Submitted URL: https://hr4you.edassist.com/
Effective URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Submission: On August 09 via manual from IN

Summary

This website contacted 25 IPs in 4 countries across 20 domains to perform 126 HTTP transactions. The main IP is 216.245.141.234, located in United States and belongs to SRS-6-Z-7381, US. The main domain is bhlogin.brighthorizons.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on June 22nd 2021. Valid for: a year.
This is the only time bhlogin.brighthorizons.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 216.245.141.172 7381 (SRS-6-Z-7381)
17 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 13.225.78.63 16509 (AMAZON-02)
6 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
8 2a03:2880:f01... 32934 (FACEBOOK)
12 2a03:2880:f11... 32934 (FACEBOOK)
3 3 2620:119:50e3... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
2 108.174.10.14 14413 (LINKEDIN)
3 2a00:1450:400... 15169 (GOOGLE)
2 13.224.222.60 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 216.245.141.171 7381 (SRS-6-Z-7381)
2 143.204.98.123 16509 (AMAZON-02)
1 151.101.13.27 54113 (FASTLY)
2 65.9.49.42 16509 (AMAZON-02)
2 162.247.242.18 23467 (NEWRELIC-...)
1 13 216.245.141.234 7381 (SRS-6-Z-7381)
2 143.204.98.79 16509 (AMAZON-02)
3 3 34.252.144.15 16509 (AMAZON-02)
1 3 143.204.98.23 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
126 25
Domain Requested by
17 www.google-analytics.com hr4you.edassist.com
www.google-analytics.com
www.googletagmanager.com
13 bhlogin.brighthorizons.com 1 redirects hr4you.edassist.com
bhlogin.brighthorizons.com
12 www.facebook.com hr4you.edassist.com
bhlogin.brighthorizons.com
9 www.gstatic.com www.google.com
www.gstatic.com
9 www.google.com hr4you.edassist.com
bhlogin.brighthorizons.com
www.gstatic.com
www.google.com
9 hr4you.edassist.com hr4you.edassist.com
8 connect.facebook.net hr4you.edassist.com
connect.facebook.net
6 bat.bing.com www.googletagmanager.com
bat.bing.com
hr4you.edassist.com
bhlogin.brighthorizons.com
5 fonts.gstatic.com www.google.com
5 www.googletagmanager.com hr4you.edassist.com
www.googletagmanager.com
bhlogin.brighthorizons.com
3 segments.company-target.com 1 redirects
3 match.prod.bidr.io 3 redirects
3 www.google.de hr4you.edassist.com
3 stats.g.doubleclick.net hr4you.edassist.com
www.google-analytics.com
3 px.ads.linkedin.com 3 redirects
2 id.rlcdn.com
2 api.company-target.com hr4you.edassist.com
tag.demandbase.com
2 bam.nr-data.net js-agent.newrelic.com
hr4you.edassist.com
2 tag.demandbase.com hr4you.edassist.com
2 vars.hotjar.com static.hotjar.com
2 svc.edassist.com hr4you.edassist.com
2 script.hotjar.com static.hotjar.com
2 px4.ads.linkedin.com hr4you.edassist.com
bhlogin.brighthorizons.com
2 snap.licdn.com hr4you.edassist.com
2 static.hotjar.com www.googletagmanager.com
1 js-agent.newrelic.com hr4you.edassist.com
1 www.linkedin.com 1 redirects
126 27

This site contains links to these domains. Also see Links.

Domain
www.brighthorizons.com
Subject Issuer Validity Valid
*.edassist.com
Entrust Certification Authority - L1K
2020-05-05 -
2022-08-04
2 years crt.sh
*.google-analytics.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.hotjar.com
Amazon
2020-12-25 -
2022-01-23
a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2021-07-06 -
2022-01-06
6 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2021-04-30 -
2022-05-11
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-07-20 -
2021-10-18
3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2021-04-15 -
2021-10-15
6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
www.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
www.google.de
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-05-05 -
2022-06-06
a year crt.sh
tag.demandbase.com
Go Daddy Secure Certificate Authority - G2
2020-10-14 -
2021-11-15
a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA
2020-02-05 -
2022-02-08
2 years crt.sh
bhlogin.brighthorizons.com
Entrust Certification Authority - L1K
2021-06-22 -
2022-07-21
a year crt.sh
api.demandbase.com
Go Daddy Secure Certificate Authority - G2
2020-10-09 -
2021-10-28
a year crt.sh
*.company-target.com
Go Daddy Secure Certificate Authority - G2
2019-06-19 -
2021-08-18
2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
*.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.google.de
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh

This page contains 6 frames:

Primary Page: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Frame ID: E883714187CEADD5AC69A5212277A9D6
Requests: 105 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 24BE1E3C508F290B0D13AC537AB56C2F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&co=aHR0cHM6Ly9iaGxvZ2luLmJyaWdodGhvcml6b25zLmNvbTo0NDM.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&sa=submit&cb=7kdil7ybystx
Frame ID: 7257F9F2ABE5A7B522E1E23D35A52EC9
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&co=aHR0cHM6Ly9iaGxvZ2luLmJyaWdodGhvcml6b25zLmNvbTo0NDM.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&sa=submit&cb=7kdil7ybystx
Frame ID: 78C1936122EF683668A352CA5899876B
Requests: 7 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 78E1740505135D68FD006A4CCAB2ABE7
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&cb=pytaer5s9ie0
Frame ID: 4E53181AEF438A22D214EF8EB769532C
Requests: 11 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://hr4you.edassist.com/ Page URL
  2. https://bhlogin.brighthorizons.com/Account/Singlesignonservice?benefitId=2&clientguid=EB63EC53-25A9-E211-AC37-0... HTTP 301
    https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&is... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /require.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • html /(?:<link[^>]* href=[^>]+glyphicons(?:\.min)?\.css|<img[^>]* src=[^>]+glyphicons)/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery-ui.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery-ui.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

126
Requests

96 %
HTTPS

48 %
IPv6

20
Domains

27
Subdomains

25
IPs

4
Countries

3666 kB
Transfer

12723 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hr4you.edassist.com/ Page URL
  2. https://bhlogin.brighthorizons.com/Account/Singlesignonservice?benefitId=2&clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8 HTTP 301
    https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497785163&url=https%3A%2F%2Fhr4you.edassist.com%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D116151%26time%3D1628497785163%26url%3Dhttps%253A%252F%252Fhr4you.edassist.com%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497785163&url=https%3A%2F%2Fhr4you.edassist.com%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497785163&url=https%3A%2F%2Fhr4you.edassist.com%2F&liSync=true&e_ipv6=AQKmi_WHDX8A6QAAAXsqCDTnCH0iNYz7u10tMQvmplarvCHVkaoI7JiRhxwWOAai2Jrxb811
Request Chain 52
  • https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
  • https://segments.company-target.com/log?vendor=choca&user_id=AABVWE7CIc8AACg0CA8r1w HTTP 303
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=AABVWE7CIc8AACg0CA8r1w&verifyHash=8b0b9ce4a59263a4a03ff2ffef4694342ff70f34
Request Chain 84
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497789565&url=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497789565&url=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&e_ipv6=AQK8S1a9dv_ydAAAAXsqCELTlKnnRBjO6LCvMioNiSVvOaZTB24SjnFu0TE0LrPmH6wC-EEA
Request Chain 109
  • https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
  • https://segments.company-target.com/log?vendor=choca&user_id=AABVWE7CIc8AACg0CA8r1w

126 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
hr4you.edassist.com/
2 KB
1 KB
Document
General
Full URL
https://hr4you.edassist.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.172 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
9866f5265b6fb988b9989ca2035c8e47c154b8e5b976df0a0ea680bea3923cd5

Request headers

Host
hr4you.edassist.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Age
3
Date
Mon, 09 Aug 2021 08:29:41 GMT
Cache-Control
private
Connection
Keep-Alive
Via
NS-CACHE-9.3: 27
ETag
"02f80a88085d71:0"
Content-Type
text/html
Last-Modified
Fri, 30 Jul 2021 20:22:46 GMT
Accept-Ranges
bytes
Server
Microsoft-IIS/8.5
ntCoent-Length
2058
Content-Encoding
gzip
Content-Length
937
global-92269239bb.css
hr4you.edassist.com/dist/css/
796 KB
182 KB
Stylesheet
General
Full URL
https://hr4you.edassist.com/dist/css/global-92269239bb.css
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.172 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
466da5a789662c476755af73ad431b55280f584a8b29d9355c3770bec1e002b0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
hr4you.edassist.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://hr4you.edassist.com/
Connection
keep-alive
Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length
814641
Date
Mon, 09 Aug 2021 08:29:41 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Jul 2021 20:22:46 GMT
Server
Microsoft-IIS/8.5
ETag
"02f80a88085d71:0"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
private
Accept-Ranges
bytes
sprite.css
hr4you.edassist.com/dist/assets/icons/css/
22 KB
4 KB
Stylesheet
General
Full URL
https://hr4you.edassist.com/dist/assets/icons/css/sprite.css
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.172 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
49b19b372b6bcaa0420f557e413988d5d28beb313e0f228208f7afcbac38d60b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
hr4you.edassist.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://hr4you.edassist.com/
Connection
keep-alive
Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length
22298
Date
Mon, 09 Aug 2021 08:29:41 GMT
Via
NS-CACHE-9.3: 27
Last-Modified
Fri, 30 Jul 2021 20:23:18 GMT
Server
Microsoft-IIS/8.5
Age
3
ETag
"0ff92bb8085d71:0"
Content-Type
text/css
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
3515
env.js
hr4you.edassist.com/dist/js/
353 B
655 B
Script
General
Full URL
https://hr4you.edassist.com/dist/js/env.js
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.172 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
96601e0f254362feb25ae1ef3cf9c237bab435f76ec6170161a656fd249f10e6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
hr4you.edassist.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://hr4you.edassist.com/
Connection
keep-alive
Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 08:29:41 GMT
Via
NS-CACHE-9.3: 27
Last-Modified
Tue, 03 Aug 2021 10:51:44 GMT
Server
Microsoft-IIS/8.5
Age
3
ETag
"316f758c5588d71:0"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
353
vendor-7597f552f9.core.js
hr4you.edassist.com/dist/js/
2 MB
576 KB
Script
General
Full URL
https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.172 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
a24500966d99ebc2ac4bfea809d2f05a3356beb5d22e15457ba0b8ed0acc0ca7

