%26utm_medium%3Demail%26utm_content%3DI9E%26utm_campaign%3DE-Verify%2Band%2BForm%2BI-9%2BRequirements&dp=%2Fcourses%2Fthe-ins-and-outs-of-the-form-i-9-and-e-verify%3Futm_source%3DNewsmanapp4_092221%26utm_medium%3Demail%26utm_content%3DI9E%26utm_campaign%3DE-Verify%2Band%2BForm%2BI-9%2BRequirements&ul=en-us&de=UTF-8&dt=%2Fcourses%2Fthe-ins-and-outs-of-the-form-i-9-and-e-verify%3Futm_source%3DNewsmanapp4_092221%26utm_medium%3Demail%26utm_content%3DI9E%26utm_campaign%3DE-Verify%2Band%2BForm%2BI-9%2BRequirements&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgEIR~&jid=583902432&gjid=397230188&cid=131228663.1632327766&tid=UA-186820055-1&_gid=1792467144.1632327766&z=1881877954

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 00:35:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56830
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ci71jblqc2ck-eretretrt.png
d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/a_exif,c_fill,w_800,h_433/v1/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/ 391 KB
392 KB 17ms
16ms Image
image/png 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d36ai2hkxl16us.cloudfront.net/thoughtindustries/image/upload/a_exif,c_fill,w_800,h_433/v1/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/ci71jblqc2ck-eretretrt.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.179 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-179.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

a4f7169a3076525379e4922323f84098f2631967ecf2cec540b65c33980531e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 13:12:18 GMT
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 11428
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
server-timing: fastly;dur=222;cpu=0;start=2021-09-22T13:12:17.916Z;desc=miss,rtt;dur=0,cloudinary;dur=131;start=2021-09-22T13:12:17.960Z
content-length: 400562
last-modified: Mon, 06 Sep 2021 11:36:09 GMT
server: Cloudinary
etag: "5b62f0f7954f60406ba4c453df9c5f1f"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: xb2YfERpaq72fzm7S538uEGEXd8F-n95MGhCgfvG-iXQ818icpINEA==

GET
H2 200 j34pc39jvqs4-ApprovedProvider_Seal4.jpg
d36ai2hkxl16us.cloudfront.net/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/ 9 KB
9 KB 15ms
14ms Image
image/jpeg 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d36ai2hkxl16us.cloudfront.net/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/j34pc39jvqs4-ApprovedProvider_Seal4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 70026d8402ecfe013750a85fa763334ad010576eb059de54e0701eda4b66340d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:57:36 GMT
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified: Fri, 16 Apr 2021 11:25:40 GMT
server: AmazonS3
age: 185111
etag: "25cde6b8d387381a757589b7547b8d48"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 8767
x-amz-cf-id: k7JS0A8LsLvJ4Mgtz71zDkNs7-Z5niy4d-7T4ZBIGHTuzhn6w7RJnw==

GET
H2 200 jfali3gakh5h-SHRMRecertificationProviderCP-SCPSeal2021.png
d36ai2hkxl16us.cloudfront.net/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/ 14 KB
14 KB 27ms
26ms Image
image/png 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d36ai2hkxl16us.cloudfront.net/course-uploads/7d71cfc6-62ee-4cfc-8f15-ede17fde5685/jfali3gakh5h-SHRMRecertificationProviderCP-SCPSeal2021.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f1d6834ee682c971705a1a145151df34bd54fae7ccb836115cb1f7164b27d3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:57:36 GMT
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified: Tue, 27 Apr 2021 16:09:02 GMT
server: AmazonS3
age: 185111
etag: "3101f04b676133d9bcdfab25d201c2db"
x-edge-origin-shield-skipped: 0
content-type: image/png
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 14112
x-amz-cf-id: C9EtRiZgL73BnRBTE5G0_TCoFMUzUOjLUL53XZWN5Kw3IS_B0Kdq5g==