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
hr4you.edassist.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://hr4you.edassist.com/
Connection
keep-alive
Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 08:29:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Jul 2021 20:23:04 GMT
Server
Microsoft-IIS/8.5
ETag
"0c43ab38085d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
589124
edassist-ee0eef9186.core.js
hr4you.edassist.com/dist/js/
4 MB
793 KB
Script
General
Full URL
https://hr4you.edassist.com/dist/js/edassist-ee0eef9186.core.js
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.172 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
f4a0e0f07710200d324f749d2f028885bb01fdaa4406365ecc3d78bd2c347009

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
hr4you.edassist.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://hr4you.edassist.com/
Connection
keep-alive
Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 08:29:41 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Jul 2021 20:22:46 GMT
Server
Microsoft-IIS/8.5
ETag
"02f80a88085d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
812215
muli-regular.woff2
hr4you.edassist.com/dist/fonts/
19 KB
20 KB
Font
General
Full URL
https://hr4you.edassist.com/dist/fonts/muli-regular.woff2
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/css/global-92269239bb.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.172 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
2037b7a2a76c8315c06af6189a2d1fff476fae2ba82d72127283090729c0a41b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://hr4you.edassist.com
Accept-Encoding
gzip, deflate, br
Host
hr4you.edassist.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://hr4you.edassist.com/dist/css/global-92269239bb.css
Connection
keep-alive
Origin
https://hr4you.edassist.com
Referer
https://hr4you.edassist.com/dist/css/global-92269239bb.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 08:29:41 GMT
Via
NS-CACHE-9.3: 27
Last-Modified
Fri, 30 Jul 2021 20:22:46 GMT
Server
Microsoft-IIS/8.5
Age
3
ETag
"02f80a88085d71:0"
Content-Type
font/x-woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
19804
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
4563
date
Mon, 09 Aug 2021 07:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Mon, 09 Aug 2021 09:13:41 GMT
gtm.js
www.googletagmanager.com/
268 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T5MTQWP
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c623f022a4feeeb2ee2044a94ff17f8e91b48108756486e6499fd9306321e7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70292
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 09 Aug 2021 08:29:44 GMT
js
www.googletagmanager.com/gtag/
127 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0EY7LSHQSZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5MTQWP
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b130019f01691aa425d47796ae34d08a2b696520b30d13dc132ffc75485cdc30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:45 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51131
x-xss-protection
0
expires
Mon, 09 Aug 2021 08:29:45 GMT
js
www.googletagmanager.com/gtag/
127 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VBG2PWG49C&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5MTQWP
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7bfc7d7a0574a286b2e412cc933773a2419cb09a207fc0c31b34664cb53ed6cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:45 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51135
x-xss-protection
0
expires
Mon, 09 Aug 2021 08:29:45 GMT
js
www.google-analytics.com/gtm/
131 KB
44 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=OPT-MCWHWCV&t=gtm4&cid=1350957251.1628497785
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fb56969a1925d01c3b02ad4e17b3d63ad50fa1b280c6be8e8db1387dcd007062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:45 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45007
x-xss-protection
0
expires
Mon, 09 Aug 2021 08:29:45 GMT
hotjar-1090331.js
static.hotjar.com/c/
4 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1090331.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5MTQWP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-63.fra2.r.cloudfront.net
Software
/
Resource Hash
68e4063ded8e4eda895b670a3d73ceace9bd62d05fda06af3e372cc93c1633f8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:42 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
2
etag
W/9cd6dd44b76a0ba1809e68dec4a6befd
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
FRA2-C2
content-length
1915
via
1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
x-amz-cf-id
oFaQTRqUJUX3q0Z7b5Mu6F8UI0wAlGdqEmbIDG5ABKnbG8Elbka-rA==
bat.js
bat.bing.com/
30 KB
9 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5MTQWP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:44 GMT
content-encoding
gzip
last-modified
Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref
Ref A: F8D6B4874A7345FF99156AA29DCA9339 Ref B: FRAEDGE1318 Ref C: 2021-08-09T08:29:45Z
etag
"80f2963dde83d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
9024
insight.min.js
snap.licdn.com/li.lms-analytics/
5 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28c::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 08:29:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Jun 2021 01:25:13 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=61024
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2079
fbds.js
connect.facebook.net/en_US/
4 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2e1982391432ef90d89992d67143bda5fa8dc1412a22a42cbb1ea1ff6c54e634
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
r1cLcDOYA4KFNsjblsAmsQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
2168
x-fb-rlafr
0
x-fb-debug
F0QIMtoUEpObPWDFVR7zWcoJi0iDdSyMUF98ve2HTtlkzU5N1CKtmdo8jn//WycIyXFZ1XJLF9BJOUjIyr0iTA==
x-fb-trip-id
686109401
x-fb-content-md5
a6f6b0766effdcd8d7be5f0ee6e16ef2
x-frame-options
DENY
date
Mon, 09 Aug 2021 08:29:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"c2c1d33361a31082b415bfcea448ad9d"
timing-allow-origin
*
expires
Mon, 09 Aug 2021 08:47:53 GMT
fbevents.js
connect.facebook.net/en_US/
98 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25944
x-xss-protection
0
pragma
public
x-fb-debug
jdG8x9VvZBU0AgP3x7VjO9fHDyMh3oOL7LtItwmPC4H8kJeSPHY3GwyusiHubxvjTCsHUhGR5FsrP2vySRBoSw==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Mon, 09 Aug 2021 08:29:45 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0EY7LSHQSZ&gtm=2oe840&_p=1521100234&sr=1600x1200&ul=en-us&cid=1350957251.1628497785&_s=1&dl=https%3A%2F%2Fhr4you.edassist.com%2F&dt=&sid=1628497785&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.debug_mode=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0EY7LSHQSZ&l=dataLayer&cx=c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 09 Aug 2021 08:29:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hr4you.edassist.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=320938781441559&ev=PixelInitialized&dl=https%3A%2F%2Fhr4you.edassist.com%2F&rl=&if=false&ts=1628497785151
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 09 Aug 2021 08:29:45 GMT
994393773937678
connect.facebook.net/signals/config/
253 KB
72 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/994393773937678?v=2.9.44&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
caa3cf742e83438f33fcd49f858609f84d70777a2399156403011c97a7ef9d60
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
ezlZr91JcN0lU7KGKmvNNLnkH50us+yL1GxnLnFy4sjjayS4uKQhi+9AqMdg2tpC4OoPL8+A+k7HXjyp1ZoPKw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 09 Aug 2021 08:29:45 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497785163&url=https%3A%2F%2Fhr4you.edassist.com%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D116151%26time%3D1628497785163%26url%3Dhttps%253A%252F%252Fhr4you.edassist.com%252...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497785163&url=https%3A%2F%2Fhr4you.edassist.com%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497785163&url=https%3A%2F%2Fhr4you.edassist.com%2F&liSync=true&e_ipv6=AQKmi_WHDX8A6QAAAXsqCDTnCH0iNYz7u10tMQvmplarvCHVkaoI7JiRhxw...
0
154 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497785163&url=https%3A%2F%2Fhr4you.edassist.com%2F&liSync=true&e_ipv6=AQKmi_WHDX8A6QAAAXsqCDTnCH0iNYz7u10tMQvmplarvCHVkaoI7JiRhxwWOAai2Jrxb811
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:46 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
x-li-proto
http/2
x-li-pop
prod-lva1
content-type
application/javascript
content-length
0
x-li-uuid
2H7wyhuWmRages9boCsAAA==

Redirect headers

date
Mon, 09 Aug 2021 08:29:46 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497785163&url=https%3A%2F%2Fhr4you.edassist.com%2F&liSync=true&e_ipv6=AQKmi_WHDX8A6QAAAXsqCDTnCH0iNYz7u10tMQvmplarvCHVkaoI7JiRhxwWOAai2Jrxb811
x-li-proto
http/2
x-li-pop
prod-eda6
content-length
0
x-li-uuid
y2l7uBuWmRYQOBXMrCoAAA==
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VBG2PWG49C&gtm=2oe840&_p=1521100234&sr=1600x1200&ul=en-us&cid=1350957251.1628497785&_s=1&dl=https%3A%2F%2Fhr4you.edassist.com%2F&dt=&sid=1628497785&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.debug_mode=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VBG2PWG49C&l=dataLayer&cx=c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 09 Aug 2021 08:29:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hr4you.edassist.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1521100234&t=pageview&_s=1&dl=https%3A%2F%2Fhr4you.edassist.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADUAAAAC~&jid=229186982&gjid=1556456121&cid=1350957251.1628497785&tid=UA-38067903-10&_gid=1867950475.1628497785&_r=1&gtm=2wg840T5MTQWP&cd18=&cd19=&cd21=not-available&cd23=not-available&cd24=not-available&cd25=not-available&cd27=not-available&cd29=not-available&cd30=not-available&cd31=not-available&cd32=not-available&cd33=not-available&cd34=not-available&cd35=not-available&cd36=not-available&cd37=not-available&cd38=not-available&cd39=not-available&cd40=not-available&cd41=not-available&cd42=not-available&cd43=2021-08-09T10%3A29%3A45.183%2B02%3A00&cd44=not-available&cd45=not-available&cd46=not-available&cd47=not-available&cd48=not-available&cd49=not-available&cd50=not-available&cd51=not-available&cd52=not-available&cd53=not-available&cd54=not-available&z=524781217
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Aug 2021 08:29:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hr4you.edassist.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1521100234&t=pageview&_s=1&dl=https%3A%2F%2Fhr4you.edassist.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADUAAAAC~&jid=644552999&gjid=1777955165&cid=1350957251.1628497785&tid=UA-38067903-1&_gid=1867950475.1628497785&_r=1&gtm=2wg840T5MTQWP&z=741107660
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Aug 2021 08:29:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hr4you.edassist.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
465 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-38067903-10&cid=1350957251.1628497785&jid=229186982&gjid=1556456121&_gid=1867950475.1628497785&_u=aGDAAEACUAAAAC~&z=1424256522
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 09 Aug 2021 08:29:45 GMT
content-type
text/plain
access-control-allow-origin
https://hr4you.edassist.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
56292788.js
bat.bing.com/p/action/
0
150 B
Script
General
Full URL
https://bat.bing.com/p/action/56292788.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 09 Aug 2021 08:29:45 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: 6A1A5EBD9B454B9ABA80A2EAA1A72C4A Ref B: FRAEDGE1318 Ref C: 2021-08-09T08:29:45Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
modules.9a6619e61150e4449f35.js
script.hotjar.com/
221 KB
59 KB
Script
General
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1090331.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.222.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-222-60.lhr61.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
324700
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 5f8ce6fad85064c6a8d3486ad2c8e170.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
4GvK85Sa4M8psxvpY0mDQHAA7H7I4RLyjvDeUnpLKPdreQev4hcjVw==
collect
stats.g.doubleclick.net/j/
4 B
70 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-38067903-1&cid=1350957251.1628497785&jid=644552999&gjid=1777955165&_gid=1867950475.1628497785&_u=aGDAAEADUAAAAC~&z=580226522
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 09 Aug 2021 08:29:45 GMT
content-type
text/plain
access-control-allow-origin
https://hr4you.edassist.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
327 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-38067903-10&cid=1350957251.1628497785&jid=229186982&_u=aGDAAEACUAAAAC~&z=1631107281
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Aug 2021 08:29:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-38067903-10&cid=1350957251.1628497785&jid=229186982&_u=aGDAAEACUAAAAC~&z=1631107281
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Aug 2021 08:29:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-38067903-1&cid=1350957251.1628497785&jid=644552999&_u=aGDAAEADUAAAAC~&z=99211165
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Aug 2021 08:29:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
522 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-38067903-1&cid=1350957251.1628497785&jid=644552999&_u=aGDAAEADUAAAAC~&z=99211165
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Aug 2021 08:29:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/
0
149 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=56292788&tm=gtm001&Ver=2&mid=30138843-e0aa-4217-9a26-728050012410&sid=f3d7a620f8eb11ebb0c361c33ec9c8dd&vid=f3d7f190f8eb11ebb06907cdb9e067b1&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fhr4you.edassist.com%2F&r=&lt=3032&evt=pageLoad&msclkid=N&sv=1&rn=408845
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 09 Aug 2021 08:29:45 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 20B5154859504521B8C3FCC7D61932E6 Ref B: FRAEDGE1318 Ref C: 2021-08-09T08:29:45Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1521100234&t=pageview&_s=1&dl=https%3A%2F%2Fhr4you.edassist.com%2F&dp=%2Flogin&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADUAAAAC~&jid=947504440&gjid=1419511289&cid=1350957251.1628497785&tid=UA-52850747-3&_gid=1867950475.1628497785&_r=1&_slc=1&cd1=hr4you&cd2=&z=740552868
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Aug 2021 08:29:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hr4you.edassist.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
hr4you
svc.edassist.com/ed5/api/v1/content/general/login/
3 KB
4 KB
XHR
General
Full URL
https://svc.edassist.com/ed5/api/v1/content/general/login/hr4you?textOnly=false
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.171 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://hr4you.edassist.com/
source
web
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 09 Aug 2021 08:29:46 GMT
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-Frame-Options
DENY
Content-Type
application/json
Access-Control-Allow-Origin
https://hr4you.edassist.com
Access-Control-Expose-Headers
file-ext
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=60
Expires
0
bhes-horizontal.svg
hr4you.edassist.com/%7B%7Bvm.constants.urls.cdnBase%7D%7D/images/web-client-logos/
1 KB
1 KB
Image
General
Full URL
https://hr4you.edassist.com/%7B%7Bvm.constants.urls.cdnBase%7D%7D/images/web-client-logos/bhes-horizontal.svg
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.172 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
hr4you.edassist.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://hr4you.edassist.com/
Cookie
_gcl_au=1.1.661861450.1628497785; _gid=GA1.2.1867950475.1628497785; _ga_0EY7LSHQSZ=GS1.1.1628497785.1.0.1628497785.0; _ga_VBG2PWG49C=GS1.1.1628497785.1.0.1628497785.0; _ga=GA1.2.1350957251.1628497785; _gat_UA-38067903-10=1; _gat_UA-38067903-1=1; _hjid=fb1e5fe7-a4b2-4dbb-8192-980e73a0bd6c; _hjFirstSeen=1; _uetsid=f3d7a620f8eb11ebb0c361c33ec9c8dd; _uetvid=f3d7f190f8eb11ebb06907cdb9e067b1; _gat=1
Connection
keep-alive
Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length
1245
Date
Mon, 09 Aug 2021 08:29:44 GMT
Cache-Control
private
Server
Microsoft-IIS/8.5
Content-Encoding
gzip
Content-Length
679
Content-Type
text/html
hr4you
svc.edassist.com/ed5/api/v1/content/general/login/ Frame
0
0
Preflight
General
Full URL
https://svc.edassist.com/ed5/api/v1/content/general/login/hr4you?textOnly=false
Protocol
HTTP/1.1
Server
216.245.141.171 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
source
Origin
https://hr4you.edassist.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
Access-Control-Allow-Origin
https://hr4you.edassist.com
Access-Control-Allow-Methods
GET,POST,HEAD,OPTIONS,PUT,DELETE,PATCH
Access-Control-Allow-Headers
source
Access-Control-Expose-Headers
file-ext
Access-Control-Allow-Credentials
true
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Pragma
no-cache
Expires
0
X-Frame-Options
DENY
Content-Length
0
Date
Mon, 09 Aug 2021 08:29:43 GMT
Keep-Alive
timeout=60
Connection
keep-alive
truncated
/
383 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
073d79753c8a24a0bf3dabaa3b49100a188abf72ea5f72e636431f15a1939576

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
muli-extrabold.woff2
hr4you.edassist.com/dist/fonts/
19 KB
19 KB
Font
General
Full URL
https://hr4you.edassist.com/dist/fonts/muli-extrabold.woff2
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/css/global-92269239bb.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.172 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
dd6d7699147ecb7e261ad481f18dcbb3df7ba66de747e4833c369c205ecf7d4c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://hr4you.edassist.com
Accept-Encoding
gzip, deflate, br
Host
hr4you.edassist.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://hr4you.edassist.com/dist/css/global-92269239bb.css
Cookie
_gcl_au=1.1.661861450.1628497785; _gid=GA1.2.1867950475.1628497785; _ga_0EY7LSHQSZ=GS1.1.1628497785.1.0.1628497785.0; _ga_VBG2PWG49C=GS1.1.1628497785.1.0.1628497785.0; _ga=GA1.2.1350957251.1628497785; _gat_UA-38067903-10=1; _gat_UA-38067903-1=1; _hjid=fb1e5fe7-a4b2-4dbb-8192-980e73a0bd6c; _hjFirstSeen=1; _uetsid=f3d7a620f8eb11ebb0c361c33ec9c8dd; _uetvid=f3d7f190f8eb11ebb06907cdb9e067b1; _gat=1
Connection
keep-alive
Origin
https://hr4you.edassist.com
Referer
https://hr4you.edassist.com/dist/css/global-92269239bb.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 08:29:44 GMT
Last-Modified
Fri, 30 Jul 2021 20:22:46 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"02f80a88085d71:0"
Content-Length
19588
Content-Type
font/x-woff2
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 24BE
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1090331.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-123.fra50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hr4you.edassist.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hr4you.edassist.com/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
0WgQvHPJjjGXeQk8n9z2CIAzJMjmpvkggpZMDk0FJ4b6FuYnfM1tLg==
age
1930395
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1521100234&t=pageview&_s=1&dl=https%3A%2F%2Fhr4you.edassist.com%2F&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Login%20-%20EdAssist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADUAAAAC~&jid=&gjid=&cid=1350957251.1628497785&tid=UA-38067903-1&_gid=1867950475.1628497785&gtm=2wg840T5MTQWP&z=114659983
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Aug 2021 05:58:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
9093
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1521100234&t=pageview&_s=1&dl=https%3A%2F%2Fhr4you.edassist.com%2F&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Login%20-%20EdAssist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADUAAAAC~&jid=&gjid=&cid=1350957251.1628497785&tid=UA-38067903-1&_gid=1867950475.1628497785&gtm=2wg840T5MTQWP&z=1778180693
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Aug 2021 05:58:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
9093
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1353585158113746
connect.facebook.net/signals/config/
253 KB
72 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1353585158113746?v=2.9.44&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
092f12ef476f40a036dab7dc398a9cd30153cc2540d1dc8190b16871cd5ba27c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
ph+uD2GGU2/5aBgDTfeTEPOt+Scg/wr5ghGA307wevHTas7+HDH1fOWQ/+l4OFfUiu9JT0hTUJhI/M+2rTpfdg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 09 Aug 2021 08:29:46 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=994393773937678&ev=PageView&dl=https%3A%2F%2Fhr4you.edassist.com%2F%23%2Flogin&rl=&if=false&ts=1628497785948&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628497785947.665872561&it=1628497785159&coo=false&rqm=GET
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Mon, 09 Aug 2021 08:29:45 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1353585158113746&ev=PageView&dl=https%3A%2F%2Fhr4you.edassist.com%2F%23%2Flogin&rl=&if=false&ts=1628497786413&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628497785947.665872561&it=1628497785159&coo=false&rqm=GET
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Mon, 09 Aug 2021 08:29:46 GMT
nr-974.min.js
js-agent.newrelic.com/
22 KB
9 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-974.min.js
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de272e6c7c5237ae60a9f3e96379de2c5778af29343ff06678f767cccf7f7faa