GET
H3 200 XoHj2YDqR7-98cVUGYgIr9AJkw.woff2
fonts.gstatic.com/s/sintony/v8/ 8 KB
8 KB 39ms
17ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sintony/v8/XoHj2YDqR7-98cVUGYgIr9AJkw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:300,400,700|Sintony:300,400,700|Nunito:300,400,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

e73db0900053cb7929c23d8ed2d667dfbec582b4c67c61e2d0e4d184e7188b36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hrandpayroll.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:02:39 GMT
x-content-type-options: nosniff
age: 472807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8324
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:23:06 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Sep 2022 05:02:39 GMT

GET
H3 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v16/ 19 KB
19 KB 35ms
14ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:300,400,700|Sintony:300,400,700|Nunito:300,400,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hrandpayroll.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:39:15 GMT
x-content-type-options: nosniff
age: 600211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18972
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 02:44:35 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 17:39:15 GMT

GET
H3 200 XoHm2YDqR7-98cVUETMtug.woff2
fonts.gstatic.com/s/sintony/v8/ 8 KB
8 KB 41ms
20ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sintony/v8/XoHm2YDqR7-98cVUETMtug.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:300,400,700|Sintony:300,400,700|Nunito:300,400,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

bbd80981dfc0174f878b36a16f2df70fb71f52d418aedcc654d3020ff8e3faa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hrandpayroll.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 17:46:55 GMT
x-content-type-options: nosniff
age: 254151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8548
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:23:05 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Sep 2022 17:46:55 GMT

GET
H2 200 ti-icons-rev2.2.6.ttf
d36ai2hkxl16us.cloudfront.net/fonts/ 65 KB
65 KB 36ms
14ms Font
binary/octet-stream 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36ai2hkxl16us.cloudfront.net/fonts/ti-icons-rev2.2.6.ttf
Requested by: Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/6800-6bd77394ae4e2b569b73.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9377ac882a4e9b858aacee6d8451768b9d851a4aab5ac966ead2b1470f3b8e24

Request headers

Referer: https://d36ai2hkxl16us.cloudfront.net/v3/dist/6800-6bd77394ae4e2b569b73.css
Origin: https://www.hrandpayroll.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 07:58:19 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
vary: Origin
age: 203068
x-cache: Hit from cloudfront
content-length: 66060
last-modified: Tue, 01 Dec 2020 00:22:43 GMT
server: AmazonS3
etag: "ce4a2dfa4b9fbe97aa8b16639b1c58e7"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT
x-amz-version-id: F4shChbtuwJP5Z37P_oK8MUpB6o8ptFI
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: M5vuij61RB-V40FiLGQUElBCJ94FBRWt1NIATDsWAooq_CvpCwJ2Bg==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=70683090&t=timing&_s=2&dl=https%3A%2F%2Fwww.hrandpayroll.com%2Fcourses%2Fthe-ins-and-outs-of-the-form-i-9-and-e-verify%3Futm_source%3DNewsmanapp4_092221%26utm_medium%3Demail%26utm_content%3DI9E%26utm_campaign%3DE-Verify%2Band%2BForm%2BI-9%2BRequirements&ul=en-us&de=UTF-8&dt=The%20In%E2%80%99s%20and%20Out%E2%80%99s%20of%20the%20Form%20I-9%20and%20E-Verify%3A%20Best%20Practices%20to%20Avoid%20Steep%20Penalties%20-%20HR%20and%20Payroll%20Academy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1801&pdt=100&dns=171&rrt=197&srt=252&tcp=320&dit=1340&clt=1340&_gst=1178&_gbt=1461&_u=KGBAgEIRAAAAAE~&jid=&gjid=&cid=131228663.1632327766&tid=UA-186820055-1&_gid=1792467144.1632327766&z=450354990

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 00:35:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56830
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK graphql Show response
www.hrandpayroll.com/ 130 B
526 B 137ms
136ms Fetch
text/plain 52.0.214.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hrandpayroll.com/graphql

Requested by

Host: d36ai2hkxl16us.cloudfront.net
URL: https://d36ai2hkxl16us.cloudfront.net/v3/dist/4919-907d4b879c412cdccc70.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.0.214.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-214-116.compute-1.amazonaws.com