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"634571f9ce8c2fed916ddca30914f48a"
x-amz-request-id
A4Q3Q08TY2QQC0ME
x-cache
HIT
content-length
8756
x-amz-id-2
82EEEFVCpqTIh/RJD0ybm/whyb9/J/23pXzR8eBt5evxZOc1J0Q1OCt1Kf4N1TbLka+368Ns06w=
x-served-by
cache-fra19124-FRA
last-modified
Wed, 28 Feb 2018 23:33:45 GMT
server
AmazonS3
x-timer
S1628497787.550227,VS0,VE0
date
Mon, 09 Aug 2021 08:29:46 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
14
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=320938781441559&ev=PixelInitialized&dl=https%3A%2F%2Fhr4you.edassist.com%2F%23%2Flogin&rl=https%3A%2F%2Fhr4you.edassist.com%2F&if=false&ts=1628497786490
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Mon, 09 Aug 2021 08:29:46 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=994393773937678&ev=PageView&dl=https%3A%2F%2Fhr4you.edassist.com%2F%23%2Flogin&rl=&if=false&ts=1628497786492&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1628497785947.665872561&it=1628497785159&coo=false&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Mon, 09 Aug 2021 08:29:46 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1353585158113746&ev=PageView&dl=https%3A%2F%2Fhr4you.edassist.com%2F%23%2Flogin&rl=&if=false&ts=1628497786502&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1628497785947.665872561&it=1628497785159&coo=false&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Mon, 09 Aug 2021 08:29:46 GMT
0260c743.min.js
tag.demandbase.com/
74 KB
18 KB
Script
General
Full URL
https://tag.demandbase.com/0260c743.min.js
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.49.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
7lA8m45GlDMLQ7S9a3TGRlQ_2j6M4ctr
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 19:59:02 GMT
server
AmazonS3
age
1572
etag
W/"f258ed111c40157de373542d30dc55b2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 52bb5852b1acec80b918512e69d8f7dc.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
date
Mon, 09 Aug 2021 08:08:57 GMT
x-amz-cf-pop
ARN54-C1
x-amz-cf-id
4Wd90HpBCLbBlxsmam9-jAgqz8N1chzGOg4gZSOY_j3Gp-ThViv0Mw==
641f598513
bam.nr-data.net/1/
57 B
268 B
Script
General
Full URL
https://bam.nr-data.net/1/641f598513?a=24485792&sa=1&v=974.7d740e1&t=Unnamed%20Transaction&rst=3989&ref=https://hr4you.edassist.com/&be=2378&fe=1524&dc=644&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1628497782581,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:52,%22c%22:52,%22s%22:66,%22ce%22:585,%22rq%22:585,%22rp%22:722,%22rpe%22:722,%22dl%22:725,%22di%22:3018,%22ds%22:3022,%22de%22:3032,%22dc%22:3901,%22l%22:3901,%22le%22:3908%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-974.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
Primary Request Cookie set /
bhlogin.brighthorizons.com/
Redirect Chain
  • https://bhlogin.brighthorizons.com/Account/Singlesignonservice?benefitId=2&clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8
  • https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
13 KB
5 KB
Document
General
Full URL
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/edassist-ee0eef9186.core.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
Kestrel /
Resource Hash
871a3ee466b45b57034c7d648e99a0aa12ff8abb677b8c38499f74abad427013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Host
bhlogin.brighthorizons.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://hr4you.edassist.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hr4you.edassist.com/#/login

Response headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Server
Kestrel
Set-Cookie
bhlogin_benefitid=2; path=/; secure; samesite=none; httponly bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; path=/; secure; samesite=none; httponly .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg; path=/; secure; samesite=strict; httponly
Request-Context
appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
X-Frame-Options
DENY
X-UA-Compatible
IE=edge
X-Xss-Protection
1
Date
Mon, 09 Aug 2021 08:29:45 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-cache
Pragma
no-cache
Expires
-1
Location
/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Server
Kestrel
Set-Cookie
bhlogin_benefitid=2; path=/; secure; samesite=none; httponly bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; path=/; secure; samesite=none; httponly bhlogin_sourcebenefitid=0; path=/; secure; samesite=none; httponly saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; path=/; secure; samesite=none; httponly bhlogin_cpt=False; path=/; secure; samesite=none; httponly bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; path=/; secure; samesite=lax; httponly NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660;path=/;secure;httponly
Request-Context
appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Date
Mon, 09 Aug 2021 08:29:45 GMT
Content-Length
0
Strict-Transport-Security
max-age=31536000
ip.json
api.company-target.com/api/v2/
431 B
941 B
XHR
General
Full URL
https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fhr4you.edassist.com%2F%23%2Flogin&page_title=Login%20-%20EdAssist&src=tag&key=3191a0301271b832d079cd6489cf0963
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-79.fra50.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:46 GMT
identification-source
CENTRAL
vary
Accept-Encoding, Origin
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
request-id
bcc051cf-3ae8-4242-8540-66e4637589b1
content-encoding
gzip
pragma
no-cache
access-control-allow-origin
https://hr4you.edassist.com
server
nginx
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
api-version
v2
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
tRN_AshiMgFx1oJu_9N2qPvF_4J_JAWBH99xO55lAV1hKgTfMhlP6w==
expires
Sun, 08 Aug 2021 08:29:46 GMT
validateCookie
segments.company-target.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/demandbase
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
  • https://segments.company-target.com/log?vendor=choca&user_id=AABVWE7CIc8AACg0CA8r1w
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=AABVWE7CIc8AACg0CA8r1w&verifyHash=8b0b9ce4a59263a4a03ff2ffef4694342ff70f34
26 B
409 B
Image
General
Full URL
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AABVWE7CIc8AACg0CA8r1w&verifyHash=8b0b9ce4a59263a4a03ff2ffef4694342ff70f34
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-23.fra50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 08:29:47 GMT
Via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
Vary
Origin
X-Cache
Miss from cloudfront
Content-Type
image/gif
Transfer-Encoding
chunked
Connection
keep-alive
trace-id
74488790f5e6f5bf
X-Amz-Cf-Id
CKCU6Fgo63nC9TMctBsXEbQvsRQ0MUFL4Bd0aBfbP6Cqr0MHLQgk4g==

Redirect headers

Date
Mon, 09 Aug 2021 08:29:47 GMT
Via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
Vary
Origin
X-Cache
Miss from cloudfront
Location
/validateCookie?vendor=choca&user_id=AABVWE7CIc8AACg0CA8r1w&verifyHash=8b0b9ce4a59263a4a03ff2ffef4694342ff70f34
Connection
keep-alive
trace-id
acbd18c7f6da77ae
Content-Length
0
X-Amz-Cf-Id
lMfLmwrk0dbmIuN3HLFKo1XWlcc05wnMF3qgQ2O-kDf58omW72fAOg==
464526.gif
id.rlcdn.com/
0
66 B
Image
General
Full URL
https://id.rlcdn.com/464526.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:46 GMT
via
1.1 google
alt-svc
clear
content-length
0
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1521100234&t=event&ni=1&_s=1&dl=https%3A%2F%2Fhr4you.edassist.com%2F&ul=en-us&de=UTF-8&dt=Login%20-%20EdAssist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHDAAEADUAAAAC~&jid=&gjid=&cid=1350957251.1628497785&tid=UA-38067903-1&_gid=1867950475.1628497785&gtm=2wg840T5MTQWP&cd1=(Non-Company%20Visitor)&cd2=(Non-Company%20Visitor)&cd3=(Non-Company%20Visitor)&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=Bot&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=Paris&cd11=IDF&cd12=France&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&z=641969119
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Aug 2021 05:58:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
9094
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
641f598513
bam.nr-data.net/resources/1/
0
136 B
XHR
General
Full URL
https://bam.nr-data.net/resources/1/641f598513?a=24485792&sa=1&v=974.7d740e1&t=Unnamed%20Transaction&rst=4433&ref=https://hr4you.edassist.com/&st=1628497782581
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://hr4you.edassist.com
Access-Control-Allow-Credentials
true
Content-Length
0
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=994393773937678&ev=Microdata&dl=https%3A%2F%2Fhr4you.edassist.com%2F%23%2Flogin&rl=&if=false&ts=1628497787451&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Login%20-%20EdAssist%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=2&o=30&fbp=fb.1.1628497785947.665872561&it=1628497785159&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hr4you.edassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Mon, 09 Aug 2021 08:29:47 GMT
collect
www.google-analytics.com/g/
0
0

collect
www.google-analytics.com/g/
0
0

0
bat.bing.com/actionp/
0
0

641f598513
bam.nr-data.net/jserrors/1/
0
0

bootstrap.min.css
bhlogin.brighthorizons.com/lib/bootstrap/dist/css/
157 KB
27 KB
Stylesheet
General
Full URL
https://bhlogin.brighthorizons.com/lib/bootstrap/dist/css/bootstrap.min.css
Requested by
Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8b78b7a13eb9cb5db5e63ed5fc0a301e2a259bf17b7f6d276aae68228bb13a64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bhlogin.brighthorizons.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie
bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection
keep-alive
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 14:55:14 GMT
Via
NS-CACHE-9.3: 27
Age
322493
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
27264
X-Xss-Protection
1
Request-Context
appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Cteonnt-Length
160560
Last-Modified
Mon, 26 Jul 2021 16:45:52 GMT
Server
Kestrel
ETag
"1d7823db1e41330"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
private
X-UA-Compatible
IE=edge
Accept-Ranges
bytes
Expires
Sat, 04 Sep 2021 14:55:14 GMT
bootstrap-glyphicons.min.css
bhlogin.brighthorizons.com/lib/bootstrap/dist/css/
12 KB
4 KB
Stylesheet
General
Full URL
https://bhlogin.brighthorizons.com/lib/bootstrap/dist/css/bootstrap-glyphicons.min.css
Requested by
Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
a3842c40cb1001d2ac089315e85344c43199f1b191b91886e87d538cf3028ffa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bhlogin.brighthorizons.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie
bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection
keep-alive
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 14:54:27 GMT
Via
NS-CACHE-9.3: 27
Age
322539
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3317
X-Xss-Protection
1
Request-Context
appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Cteonnt-Length
12085
Last-Modified
Mon, 26 Jul 2021 17:10:54 GMT
Server
Microsoft-IIS/8.5
ETag
"1d7824131294c35"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
private
X-UA-Compatible
IE=edge
Accept-Ranges
bytes
Expires
Sat, 04 Sep 2021 14:54:28 GMT
brighthorizons.min.css
bhlogin.brighthorizons.com/css/
74 KB
11 KB
Stylesheet
General
Full URL
https://bhlogin.brighthorizons.com/css/brighthorizons.min.css?v=axbky-aa-VCRtMCgdEtU9m0GKJ8DfJYJ8rpVEvIKOKE
Requested by
Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6b16e4cbe69af95091b4c0a0744b54f66d06289f037c9609f2ba5512f20a38a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bhlogin.brighthorizons.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie
bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection
keep-alive
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 02:58:46 GMT
Via
NS-CACHE-9.3: 27
Age
2352793
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
10984
X-Xss-Protection
1
Request-Context
appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Cteonnt-Length
75448
Last-Modified
Tue, 25 May 2021 16:53:35 GMT
Server
Kestrel
ETag
"1d7518680433738"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
private
X-UA-Compatible
IE=edge
Accept-Ranges
bytes
Expires
Thu, 12 Aug 2021 02:58:46 GMT
jquery-ui.min.css
bhlogin.brighthorizons.com/lib/jquery-ui/dist/
31 KB
9 KB
Stylesheet
General
Full URL
https://bhlogin.brighthorizons.com/lib/jquery-ui/dist/jquery-ui.min.css
Requested by
Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bhlogin.brighthorizons.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie
bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection
keep-alive
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 14:55:14 GMT
Via
NS-CACHE-9.3: 27
Age
322493
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
8316
X-Xss-Protection
1
Request-Context
appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Cteonnt-Length
32082
Last-Modified
Mon, 26 Jul 2021 16:45:52 GMT
Server
Kestrel
ETag
"1d7823db1e61d52"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
private
X-UA-Compatible
IE=edge
Accept-Ranges
bytes
Expires
Sat, 04 Sep 2021 14:55:14 GMT
jquery-3.5.0.min.js
bhlogin.brighthorizons.com/lib/jquery/dist/
105 KB
106 KB
Script
General
Full URL
https://bhlogin.brighthorizons.com/lib/jquery/dist/jquery-3.5.0.min.js
Requested by
Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c181032bad058161602603c4dec87d5af028f57d4d41a716894547d8dddcf83c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bhlogin.brighthorizons.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie
bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection
keep-alive
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 08:29:45 GMT
Last-Modified
Wed, 04 Aug 2021 17:58:40 GMT
Server
Kestrel
X-Frame-Options
DENY
ETag
"1d7895a5b27acf7"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Expires
Wed, 08 Sep 2021 08:29:46 GMT
Cache-Control
public, max-age=2592000
Request-Context
appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Accept-Ranges
bytes
Content-Length
107767
X-Xss-Protection
1
X-UA-Compatible
IE=edge
bootstrap.min.js
bhlogin.brighthorizons.com/lib/bootstrap/dist/js/
59 KB
59 KB
Script
General
Full URL
https://bhlogin.brighthorizons.com/lib/bootstrap/dist/js/bootstrap.min.js
Requested by
Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4fb5913ee978bde28acce2944e8139aaedc5c22bd51f88a1fcab174b1cc5694a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bhlogin.brighthorizons.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie
bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection
keep-alive
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 14:44:24 GMT
Via
NS-CACHE-9.3: 27
Age
323142
Connection
Keep-Alive
Content-Length
60016
X-Xss-Protection
1
Request-Context
appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Last-Modified
Mon, 26 Jul 2021 16:45:52 GMT
Server
Kestrel
ETag
"1d7823db1e68a70"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Cache-Control
max-age=2592000 ,public
X-UA-Compatible
IE=edge
Accept-Ranges
bytes
Expires
Sat, 04 Sep 2021 14:44:25 GMT
carl.min.js
bhlogin.brighthorizons.com/js/
716 B
1 KB
Script
General
Full URL
https://bhlogin.brighthorizons.com/js/carl.min.js?v=nAEIguVzMUfBqZrpsyqOGL2RKRptZgw58mucD7d_uSU
Requested by
Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
9c010882e5733147c1a99ae9b32a8e18bd91291a6d660c39f26b9c0fb77fb925
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bhlogin.brighthorizons.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie
bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection
keep-alive
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Jul 2021 02:58:04 GMT
Via
NS-CACHE-9.3: 27
Age
1143168
Connection
Keep-Alive
Content-Length
716
X-Xss-Protection
1
Request-Context
appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Last-Modified
Tue, 25 May 2021 16:57:07 GMT
Server
Microsoft-IIS/8.5
ETag
"1d75186fe9eb14c"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Cache-Control
max-age=2592000 ,public
X-UA-Compatible
IE=edge
Accept-Ranges
bytes
Expires
Thu, 26 Aug 2021 02:58:05 GMT
jquery-ui.min.js
bhlogin.brighthorizons.com/lib/jquery-ui/dist/
248 KB
248 KB
Script
General
Full URL
https://bhlogin.brighthorizons.com/lib/jquery-ui/dist/jquery-ui.min.js
Requested by
Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
Kestrel /
Resource Hash
21cacca8e9eb98f1f32702b4176685f2f941af51ab5bc7cf88ccb5435a1bb080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bhlogin.brighthorizons.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie
bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection
keep-alive
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 08:29:45 GMT
Last-Modified
Wed, 04 Aug 2021 17:58:40 GMT
Server
Kestrel
X-Frame-Options
DENY
ETag
"1d7895a5b25d6f1"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Expires
Wed, 08 Sep 2021 08:29:46 GMT
Cache-Control
public, max-age=2592000
Request-Context
appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Accept-Ranges
bytes
Content-Length
253681
X-Xss-Protection
1
X-UA-Compatible
IE=edge
jquery.passwordRequirements.min.js
bhlogin.brighthorizons.com/js/
3 KB
3 KB
Script
General
Full URL
https://bhlogin.brighthorizons.com/js/jquery.passwordRequirements.min.js?v=y-jyD-DmtmKc0uJqH9JrYPIzQbDLU1YIxn277tNKPtA
Requested by
Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
Kestrel /
Resource Hash
cbe8f20fe0e6b6629cd2e26a1fd26b60f23341b0cb535608c67dbbeed34a3ed0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bhlogin.brighthorizons.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie
bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection
keep-alive
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 14:44:24 GMT
Via
NS-CACHE-9.3: 27
Age
323142
Connection
Keep-Alive
Content-Length
2906
X-Xss-Protection
1
Request-Context
appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Last-Modified
Mon, 26 Jul 2021 17:10:54 GMT
Server
Kestrel
ETag
"1d782413129685a"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Cache-Control
max-age=2592000 ,public
X-UA-Compatible
IE=edge
Accept-Ranges
bytes
Expires
Sat, 04 Sep 2021 14:44:25 GMT
api.js
www.google.com/recaptcha/
907 B
594 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback
Requested by
Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
86abd3076292960ce4a9e29ccd52ea54944bc08446a46f6130b2747dd1c6ba61
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
573
x-xss-protection
1; mode=block
expires
Mon, 09 Aug 2021 08:29:47 GMT
bh-logo.png
bhlogin.brighthorizons.com/images/
22 KB
23 KB
Image
General
Full URL
https://bhlogin.brighthorizons.com/images/bh-logo.png
Requested by
Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
Kestrel /
Resource Hash
70b77802995cf4e0aaaab07987e52f5039f6bec5544d7a226769e2c694332eef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bhlogin.brighthorizons.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie
bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection
keep-alive
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 14:09:41 GMT
Via
NS-CACHE-9.3: 27
Age
2571751
Connection
Keep-Alive
Content-Length
22998
X-Xss-Protection
1
Request-Context
appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Last-Modified
Tue, 25 May 2021 16:53:35 GMT
Server
Kestrel
ETag
"1d7518680424856"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
max-age=2592000 ,public
X-UA-Compatible
IE=edge
Accept-Ranges
bytes
Expires
Mon, 09 Aug 2021 14:09:42 GMT
bright-horizons-logo.svg
bhlogin.brighthorizons.com/images/
14 KB
15 KB
Image
General
Full URL
https://bhlogin.brighthorizons.com/images/bright-horizons-logo.svg
Requested by
Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ac1bd666f3915789a14d4b5c308b9a9d126d216c86df6700aef7afe08f97d26d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bhlogin.brighthorizons.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie
bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection
keep-alive
Referer
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 14:44:24 GMT
Via
NS-CACHE-9.3: 27
Age
323143
Connection
Keep-Alive
Content-Length
14649
X-Xss-Protection
1
Request-Context
appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Last-Modified
Mon, 26 Jul 2021 16:45:52 GMT
Server
Kestrel
ETag
"1d7823db1e65939"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000
Content-Type
image/svg+xml
Cache-Control
max-age=2592000 ,public
X-UA-Compatible
IE=edge
Accept-Ranges
bytes
Expires
Sat, 04 Sep 2021 14:44:25 GMT
gtm.js
www.googletagmanager.com/
268 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T5MTQWP
Requested by
Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c623f022a4feeeb2ee2044a94ff17f8e91b48108756486e6499fd9306321e7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70292
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 09 Aug 2021 08:29:48 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/
341 KB
133 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b468609a3058aeac4dcd21581d0d8ce84ee810878a513735ed4a1676fd3b77fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bhlogin.brighthorizons.com
Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 06:15:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135980
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 02:15:08 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 09 Aug 2022 06:15:22 GMT
js
www.googletagmanager.com/gtag/
127 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0EY7LSHQSZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5MTQWP
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b130019f01691aa425d47796ae34d08a2b696520b30d13dc132ffc75485cdc30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:49 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51131
x-xss-protection
0
expires
Mon, 09 Aug 2021 08:29:49 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5MTQWP
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
4568
date
Mon, 09 Aug 2021 07:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Mon, 09 Aug 2021 09:13:41 GMT
hotjar-1090331.js
static.hotjar.com/c/
4 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1090331.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5MTQWP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-63.fra2.r.cloudfront.net
Software
/
Resource Hash
68e4063ded8e4eda895b670a3d73ceace9bd62d05fda06af3e372cc93c1633f8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:42 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
6
etag
W/9cd6dd44b76a0ba1809e68dec4a6befd
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
FRA2-C2
content-length
1915
via
1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
x-amz-cf-id
u59S_zE-ovBzfts10FRF_5VNvghHE5W5f3vVnJo2VfmbTewlu_hm0Q==
bat.js
bat.bing.com/
30 KB
9 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5MTQWP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:49 GMT
content-encoding
gzip
last-modified
Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref
Ref A: 6C1408ED90D84DD8B2B0B4DA6A462CEF Ref B: FRAEDGE1318 Ref C: 2021-08-09T08:29:49Z
etag
"80f2963dde83d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
9024
insight.min.js
snap.licdn.com/li.lms-analytics/
5 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28c::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 08:29:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Jun 2021 01:25:13 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=61020
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2079
fbds.js
connect.facebook.net/en_US/
4 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2e1982391432ef90d89992d67143bda5fa8dc1412a22a42cbb1ea1ff6c54e634
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
r1cLcDOYA4KFNsjblsAmsQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
2168
x-fb-rlafr
0
x-fb-debug
F0QIMtoUEpObPWDFVR7zWcoJi0iDdSyMUF98ve2HTtlkzU5N1CKtmdo8jn//WycIyXFZ1XJLF9BJOUjIyr0iTA==
x-fb-content-md5
a6f6b0766effdcd8d7be5f0ee6e16ef2
x-frame-options
DENY
date
Mon, 09 Aug 2021 08:29:49 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"c2c1d33361a31082b415bfcea448ad9d"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 09 Aug 2021 08:47:53 GMT
fbevents.js
connect.facebook.net/en_US/
98 KB
25 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25944
x-xss-protection
0
pragma
public
x-fb-debug
jdG8x9VvZBU0AgP3x7VjO9fHDyMh3oOL7LtItwmPC4H8kJeSPHY3GwyusiHubxvjTCsHUhGR5FsrP2vySRBoSw==
x-frame-options
DENY
date
Mon, 09 Aug 2021 08:29:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 7257
0
0

anchor
www.google.com/recaptcha/api2/ Frame 78C1
39 KB
20 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&co=aHR0cHM6Ly9iaGxvZ2luLmJyaWdodGhvcml6b25zLmNvbTo0NDM.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&sa=submit&cb=7kdil7ybystx
Requested by
Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/lib/jquery/dist/jquery-3.5.0.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9513440644dcc6fe0efa43fb5f2822a70947dec379097c60a6d409b8de93aa93
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-29zU67nD0z303ESLntRNzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&co=aHR0cHM6Ly9iaGxvZ2luLmJyaWdodGhvcml6b25zLmNvbTo0NDM.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&sa=submit&cb=7kdil7ybystx
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bhlogin.brighthorizons.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bhlogin.brighthorizons.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 09 Aug 2021 08:29:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-29zU67nD0z303ESLntRNzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20498
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497789565&url=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fs...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497789565&url=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26f...
0
63 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497789565&url=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&e_ipv6=AQK8S1a9dv_ydAAAAXsqCELTlKnnRBjO6LCvMioNiSVvOaZTB24SjnFu0TE0LrPmH6wC-EEA
Requested by
Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:49 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
x-li-proto
http/2
x-li-pop
prod-lva1
content-type
application/javascript
content-length
0
x-li-uuid
9TR7lxyWmRaw/g7ToCsAAA==