Software

Resource Hash

fbbcca06c7513f3b22bd31842d61cfebdc805a482d4719dfe6b45ee308350510

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Origin: https://www.hrandpayroll.com
nonce: 9peqkp46g4i2snw64tg221xn
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Cookie: csrf-token=dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0; csrf-token.sig=riHNR7nOsc_Kd9q6pXNGfjA6XbU; visitId=0.3640069211761843; koa.sess=eyJzZWNyZXQiOiI2Unl2Qk8wU3pwRzVlYi0wS3A0aFhlY1ciLCJfZXhwaXJlIjoxNjMyNDE0MTY0OTQ4LCJfbWF4QWdlIjo4NjQwMDAwMH0=; koa.sess.sig=rR5zd6B7fLTyP_ZkVmoc91gXUM4; _ga=GA1.2.131228663.1632327766; _gid=GA1.2.1792467144.1632327766; TawkConnectionTime=0; _gat=1
Connection: keep-alive
Content-Length: 462
Pragma: no-cache
Host: www.hrandpayroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
authToken
Accept: */*
Cache-Control: no-cache
Referer: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
Sec-Fetch-Site: same-origin
Content-Type: application/json
Accept: */*
Referer: https://www.hrandpayroll.com/courses/the-ins-and-outs-of-the-form-i-9-and-e-verify?utm_source=Newsmanapp4_092221&utm_medium=email&utm_content=I9E&utm_campaign=E-Verify+and+Form+I-9+Requirements
nonce: 9peqkp46g4i2snw64tg221xn
authToken
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
nonce: vcj2y1gdhr9wvdx21q3btetw
csrfToken: dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0
Date: Wed, 22 Sep 2021 16:22:46 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Vary: Accept-Encoding
Content-Length: 130
X-XSS-Protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/61483167bf6/languages/ 16 KB
4 KB 26ms
16ms Script
application/javascript 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61483167bf6/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c4a4f6b701712b8f32107c462990f7a822fee1af946043c293b21294289bfe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 206447
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 07:01:03 GMT
server: cloudflare
etag: W/"c3edce989b37d8be81c7d5c99d7eba08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 692cdfbe1edf42cf-FRA

GET
H3 200 twk-chunk-2d0d2b7c.js Show response
embed.tawk.to/_s/v4/app/61483167bf6/js/ 7 KB
2 KB 23ms
22ms Script
application/javascript 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d0d2b7c.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0258bf0904baa243eb5f64f1607f3f568ac3aa3290b3f50f673968c71344c37d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 206449
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 07:01:03 GMT
server: cloudflare
etag: W/"722cffb3daa1570354cb1b80cb4846c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 692cdfbe4f7042cf-FRA

GET
H3 200 twk-chunk-2d224aff.js Show response
embed.tawk.to/_s/v4/app/61483167bf6/js/ 15 KB
4 KB 16ms
16ms Script
application/javascript 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d224aff.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51aebceae05d7c7bc2c7b6e081db6f193051f6da42db106e6190a327bfec3887

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 206449
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 07:01:03 GMT
server: cloudflare
etag: W/"6da1d3fedb4f02e72841b12ea46a3b69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 692cdfbe4f7542cf-FRA

GET
H3 200 twk-chunk-f1596d96.js Show response
embed.tawk.to/_s/v4/app/61483167bf6/js/ 10 KB
4 KB 22ms
22ms Script
application/javascript 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-f1596d96.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f2dd287b85e6611792422486676043848792c63fd5d37551f4b1de8575bcdb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 206449
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 07:01:03 GMT
server: cloudflare
etag: W/"39ad72483ef8e38d00f38e474d3165a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 692cdfbe4f7942cf-FRA

GET
H3 200 twk-chunk-48f46bef.js Show response
embed.tawk.to/_s/v4/app/61483167bf6/js/ 16 KB
5 KB 16ms
16ms Script
application/javascript 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-48f46bef.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d30ff127c1558967e1b8b2ff4c67587c79fef936b5b0ca61a6f8ea02c7d4415

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 206449
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 07:01:03 GMT
server: cloudflare
etag: W/"dff7e7b637ab438f5f1b10264d56ebca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 692cdfbe4f7b42cf-FRA

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/61483167bf6/js/ 942 B
818 B 22ms
22ms Script
application/javascript 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 206449
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 07:01:03 GMT
server: cloudflare
etag: W/"5f434bdd806571a4e1b385bee9316ff6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 692cdfbe4f7f42cf-FRA

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/61483167bf6/js/ 546 B
707 B 22ms
22ms Script
application/javascript 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 206449
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 07:01:03 GMT
server: cloudflare
etag: W/"09c3819d373bd4178a620d721429fada"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 692cdfbe4f8142cf-FRA

GET
H3 200 twk-chunk-f163fcd0.js Show response
embed.tawk.to/_s/v4/app/61483167bf6/js/ 11 KB
4 KB 15ms
15ms Script
application/javascript 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-f163fcd0.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf64b7caeb2a605264e93f82d9316b04b5cea1983aaf982020ae3ea6bd836ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 206449
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 07:01:03 GMT
server: cloudflare
etag: W/"bd8b7745dd473d1c97cf29616df94bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 692cdfbe4f8342cf-FRA

GET
H3 200 twk-chunk-35f53b3a.js Show response
embed.tawk.to/_s/v4/app/61483167bf6/js/ 64 KB
14 KB 24ms
24ms Script
application/javascript 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-35f53b3a.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78df5371e5481796ff1ab16bd1f6e74fd2feffc1224680500aee2155589ac3cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 206449
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 07:01:03 GMT
server: cloudflare
etag: W/"4f52ca0830a3e9c2a1955d242f03a199"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 692cdfbe4f8642cf-FRA

GET
H2 200 / Show response
vsb100.tawk.to/s/ 101 B
201 B 713ms
704ms XHR
application/octet-stream 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsb100.tawk.to/s/?k=614b5856b63ea377fc8bf476&cver=0&pop=false&asver=980&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1ZmI1M2U2YzkyMGZjOTE1NjRjODNhNzUiLCJ2aWQiOiJjNDc2NWE5NWMzNTBhZmJlMDIwYWZmMDI0ZjZlM2FhNTAwM2QzYzYwMWU0MGVmZmY0NWM0NjcxYzgzNjIzMzk2IiwiaWF0IjoxNjMyMzI3NzY2LCJleHAiOjE2MzIzMjk1NjYsImp0aSI6Im42UVNVRGpXc0FNV3d1dkpRWVlOZiJ9.g3KTbfFv4XZ8r84ecoB-rKy0RszQEp1IY85ttISpLrp_xhUbD28raPkl0AeXADqZFQn5vKVB8LSud0cpiz9pOg&EIO=3&transport=polling&__t=NmEKHBk

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b28dc9ec4b9be36df71957cec8a2f650d2acfde53e79d5fd810a247a1f3b740

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:47 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://www.hrandpayroll.com
access-control-allow-credentials: true
cf-ray: 692cdfbe5c00323c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 101

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/61483167bf6/css/ Frame 2F68 24 KB
5 KB 16ms
16ms Stylesheet
text/css 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61483167bf6/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 206448
cf-polished: origSize=25050
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 07:01:02 GMT
server: cloudflare
etag: W/"ca07acfc9643befa104a07a93067f7c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 692cdfbe881442cf-FRA
cf-bgj: minify

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/61483167bf6/css/ Frame 8247 37 KB
8 KB 13ms
13ms Stylesheet
text/css 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61483167bf6/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 206448
cf-polished: origSize=37650
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 07:01:02 GMT
server: cloudflare
etag: W/"792b46302ed8c4acdf03169ba30069fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 692cdfbea85742cf-FRA
cf-bgj: minify

GET
H3 200 bubble-widget.css
embed.tawk.to/_s/v4/app/61483167bf6/css/ Frame 2593 13 KB
3 KB 14ms
14ms Stylesheet
text/css 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61483167bf6/css/bubble-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 206448
cf-polished: origSize=13594
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 07:01:02 GMT
server: cloudflare
etag: W/"ce7913b80c763449b3895d46419f7a6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 692cdfbeb88542cf-FRA
cf-bgj: minify