Redirect headers

date
Mon, 09 Aug 2021 08:29:49 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497789565&url=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&e_ipv6=AQK8S1a9dv_ydAAAAXsqCELTlKnnRBjO6LCvMioNiSVvOaZTB24SjnFu0TE0LrPmH6wC-EEA
x-li-proto
http/2
x-li-pop
prod-eda6
content-length
0
x-li-uuid
wGCBjByWmRbw+lNYrCoAAA==
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=320938781441559&ev=PixelInitialized&dl=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&rl=https%3A%2F%2Fhr4you.edassist.com%2F&if=false&ts=1628497789567
Requested by
Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Mon, 09 Aug 2021 08:29:49 GMT
994393773937678
connect.facebook.net/signals/config/
253 KB
72 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/994393773937678?v=2.9.44&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
caa3cf742e83438f33fcd49f858609f84d70777a2399156403011c97a7ef9d60
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
73520
x-xss-protection
0
pragma
public
x-fb-debug
ezlZr91JcN0lU7KGKmvNNLnkH50us+yL1GxnLnFy4sjjayS4uKQhi+9AqMdg2tpC4OoPL8+A+k7HXjyp1ZoPKw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 09 Aug 2021 08:29:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0EY7LSHQSZ&gtm=2oe840&_p=2136785179&sr=1600x1200&ul=en-us&cid=292824737.1628497790&_s=1&dl=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&dr=https%3A%2F%2Fhr4you.edassist.com%2F&dt=Bright%20Horizons%20%7C%20Log%20In&sid=1628497789&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0EY7LSHQSZ&l=dataLayer&cx=c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 09 Aug 2021 08:29:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bhlogin.brighthorizons.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.9a6619e61150e4449f35.js
script.hotjar.com/
221 KB
59 KB
Script
General
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1090331.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.222.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-222-60.lhr61.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
324704
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 5f8ce6fad85064c6a8d3486ad2c8e170.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
MhOsI7EoaTIw3qhRtVWH_hT_5TBDq4GTkMBE5cGnFjlCzMcwcX0WrA==
56292788.js
bat.bing.com/p/action/
0
92 B
Script
General
Full URL
https://bat.bing.com/p/action/56292788.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 09 Aug 2021 08:29:49 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: 7D3F4B57BB914C3E977C290019A30476 Ref B: FRAEDGE1318 Ref C: 2021-08-09T08:29:49Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
94 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=56292788&tm=gtm001&Ver=2&mid=ccbc78fe-b58b-4275-a4cf-38fa96c85023&sid=f62abce0f8eb11eb97c1edcf076cd3cd&vid=f62afae0f8eb11eb8ee5f53088e8e5ec&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Bright%20Horizons%20%7C%20Log%20In&p=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&r=https%3A%2F%2Fhr4you.edassist.com%2F&lt=2209&evt=pageLoad&msclkid=N&sv=1&rn=179483
Requested by
Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 09 Aug 2021 08:29:49 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 4C02F96B21FD4D4390377F87A7E76C95 Ref B: FRAEDGE1318 Ref C: 2021-08-09T08:29:49Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/
131 KB
44 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=OPT-MCWHWCV&t=gtm4&cid=292824737.1628497790
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
04938a5fbaec1f89e7dfc36a8316f4aca8bd0c8431a3a9a9d0a241da619ebd41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:49 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45053
x-xss-protection
0
expires
Mon, 09 Aug 2021 08:29:49 GMT
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 78E1
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1090331.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-123.fra50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bhlogin.brighthorizons.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bhlogin.brighthorizons.com/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
HZGNaK7w_Waue-kb9AKs7deR-QSE7PVk9TdvI_lov02LvxqcivrWSQ==
age
1930399
styles__ltr.css
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ Frame 78C1
52 KB
25 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&co=aHR0cHM6Ly9iaGxvZ2luLmJyaWdodGhvcml6b25zLmNvbTo0NDM.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&sa=submit&cb=7kdil7ybystx
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 07:51:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 02:15:08 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 09 Aug 2022 07:51:05 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ Frame 78C1
341 KB
133 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&co=aHR0cHM6Ly9iaGxvZ2luLmJyaWdodGhvcml6b25zLmNvbTo0NDM.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&sa=submit&cb=7kdil7ybystx
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b468609a3058aeac4dcd21581d0d8ce84ee810878a513735ed4a1676fd3b77fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 06:15:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135980
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 02:15:08 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 09 Aug 2022 06:15:22 GMT
1353585158113746
connect.facebook.net/signals/config/
253 KB
72 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1353585158113746?v=2.9.44&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
092f12ef476f40a036dab7dc398a9cd30153cc2540d1dc8190b16871cd5ba27c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
73503
x-xss-protection
0
pragma
public
x-fb-debug
ph+uD2GGU2/5aBgDTfeTEPOt+Scg/wr5ghGA307wevHTas7+HDH1fOWQ/+l4OFfUiu9JT0hTUJhI/M+2rTpfdg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 09 Aug 2021 08:29:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=994393773937678&ev=PageView&dl=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&rl=https%3A%2F%2Fhr4you.edassist.com%2F&if=false&ts=1628497789707&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628497789703.2092481637&it=1628497789572&coo=false&rqm=GET
Requested by
Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Mon, 09 Aug 2021 08:29:49 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 78C1
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 23:34:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
550544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Mon, 09 Aug 2021 23:34:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 78C1
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&co=aHR0cHM6Ly9iaGxvZ2luLmJyaWdodGhvcml6b25zLmNvbTo0NDM.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&sa=submit&cb=7kdil7ybystx
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 21:27:21 GMT
x-content-type-options
nosniff
age
558148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 21:27:21 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 78C1
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&co=aHR0cHM6Ly9iaGxvZ2luLmJyaWdodGhvcml6b25zLmNvbTo0NDM.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&sa=submit&cb=7kdil7ybystx
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 14:26:18 GMT
x-content-type-options
nosniff
age
497011
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 14:26:18 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1353585158113746&ev=PageView&dl=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&rl=https%3A%2F%2Fhr4you.edassist.com%2F&if=false&ts=1628497790012&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628497789703.2092481637&it=1628497789572&coo=false&rqm=GET
Requested by
Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:50 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Mon, 09 Aug 2021 08:29:50 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 78C1
102 B
132 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&co=aHR0cHM6Ly9iaGxvZ2luLmJyaWdodGhvcml6b25zLmNvbTo0NDM.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&sa=submit&cb=7kdil7ybystx
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f9fb02852dda1e5714cdaed5afa720c8b3a12e5ac59744bb303ce601c280dd23
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&co=aHR0cHM6Ly9iaGxvZ2luLmJyaWdodGhvcml6b25zLmNvbTo0NDM.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&sa=submit&cb=7kdil7ybystx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 09 Aug 2021 08:29:50 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=2136785179&t=pageview&_s=1&dl=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&dr=https%3A%2F%2Fhr4you.edassist.com%2F&ul=en-us&de=UTF-8&dt=Bright%20Horizons%20%7C%20Log%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEADQAAAAC~&jid=479892703&gjid=362419184&cid=292824737.1628497790&tid=UA-38067903-1&_gid=1501152389.1628497790&_r=1&gtm=2wg840T5MTQWP&cd18=hr4you.edassist.com&cd19=https%3A%2F%2Fhr4you.edassist.com%2F&cd21=not-available&cd23=not-available&cd24=not-available&cd25=not-available&cd27=not-available&cd29=not-available&cd30=not-available&cd31=not-available&cd32=not-available&cd33=not-available&cd34=not-available&cd35=not-available&cd36=not-available&cd37=not-available&cd38=not-available&cd39=not-available&cd40=not-available&cd41=not-available&cd42=not-available&cd43=2021-08-09T10%3A29%3A50.110%2B02%3A00&cd44=not-available&cd45=not-available&cd46=not-available&cd47=not-available&cd48=not-available&cd49=not-available&cd50=not-available&cd51=not-available&cd52=not-available&cd53=not-available&cd54=not-available&z=2073772243
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Aug 2021 08:29:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bhlogin.brighthorizons.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
25 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-38067903-1&cid=292824737.1628497790&jid=479892703&gjid=362419184&_gid=1501152389.1628497790&_u=aCDAAEACQAAAAC~&z=1303268489
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 09 Aug 2021 08:29:50 GMT
content-type
text/plain
access-control-allow-origin
https://bhlogin.brighthorizons.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-38067903-1&cid=292824737.1628497790&jid=479892703&_u=aCDAAEACQAAAAC~&z=1172671035
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Aug 2021 08:29:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-38067903-1&cid=292824737.1628497790&jid=479892703&_u=aCDAAEACQAAAAC~&z=1172671035
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Aug 2021 08:29:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame 4E53
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&cb=pytaer5s9ie0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ab4b02dcf7a55be23d6e9d3c398cf5877fa83432f50014c5ff3e7d462a338924
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-z8wcuId7QkuCi1Kdy565Fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&cb=pytaer5s9ie0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bhlogin.brighthorizons.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bhlogin.brighthorizons.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 09 Aug 2021 08:29:50 GMT
content-security-policy
script-src 'report-sample' 'nonce-z8wcuId7QkuCi1Kdy565Fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1111
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
0260c743.min.js
tag.demandbase.com/
74 KB
18 KB
Script
General
Full URL
https://tag.demandbase.com/0260c743.min.js
Requested by
Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.49.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30c8833b64eaba651bfa571c29bf222fb9d3502ef530d60236524f00523bed4a