GET
H3 200 css
fonts.googleapis.com/ Frame 2F68 7 KB
591 B 30ms
16ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/css/min-widget.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://embed.tawk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 15:06:42 GMT
server: ESF
date: Wed, 22 Sep 2021 16:22:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Sep 2021 16:22:46 GMT

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/61483167bf6/css/ Frame FBA6 72 KB
14 KB 15ms
15ms Stylesheet
text/css 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61483167bf6/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21c61919ec004e9d18cfb704145ae487ec9add63437f5b09d84aa04944db103

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 206448
cf-polished: origSize=73817
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 07:01:02 GMT
server: cloudflare
etag: W/"892ddb1a25ecef753428866428aea000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 692cdfbec8b042cf-FRA
cf-bgj: minify

GET
H3 200 css
fonts.googleapis.com/ Frame 8247 7 KB
591 B 18ms
16ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/css/message-preview.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://embed.tawk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 15:10:00 GMT
server: ESF
date: Wed, 22 Sep 2021 16:22:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Sep 2021 16:22:46 GMT

GET
H3 200 9-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame 2593 5 KB
2 KB 13ms
13ms Image
image/svg+xml 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/9-r-br.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f95cc2911bff5a94bf4eed95499541b28eb9af83d2da096aa700461fb434bfb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2414080
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 22 May 2021 07:25:17 GMT
server: cloudflare
etag: W/"698f16ea8000954f23df2cf2572b6349"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 692cdfbec8c242cf-FRA

GET
H3 200 css
fonts.googleapis.com/ Frame FBA6 7 KB
591 B 26ms
26ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/css/max-widget.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://embed.tawk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 15:07:33 GMT
server: ESF
date: Wed, 22 Sep 2021 16:22:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Sep 2021 16:22:46 GMT

GET
H3 200 tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame 2593 10 KB
11 KB 17ms
16ms Font
font/woff2 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/css/bubble-widget.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://embed.tawk.to/_s/v4/app/61483167bf6/css/bubble-widget.css
Origin: https://www.hrandpayroll.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 151824
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10520
last-modified: Sat, 22 May 2021 07:25:13 GMT
server: cloudflare
etag: "054b3b66812d0a4b87ffc6776f0a42f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
cf-ray: 692cdfbee919699b-FRA

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
53 KB 42ms
27ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2710344
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 53889
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
x-served-by: cache-fra19134-FRA, cache-hhn4062-HHN
date: Wed, 22 Sep 2021 16:22:46 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ Frame 2F68 23 KB
23 KB 14ms
13ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hrandpayroll.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 06:39:46 GMT
x-content-type-options: nosniff
age: 294180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Sep 2022 06:39:46 GMT

GET
H3 200 / Show response
vsb100.tawk.to/s/ 77 B
389 B 323ms
323ms XHR
application/octet-stream 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-vendors.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa4ed88c0bd10672c1b55d0b627ac42a39999024fdc7e1a566ab25fa2df67f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:47 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://www.hrandpayroll.com
access-control-allow-credentials: true
cf-ray: 692cdfc2cb7042cf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
388 B 195ms
194ms Fetch
text/html 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 22 Sep 2021 16:22:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: visitor-application-preemptive-dh24
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.hrandpayroll.com
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 692cdfc4d9a3699b-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H3 200 / Show response
vsb100.tawk.to/s/ 4 B
314 B 681ms
681ms XHR
application/octet-stream 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-vendors.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrandpayroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:22:48 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://www.hrandpayroll.com
access-control-allow-credentials: true
cf-ray: 692cdfc4d8b442cf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4