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
7lA8m45GlDMLQ7S9a3TGRlQ_2j6M4ctr
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 19:59:02 GMT
server
AmazonS3
age
1576
etag
W/"f258ed111c40157de373542d30dc55b2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 52bb5852b1acec80b918512e69d8f7dc.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
date
Mon, 09 Aug 2021 08:08:57 GMT
x-amz-cf-pop
ARN54-C1
x-amz-cf-id
cO5D9jQLX9U0L_6TnBUjJAcW7qpm_1_i8ljeyMRWx818BUfl7PGmYA==
ip.json
api.company-target.com/api/v2/
431 B
947 B
XHR
General
Full URL
https://api.company-target.com/api/v2/ip.json?referrer=https%3A%2F%2Fhr4you.edassist.com%2F&page=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&page_title=Bright%20Horizons%20%7C%20Log%20In&src=tag&key=3191a0301271b832d079cd6489cf0963
Requested by
Host: tag.demandbase.com
URL: https://tag.demandbase.com/0260c743.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-79.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
caad3eb3537eefdd9a3e97b626e5cdaadc483894c7aa556f6824fb1a0cf13769

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:50 GMT
identification-source
CENTRAL
vary
Accept-Encoding, Origin
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
request-id
971a8719-0c09-4717-99d7-e53edf74eb6b
content-encoding
gzip
pragma
no-cache
access-control-allow-origin
https://bhlogin.brighthorizons.com
server
nginx
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
api-version
v2
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
2IXdEhTUpWwbFGDd3VMNA_5QETi0ynnvB4Lp2A5lMUdhjp3vco9Xvw==
expires
Sun, 08 Aug 2021 08:29:50 GMT
log
segments.company-target.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/demandbase
  • https://segments.company-target.com/log?vendor=choca&user_id=AABVWE7CIc8AACg0CA8r1w
26 B
409 B
Image
General
Full URL
https://segments.company-target.com/log?vendor=choca&user_id=AABVWE7CIc8AACg0CA8r1w
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-23.fra50.r.cloudfront.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 08:29:51 GMT
Via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
Vary
Origin
X-Cache
Miss from cloudfront
Content-Type
image/gif
Transfer-Encoding
chunked
Connection
keep-alive
trace-id
989b472a9cb11e01
X-Amz-Cf-Id
8AzgBtw_MzQNyENMy1bR_mmZZW_mgwhBUvDqLyz-FEHEmF8HDDnO8A==

Redirect headers

location
https://segments.company-target.com/log?vendor=choca&user_id=AABVWE7CIc8AACg0CA8r1w
Date
Mon, 09 Aug 2021 08:29:50 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
464526.gif
id.rlcdn.com/
0
42 B
Image
General
Full URL
https://id.rlcdn.com/464526.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:50 GMT
via
1.1 google
alt-svc
clear
content-length
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ Frame 4E53
52 KB
25 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&cb=pytaer5s9ie0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 07:51:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 02:15:08 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 09 Aug 2022 07:51:05 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ Frame 4E53
341 KB
133 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&cb=pytaer5s9ie0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b468609a3058aeac4dcd21581d0d8ce84ee810878a513735ed4a1676fd3b77fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 06:15:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135980
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 02:15:08 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 09 Aug 2022 06:15:22 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=2136785179&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&dr=https%3A%2F%2Fhr4you.edassist.com%2F&ul=en-us&de=UTF-8&dt=Bright%20Horizons%20%7C%20Log%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aDDAAEADQAAAAC~&jid=&gjid=&cid=292824737.1628497790&tid=UA-38067903-1&_gid=1501152389.1628497790&gtm=2wg840T5MTQWP&cd1=(Non-Company%20Visitor)&cd2=(Non-Company%20Visitor)&cd3=(Non-Company%20Visitor)&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=Bot&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=Paris&cd11=IDF&cd12=France&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&z=548078675
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Aug 2021 05:58:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
9098
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
reload
www.google.com/recaptcha/api2/ Frame 4E53
35 KB
21 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cbd6d19c21e2530d3f8fb6c9635a8db0da0471e4380034c6372e588561c05ae3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&cb=pytaer5s9ie0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Mon, 09 Aug 2021 08:29:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21549
x-xss-protection
1; mode=block
expires
Mon, 09 Aug 2021 08:29:50 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 4E53
600 B
622 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 08:57:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
516718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
600
x-xss-protection
0
expires
Tue, 10 Aug 2021 08:57:53 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 4E53
530 B
552 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 07 Aug 2021 04:57:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
185548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
530
x-xss-protection
0
expires
Sat, 14 Aug 2021 04:57:23 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 4E53
665 B
687 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 03:00:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
538166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
665
x-xss-protection
0
expires
Tue, 10 Aug 2021 03:00:25 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4E53
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&cb=pytaer5s9ie0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 21:27:21 GMT
x-content-type-options
nosniff
age
558150
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 21:27:21 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4E53
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&cb=pytaer5s9ie0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 14:26:18 GMT
x-content-type-options
nosniff
age
497013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 14:26:18 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4E53
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&cb=pytaer5s9ie0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 14:26:18 GMT
x-content-type-options
nosniff
age
497013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 14:26:18 GMT
payload
www.google.com/recaptcha/api2/ Frame 4E53
24 KB
24 KB
Image
General
Full URL
https://www.google.com/recaptcha/api2/payload?p=06AGdBq27sdC-rqfvXHoPenCRbTHGzZPiszDEC0BMFKmo31176D5utFsP2n4_zly8pUEivA9B1G73GXQDY2loEH_L4M1NWVC8YhotLRIxKZuB2gaxQK7buR0vpV3UiyTXZxvS-Cy46HN0qRc4vW67Jafgoy-tuTbejhqS6-gBcSupnVuv7o81VEuDfBKAADrs33va7W4QJLAmUeTsHQAmA2EhGHFiW2kMapw&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c0a71028ee9ec7416490d87563a9bafb5b666b910b9742cac75ab99d4e3c2000
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&cb=pytaer5s9ie0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:51 GMT
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24707
x-xss-protection
1; mode=block
expires
Mon, 09 Aug 2021 08:29:51 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=994393773937678&ev=Microdata&dl=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&rl=https%3A%2F%2Fhr4you.edassist.com%2F&if=false&ts=1628497791362&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Bright%20Horizons%20%7C%20Log%20In%22%2C%22meta%3Adescription%22%3A%22Sign%20in%20to%20access%20Bright%20Horizons%20Child%20Care%20and%20other%20employee%20benefits%20including%20Back-Up%20Care%2C%20Elder%20Care%2C%20College%20Coach%2C%20and%20EdAssist%20or%20sign%20up%20for%20a%20new%20account.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1628497789703.2092481637&it=1628497789572&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Mon, 09 Aug 2021 08:29:51 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1353585158113746&ev=Microdata&dl=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&rl=https%3A%2F%2Fhr4you.edassist.com%2F&if=false&ts=1628497791793&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Bright%20Horizons%20%7C%20Log%20In%22%2C%22meta%3Adescription%22%3A%22Sign%20in%20to%20access%20Bright%20Horizons%20Child%20Care%20and%20other%20employee%20benefits%20including%20Back-Up%20Care%2C%20Elder%20Care%2C%20College%20Coach%2C%20and%20EdAssist%20or%20sign%20up%20for%20a%20new%20account.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1628497789703.2092481637&it=1628497789572&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 08:29:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Mon, 09 Aug 2021 08:29:51 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0EY7LSHQSZ&gtm=2oe840&_p=2136785179&sr=1600x1200&ul=en-us&cid=292824737.1628497790&_s=2&dl=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&dr=https%3A%2F%2Fhr4you.edassist.com%2F&dt=Bright%20Horizons%20%7C%20Log%20In&sid=1628497789&sct=1&seg=0&en=scroll&_et=987&ep.debug_mode=true&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0EY7LSHQSZ&l=dataLayer&cx=c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 09 Aug 2021 08:29:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bhlogin.brighthorizons.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Ping
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bhlogin.brighthorizons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 09 Aug 2021 08:30:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://bhlogin.brighthorizons.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0EY7LSHQSZ&gtm=2oe840&_p=1521100234&sr=1600x1200&ul=en-us&cid=1350957251.1628497785&dl=https%3A%2F%2Fhr4you.edassist.com%2F&dt=Login%20-%20EdAssist&sid=1628497785&sct=1&seg=0&_s=2
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VBG2PWG49C&gtm=2oe840&_p=1521100234&sr=1600x1200&ul=en-us&cid=1350957251.1628497785&dl=https%3A%2F%2Fhr4you.edassist.com%2F&dt=Login%20-%20EdAssist&sid=1628497785&sct=1&seg=0&_s=2
Domain
bat.bing.com
URL
https://bat.bing.com/actionp/0?ti=56292788&tm=gtm001&Ver=2&mid=30138843-e0aa-4217-9a26-728050012410&sid=f3d7a620f8eb11ebb0c361c33ec9c8dd&vid=f3d7f190f8eb11ebb06907cdb9e067b1&vids=1&evt=pageHide
Domain
bam.nr-data.net
URL
https://bam.nr-data.net/jserrors/1/641f598513?a=24485792&sa=1&v=974.7d740e1&t=Unnamed%20Transaction&rst=5280&ref=https://hr4you.edassist.com/&xhr=%5B%7B%22params%22:%7B%22method%22:%22POST%22,%22host%22:%22www.google-analytics.com:443%22,%22pathname%22:%22/j/collect%22,%22status%22:200%7D,%22metrics%22:%7B%22count%22:3,%22duration%22:%7B%22t%22:166,%22min%22:17,%22max%22:128,%22sos%22:17114,%22c%22:3%7D,%22rxSize%22:%7B%22t%22:6,%22min%22:2,%22max%22:2,%22sos%22:12,%22c%22:3%7D,%22cbTime%22:%7B%22t%22:0,%22min%22:0,%22max%22:0,%22sos%22:0,%22c%22:3%7D,%22time%22:%7B%22t%22:8488,%22min%22:2613,%22max%22:3246,%22sos%22:24275926,%22c%22:3%7D%7D%7D,%7B%22params%22:%7B%22method%22:%22POST%22,%22host%22:%22stats.g.doubleclick.net:443%22,%22pathname%22:%22/j/collect%22,%22status%22:200%7D,%22metrics%22:%7B%22count%22:2,%22duration%22:%7B%22t%22:81,%22min%22:36,%22max%22:45,%22sos%22:3321,%22c%22:2%7D,%22rxSize%22:%7B%22t%22:8,%22min%22:4,%22max%22:4,%22sos%22:32,%22c%22:2%7D,%22cbTime%22:%7B%22t%22:0,%22min%22:0,%22max%22:0,%22sos%22:0,%22c%22:2%7D,%22time%22:%7B%22t%22:5279,%22min%22:2634,%22max%22:2645,%22sos%22:13933981,%22c%22:2%7D%7D%7D,%7B%22params%22:%7B%22method%22:%22GET%22,%22host%22:%22svc.edassist.com:443%22,%22pathname%22:%22/ed5/api/v1/content/general/login/hr4you%22,%22status%22:200%7D,%22metrics%22:%7B%22count%22:1,%22duration%22:%7B%22t%22:933%7D,%22rxSize%22:%7B%22t%22:3365%7D,%22cbTime%22:%7B%22t%22:17%7D,%22time%22:%7B%22t%22:3247%7D%7D%7D,%7B%22params%22:%7B%22method%22:%22GET%22,%22host%22:%22api.company-target.com:443%22,%22pathname%22:%22/api/v2/ip.json%22,%22status%22:200%7D,%22metrics%22:%7B%22count%22:1,%22duration%22:%7B%22t%22:145%7D,%22rxSize%22:%7B%22t%22:430%7D,%22cbTime%22:%7B%22t%22:0%7D,%22time%22:%7B%22t%22:4190%7D%7D%7D,%7B%22params%22:%7B%22method%22:%22POST%22,%22host%22:%22bam.nr-data.net:443%22,%22pathname%22:%22/resources/1/641f598513%22,%22status%22:200%7D,%22metrics%22:%7B%22count%22:1,%22txSize%22:%7B%22t%22:6417%7D,%22duration%22:%7B%22t%22:196%7D,%22cbTime%22:%7B%22t%22:0%7D,%22time%22:%7B%22t%22:4434%7D%7D%7D%5D
Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&co=aHR0cHM6Ly9iaGxvZ2luLmJyaWdodGhvcml6b25zLmNvbTo0NDM.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&sa=submit&cb=7kdil7ybystx

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| $ function| jQuery object| bootstrap function| disableButtons function| waitingDialog function| closeWaitingDialog function| onSubmit object| queryParams function| getQueryParam function| setCookie function| getCookie object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| onloadCallback string| pname object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| uetq string| _linkedin_partner_id object| _linkedin_data_partner_ids object| _fbq function| fbq object| recaptcha object| closure_lm_275882 function| lintrk boolean| _already_called_lintrk object| gaGlobal function| onYouTubeIframeAPIReady object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| UET function| UET_init function| UET_push object| gaplugins object| gaData object| google_optimize function| __extends object| Demandbase object| __db function| DBSegment

18 Cookies

Domain/Path Name / Value
.brighthorizons.com/ Name: _hjid
Value: 090e66bd-7639-4675-843a-58628f69612d
.brighthorizons.com/ Name: _fbp
Value: fb.1.1628497789703.2092481637
.brighthorizons.com/ Name: _gid
Value: GA1.2.1501152389.1628497790
.brighthorizons.com/ Name: _uetvid
Value: f62afae0f8eb11eb8ee5f53088e8e5ec
.brighthorizons.com/ Name: _ga_0EY7LSHQSZ
Value: GS1.1.1628497789.1.0.1628497789.0
.brighthorizons.com/ Name: _gcl_au
Value: 1.1.226507822.1628497789
bhlogin.brighthorizons.com/ Name: bhlogin_cpt
Value: False
bhlogin.brighthorizons.com/ Name: saml-session
Value: c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f
bhlogin.brighthorizons.com/ Name: .AspNetCore.Antiforgery.wTXcPMLj6uU
Value: CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
.brighthorizons.com/ Name: _gat_UA-38067903-1
Value: 1
.brighthorizons.com/ Name: _hjFirstSeen
Value: 1
bhlogin.brighthorizons.com/ Name: NSC_cimphjo-cibenjo.ci.dpn
Value: ffffffff092cac6545525d5f4f58455e445a4a423660
.brighthorizons.com/ Name: _ga
Value: GA1.2.292824737.1628497790
bhlogin.brighthorizons.com/ Name: bhlogin-session
Value: CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm
.brighthorizons.com/ Name: _uetsid
Value: f62abce0f8eb11eb97c1edcf076cd3cd
bhlogin.brighthorizons.com/ Name: bhlogin_sourcebenefitid
Value: 0
bhlogin.brighthorizons.com/ Name: bhlogin_clientguid
Value: EB63EC53-25A9-E211-AC37-0050568B60D8
bhlogin.brighthorizons.com/ Name: bhlogin_benefitid
Value: 2

3 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 24)
Message:
[Facebook Pixel] - Multiple pixels with conflicting versions were detected on this page.
console-api warning URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js(Line 17220)
Message:
This browser does not support Web Storage!
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 24)
Message:
[Facebook Pixel] - Multiple pixels with conflicting versions were detected on this page.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.company-target.com
bam.nr-data.net
bat.bing.com
bhlogin.brighthorizons.com
connect.facebook.net
fonts.gstatic.com
hr4you.edassist.com
id.rlcdn.com
js-agent.newrelic.com
match.prod.bidr.io
px.ads.linkedin.com
px4.ads.linkedin.com
script.hotjar.com
segments.company-target.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
svc.edassist.com
tag.demandbase.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
bam.nr-data.net
bat.bing.com
www.google-analytics.com
www.google.com
108.174.10.14
13.224.222.60
13.225.78.63
143.204.98.123
143.204.98.23
143.204.98.79
151.101.13.27
162.247.242.18
216.245.141.171
216.245.141.172
216.245.141.234
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:802::2003
2a00:1450:4001:803::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2003
2a00:1450:4001:828::200e
2a00:1450:400c:c00::9a
2a02:26f0:6c00:28c::25ea
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.252.144.15
35.244.174.68
65.9.49.42
04938a5fbaec1f89e7dfc36a8316f4aca8bd0c8431a3a9a9d0a241da619ebd41
073d79753c8a24a0bf3dabaa3b49100a188abf72ea5f72e636431f15a1939576
092f12ef476f40a036dab7dc398a9cd30153cc2540d1dc8190b16871cd5ba27c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c623f022a4feeeb2ee2044a94ff17f8e91b48108756486e6499fd9306321e7b
2037b7a2a76c8315c06af6189a2d1fff476fae2ba82d72127283090729c0a41b
21cacca8e9eb98f1f32702b4176685f2f941af51ab5bc7cf88ccb5435a1bb080
2e1982391432ef90d89992d67143bda5fa8dc1412a22a42cbb1ea1ff6c54e634
30c8833b64eaba651bfa571c29bf222fb9d3502ef530d60236524f00523bed4a
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
466da5a789662c476755af73ad431b55280f584a8b29d9355c3770bec1e002b0
49b19b372b6bcaa0420f557e413988d5d28beb313e0f228208f7afcbac38d60b
4fb5913ee978bde28acce2944e8139aaedc5c22bd51f88a1fcab174b1cc5694a
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
68e4063ded8e4eda895b670a3d73ceace9bd62d05fda06af3e372cc93c1633f8
6b16e4cbe69af95091b4c0a0744b54f66d06289f037c9609f2ba5512f20a38a1
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271
70b77802995cf4e0aaaab07987e52f5039f6bec5544d7a226769e2c694332eef
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7bfc7d7a0574a286b2e412cc933773a2419cb09a207fc0c31b34664cb53ed6cf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86abd3076292960ce4a9e29ccd52ea54944bc08446a46f6130b2747dd1c6ba61
871a3ee466b45b57034c7d648e99a0aa12ff8abb677b8c38499f74abad427013
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8b78b7a13eb9cb5db5e63ed5fc0a301e2a259bf17b7f6d276aae68228bb13a64
9513440644dcc6fe0efa43fb5f2822a70947dec379097c60a6d409b8de93aa93
96601e0f254362feb25ae1ef3cf9c237bab435f76ec6170161a656fd249f10e6
9866f5265b6fb988b9989ca2035c8e47c154b8e5b976df0a0ea680bea3923cd5
9c010882e5733147c1a99ae9b32a8e18bd91291a6d660c39f26b9c0fb77fb925
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a24500966d99ebc2ac4bfea809d2f05a3356beb5d22e15457ba0b8ed0acc0ca7
a3842c40cb1001d2ac089315e85344c43199f1b191b91886e87d538cf3028ffa
ab4b02dcf7a55be23d6e9d3c398cf5877fa83432f50014c5ff3e7d462a338924
ac1bd666f3915789a14d4b5c308b9a9d126d216c86df6700aef7afe08f97d26d
b130019f01691aa425d47796ae34d08a2b696520b30d13dc132ffc75485cdc30
b468609a3058aeac4dcd21581d0d8ce84ee810878a513735ed4a1676fd3b77fc
c0a71028ee9ec7416490d87563a9bafb5b666b910b9742cac75ab99d4e3c2000
c181032bad058161602603c4dec87d5af028f57d4d41a716894547d8dddcf83c
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e
caa3cf742e83438f33fcd49f858609f84d70777a2399156403011c97a7ef9d60
caad3eb3537eefdd9a3e97b626e5cdaadc483894c7aa556f6824fb1a0cf13769
cbd6d19c21e2530d3f8fb6c9635a8db0da0471e4380034c6372e588561c05ae3
cbe8f20fe0e6b6629cd2e26a1fd26b60f23341b0cb535608c67dbbeed34a3ed0
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
dd6d7699147ecb7e261ad481f18dcbb3df7ba66de747e4833c369c205ecf7d4c
de272e6c7c5237ae60a9f3e96379de2c5778af29343ff06678f767cccf7f7faa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4a0e0f07710200d324f749d2f028885bb01fdaa4406365ecc3d78bd2c347009
f9fb02852dda1e5714cdaed5afa720c8b3a12e5ac59744bb303ce601c280dd23
fb56969a1925d01c3b02ad4e17b3d63ad50fa1b280c6be8e8db1387dcd007062
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a