POST
H3 200 / Show response
vsb100.tawk.to/s/ 2 B
307 B 214ms
213ms XHR
text/html 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-vendors.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrandpayroll.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 Sep 2021 16:22:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/html
access-control-allow-origin: https://www.hrandpayroll.com
access-control-allow-credentials: true
cf-ray: 692cdfc7f8a442cf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.hrandpayroll.com/	1969-12-31 23:59:59	Name: csrf-token Value: dhPiOR0W-Q5raGCLEKaeXTllcXEj5lXrejp0
www.hrandpayroll.com/	1969-12-31 23:59:59	Name: csrf-token.sig Value: riHNR7nOsc_Kd9q6pXNGfjA6XbU
www.hrandpayroll.com/	1970-01-19 21:25:29	Name: visitId Value: 0.3640069211761843
www.hrandpayroll.com/	1969-12-31 23:59:59	Name: koa.sess Value: eyJzZWNyZXQiOiI2Unl2Qk8wU3pwRzVlYi0wS3A0aFhlY1ciLCJfZXhwaXJlIjoxNjMyNDE0MTY0OTQ4LCJfbWF4QWdlIjo4NjQwMDAwMH0=
www.hrandpayroll.com/	1969-12-31 23:59:59	Name: koa.sess.sig Value: rR5zd6B7fLTyP_ZkVmoc91gXUM4
.hrandpayroll.com/	1970-01-20 14:56:39	Name: _ga Value: GA1.2.131228663.1632327766
.hrandpayroll.com/	1970-01-19 21:26:54	Name: _gid Value: GA1.2.1792467144.1632327766
va.tawk.to/	1969-12-31 23:59:59	Name: ss Value: ab1kxqt1ae
va.tawk.to/	1970-01-20 01:44:39	Name: tawkUUID Value: %2BgCuTupHEURMPizEfyhQEtcrC0w2sqTsDMWWY4cKFN7Uird197jk7OaNT8M2t2cl%7C%7C2
www.hrandpayroll.com/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.hrandpayroll.com/	1970-01-19 21:25:27	Name: _gat Value: 1
.hrandpayroll.com/	1970-01-20 01:44:39	Name: __tawkuuid Value: e::hrandpayroll.com::LQQnY6Wt1r6+WMJZmPlWRVaAjmd8sKLcP8dQJH6WirFFTvazqT4soVff8+bvXPjq::2
m.stripe.com/	1970-01-20 14:56:39	Name: m Value: a87dc57b-292c-4c23-a785-e2204c16eedcb27ad2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://q.stripe.com/csp-report Message: Failed to load resource: the server responded with a status of 421 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
d36ai2hkxl16us.cloudfront.net
dt.hrandpayrollmailer.com
embed.tawk.to
f7imwt1lmg.execute-api.us-east-1.amazonaws.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
stats.g.doubleclick.net
va.tawk.to
vsb100.tawk.to
www.google-analytics.com
www.hrandpayroll.com
104.21.75.51
104.22.24.131
13.32.121.85
142.250.185.195
142.250.186.74
142.250.186.78
143.204.101.179
143.204.98.61
151.101.193.229
151.101.2.110
151.101.64.176
172.67.38.66
52.0.214.116
54.186.23.98
54.186.42.192
74.125.71.155
00a07b864adc8bac32ca067ecf7bae1faacb48b2c583006f65dea8485be64277
00b6b79bf0bd879c4c226f64ad36e7363b228efcac141b613ade128c7fd71afc
0258bf0904baa243eb5f64f1607f3f568ac3aa3290b3f50f673968c71344c37d
045017c703164390ff405c941f7e2797bdb9a53b2c2ddabee90f0b142d66620f
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
0dc572dd267f2996fe337488999895f2cf1f1b80e2f4c8abb5e6c217c42beefc
128ec282be568988b2c99db759825d407ab4823bea477a3c6be3c0c00612c802
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
13e44ac91c0d0e34922532b04d931246156aef649b2ac9cacc69ad75ce63ad00
149c88660e089fdfddc792b85b71763eb12838d0ed3635fb82ea46cd65bbb80a
16b2b45d45011a0d727a9a44bde08ed051561eb0f100f1c3991117f16df27f52
1823032a9fe743626313a25beaaa1e473778dcb343043736eee4350b3aabfda4
1a4b43fb07ad99458a8b4ae92ad50181ae3dab6be26dfcc32a91b7d1a821c364
2605cd2f9a2e600ef8dd70a820c53784c920511b26189275b4efd4d57ed2bb67
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b24b5d0312cc95f04b1c6175d126943adc16bfee3584ea11026193a7504e713
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
305efbdc95fd674370c2caa2b2d14428dbca655a764c2e87423defb5a92e8f0f
32de0a2874e50bcfbdce01d8fede1aa8538233a7744d3e49f81911c55377c6e4
34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139
34942cb04a732f9c361a51d1a0c5c767c9ac7e02d2335a710ab2c90b4fadc6bf
36049c48883873de2904d5dab1e586964c0a9fc57035604537861b09db20d9e7
3928531c34679a1d5bede57b36f81497b3f1769b3486fe81dfcaa7df8e1bd0fa
4092796ebf4b0ae48fca6e95f64ba8514ee39e12f39a320b8681a12847816515
4371defbb2c4b1d2cc0998da9ed03dbabbbc7c7e8d84f219c2cbbb424225cfbf
446eb45445ebc42055caeb49fc288b1e93498311bf7ef4673a9e2db57171409d
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
49602d801eaa91a5bd55a764c0692f97ce4273f71bc552a2ac4952e5b8628df5
4d30ff127c1558967e1b8b2ff4c67587c79fef936b5b0ca61a6f8ea02c7d4415
509e2fdc820147df1cdc5f27fca75ad561761f95af1b68faab42160013f8f2c3
51aebceae05d7c7bc2c7b6e081db6f193051f6da42db106e6190a327bfec3887
5573e3723d3818affbae59da403df9159cb760557fe3f728f9a22d6a42d63fd3
584031dc928dc12e2556bfc8692ef390bb6d43c3eaa3527707ca8486f1fe48f0
59466721c11d4594facf64ceb667280c9d509c47142166064be0c26c7627247b
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
5b28dc9ec4b9be36df71957cec8a2f650d2acfde53e79d5fd810a247a1f3b740
631105904eaf607e58b401a5bb1b8cf111d9c22e0576a6571cb39077aaac3211
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4a4f6b701712b8f32107c462990f7a822fee1af946043c293b21294289bfe7
6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89
6f2dd287b85e6611792422486676043848792c63fd5d37551f4b1de8575bcdb3
6f54030f20de234824d8dace638f601ec2ed7d6f63205087a65fa377b781e86d
70026d8402ecfe013750a85fa763334ad010576eb059de54e0701eda4b66340d
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
769d05e66129d07f000aaa2857f96cb208ceb8e9a65175430ee3e747bde97abd
76d79a986d18a06ac041c58c147e30a1c93f715949b1add86d960f00905f906e
78df5371e5481796ff1ab16bd1f6e74fd2feffc1224680500aee2155589ac3cf
791e85b8b8506f5e83cefaec053174a1103b5eae9106a9cea441e0466d5e82fe
7ee71aa15bd6f5e9f650cb2fd28073635fe050d7e71b61a7dae31094f5466236
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
858063f0b98aa6a926881c9e905161e3df72eec1e1bce66d40979c134c29e3f7
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8fce468a96af3813141e60e330274e58d8a8b7fae01f24aef07e162fc3873de4
90d2b0510233cff4541c6014a2a1fc529deda36e8d769c79c8ce523ccd1efec8
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9377ac882a4e9b858aacee6d8451768b9d851a4aab5ac966ead2b1470f3b8e24
93ad73f4f1106c621eb1be25a212eeea22579eb174029a121ec3fdfda5873f9c
95bc885b240826113afec5f417f8976dbc42ecb2373ce9788868a5419df91b05
98b158ad5698e0a0905ab6399f960451f8254420301b1fffae143f58cd42b51f
9bc0b9035c5c54e7642595bc171370eb508daba1a17d6687c1d377d08365d1f4
9c6629528a3fe2e5226157b8650be9f9cbe5a47331854f9a1963b8fc865a0f5f
9f1d6834ee682c971705a1a145151df34bd54fae7ccb836115cb1f7164b27d3e
a09b7737e114a5740774de96a70f61bb6f0aae19a4c6acc6d48eb2d3cb49be0e
a3ddad0d85359172655db65676f5881f77cea8a0b7fe236d6cf2ab3c5d8bc4de
a4f7169a3076525379e4922323f84098f2631967ecf2cec540b65c33980531e7
a6d83cefacfe1d2b02bf70c28982b9d8cfd5228d5c1c010f97e45a5bc7b98917
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
aa4ed88c0bd10672c1b55d0b627ac42a39999024fdc7e1a566ab25fa2df67f62
ab1c42d4644a5a4fad242c723d105dab1587f7481a075ebf58a30684afa1e830
b2e7eadb13210c8ea76cd5ddc0729e4e494e1daf5b3af7e5ee34ca88a9204ecf
b54afb8c17fa8cda50fe0ef2bc109178c905df1ed71d2836f5443ed4e86f466b
b7e443ba2a4d5822b7d8ff47e94a53966d25055e9cc22fc952f8aea2512d3de7
b803e76d8f10df36e733d13a90574a2b122955b080dea2af63df56478ab57c33
bbd80981dfc0174f878b36a16f2df70fb71f52d418aedcc654d3020ff8e3faa1
bc1b40576d26bec5320424aa50da1f6a95c0aa588542ee26a6dea9169902498b
be534bf7510c834e284b20351b1c1b7f39443c6a605381a640ce52e3cc4be58f
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
ca4b8ac1dd404575bb669c07a653c378aeb907651b7369440f1e70bf86b0db2a
cf64b7caeb2a605264e93f82d9316b04b5cea1983aaf982020ae3ea6bd836ee8
dcb82635faab53e8f4da8621aab0ab40d3e5c08e45c86348d319f35262f3320b
e09e76c14416d37e302120a42869bef9b0ee6c557ce18eda975b5a87c064d92f
e21c61919ec004e9d18cfb704145ae487ec9add63437f5b09d84aa04944db103
e4ad0c234031b965ad9a54fd4254392c6aadf7c4a7d8fc6039ff8da538d1f5a6
e4d74cfa4e47740ff8cd9fde4fada3fa2d0f33478e868dfd892126e9388e251c
e6109c96d40793c803c9c7d62245516e0540916416aeb7a28a7a281cfa9782c9
e64ab45cb57337d36b6ad4fc7fc3e64befdfa65474f043193c05aa8d26de53a0
e73db0900053cb7929c23d8ed2d667dfbec582b4c67c61e2d0e4d184e7188b36
e8e9871cf0af9019f2a0094a2ce12eb7794c104f7f38d9f75e7017c9d26e7cf6
eaef57ceaab0c64acc7943629daba6c4c834138eb68c32db7a9057d8486c8c78
eb481741fcc0a89db407810577d0bbe5560c547a7353efce1b191aa3657dabf3
ebb47fd79ee856806fec5c85f947b3a908cbe3cfef92099fa4c9b481f092f6f7
ed2052884ce03ed89bf478e38959c580cb62df214f0d72d2ab31ac73a539f4bd
ee685f9d7cb5b597ec3e74bbff5f3dd31ab69cf9315ddcb9cdfe991b2da649f6
ef7f208ee05b21c55a88213ab9fe90d3fa3a8fc6349b46bb576d31dc3150909c
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f6a1cf85600d92fbbf309d9d0011c2fb4349bb176013a13819c51ff50ea8b90d
f95cc2911bff5a94bf4eed95499541b28eb9af83d2da096aa700461fb434bfb5
fbbcca06c7513f3b22bd31842d61cfebdc805a482d4719dfe6b45ee308350510
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.hrandpayroll.com Open in urlscan Pro 52.0.214.116 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

108 Requests

100 %HTTPS

0 %IPv6

13 Domains

17 Subdomains

15 IPs

2 Countries

2261 kBTransfer

8152 kBSize

13 Cookies

5 Outgoing links

Page URL History

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.hrandpayroll.com Open in urlscan Pro
52.0.214.116 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

17
Subdomains

15
IPs

2
Countries

2261 kB
Transfer

8152 kB
Size

13
Cookies

108 HTTP transactions
0 data transactions