bhlogin.brighthorizons.com Open in urlscan Pro
216.245.141.234 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hr4you.edassist.com/
Effective URL:
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Submission: On August 09 via manual (August 9th 2021, 8:30:28 am UTC) from IN

Summary HTTP 126 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 20 domains to perform 126 HTTP transactions. The main IP is 216.245.141.234, located in United States and belongs to SRS-6-Z-7381, US. The main domain is bhlogin.brighthorizons.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on June 22nd 2021. Valid for: a year.

This is the only time bhlogin.brighthorizons.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	216.245.141.172 216.245.141.172	7381 (SRS-6-Z-7381) (SRS-6-Z-7381)
17	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	13.225.78.63 13.225.78.63	16509 (AMAZON-02) (AMAZON-02)
6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
12	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3 3	2620:119:50e3... 2620:119:50e3:101::6cae:b45	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
3	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	13.224.222.60 13.224.222.60	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	216.245.141.171 216.245.141.171	7381 (SRS-6-Z-7381) (SRS-6-Z-7381)
2	143.204.98.123 143.204.98.123	16509 (AMAZON-02) (AMAZON-02)
1	151.101.13.27 151.101.13.27	54113 (FASTLY) (FASTLY)
2	65.9.49.42 65.9.49.42	16509 (AMAZON-02) (AMAZON-02)
2	162.247.242.18 162.247.242.18	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1 13	216.245.141.234 216.245.141.234	7381 (SRS-6-Z-7381) (SRS-6-Z-7381)
2	143.204.98.79 143.204.98.79	16509 (AMAZON-02) (AMAZON-02)
3 3	34.252.144.15 34.252.144.15	16509 (AMAZON-02) (AMAZON-02)
1 3	143.204.98.23 143.204.98.23	16509 (AMAZON-02) (AMAZON-02)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
126	25

9 216.245.141.172 (United States)

ASN7381 (SRS-6-Z-7381, US)

hr4you.edassist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-63.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:28c::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:119:50e3:101::6cae:b45 (United States) 3 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.222.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-222-60.lhr61.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.245.141.171 (United States)

ASN7381 (SRS-6-Z-7381, US)

svc.edassist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.27 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.49.42 (United States)

ASN16509 (AMAZON-02, US)

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.18 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 216.245.141.234 (United States) 1 redirects

ASN7381 (SRS-6-Z-7381, US)

bhlogin.brighthorizons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-79.fra50.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.252.144.15 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-144-15.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.23 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-23.fra50.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	google-analytics.com www.google-analytics.com	127 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com	529 KB
13	brighthorizons.com 1 redirects bhlogin.brighthorizons.com	512 KB
12	facebook.com www.facebook.com	1 KB
11	edassist.com hr4you.edassist.com svc.edassist.com	2 MB
9	google.com www.google.com	68 KB
8	facebook.net connect.facebook.net	343 KB
6	linkedin.com 4 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
6	bing.com bat.bing.com	19 KB
6	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	125 KB
5	company-target.com 1 redirects api.company-target.com segments.company-target.com	3 KB
5	googletagmanager.com www.googletagmanager.com	287 KB
3	bidr.io 3 redirects match.prod.bidr.io	1 KB
3	google.de www.google.de	692 B
3	doubleclick.net stats.g.doubleclick.net	560 B
2	rlcdn.com id.rlcdn.com	108 B
2	nr-data.net bam.nr-data.net	404 B
2	demandbase.com tag.demandbase.com	37 KB
2	licdn.com snap.licdn.com	5 KB
1	newrelic.com js-agent.newrelic.com	9 KB
126	20

	Domain	Requested by
17	www.google-analytics.com	hr4you.edassist.com www.google-analytics.com www.googletagmanager.com
13	bhlogin.brighthorizons.com	1 redirects hr4you.edassist.com bhlogin.brighthorizons.com
12	www.facebook.com	hr4you.edassist.com bhlogin.brighthorizons.com
9	www.gstatic.com	www.google.com www.gstatic.com
9	www.google.com	hr4you.edassist.com bhlogin.brighthorizons.com www.gstatic.com www.google.com
9	hr4you.edassist.com	hr4you.edassist.com
8	connect.facebook.net	hr4you.edassist.com connect.facebook.net
6	bat.bing.com	www.googletagmanager.com bat.bing.com hr4you.edassist.com bhlogin.brighthorizons.com
5	fonts.gstatic.com	www.google.com
5	www.googletagmanager.com	hr4you.edassist.com www.googletagmanager.com bhlogin.brighthorizons.com
3	segments.company-target.com	1 redirects
3	match.prod.bidr.io	3 redirects
3	www.google.de	hr4you.edassist.com
3	stats.g.doubleclick.net	hr4you.edassist.com www.google-analytics.com
3	px.ads.linkedin.com	3 redirects
2	id.rlcdn.com
2	api.company-target.com	hr4you.edassist.com tag.demandbase.com
2	bam.nr-data.net	js-agent.newrelic.com hr4you.edassist.com
2	tag.demandbase.com	hr4you.edassist.com
2	vars.hotjar.com	static.hotjar.com
2	svc.edassist.com	hr4you.edassist.com
2	script.hotjar.com	static.hotjar.com
2	px4.ads.linkedin.com	hr4you.edassist.com bhlogin.brighthorizons.com
2	snap.licdn.com	hr4you.edassist.com
2	static.hotjar.com	www.googletagmanager.com
1	js-agent.newrelic.com	hr4you.edassist.com
1	www.linkedin.com	1 redirects
126	27

This site contains links to these domains. Also see Links.

Domain
www.brighthorizons.com

Subject Issuer	Validity	Valid
*.edassist.com Entrust Certification Authority - L1K	`2020-05-05` - `2022-08-04`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.newrelic.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-05` - `2022-06-06`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2020-10-14` - `2021-11-15`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
bhlogin.brighthorizons.com Entrust Certification Authority - L1K	`2021-06-22` - `2022-07-21`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2020-10-09` - `2021-10-28`	a year	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2019-06-19` - `2021-08-18`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Frame ID: E883714187CEADD5AC69A5212277A9D6
Requests: 105 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 24BE1E3C508F290B0D13AC537AB56C2F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&co=aHR0cHM6Ly9iaGxvZ2luLmJyaWdodGhvcml6b25zLmNvbTo0NDM.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&sa=submit&cb=7kdil7ybystx
Frame ID: 7257F9F2ABE5A7B522E1E23D35A52EC9
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&co=aHR0cHM6Ly9iaGxvZ2luLmJyaWdodGhvcml6b25zLmNvbTo0NDM.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&sa=submit&cb=7kdil7ybystx
Frame ID: 78C1936122EF683668A352CA5899876B
Requests: 7 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 78E1740505135D68FD006A4CCAB2ABE7
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&cb=pytaer5s9ie0
Frame ID: 4E53181AEF438A22D214EF8EB769532C
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://hr4you.edassist.com/ Page URL
https://bhlogin.brighthorizons.com/Account/Singlesignonservice?benefitId=2&clientguid=EB63EC53-25A9-E211-AC37-0... HTTP 301
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&is... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /require.*\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Glyphicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /(?:<link[^>]* href=[^>]+glyphicons(?:\.min)?\.css|<img[^>]* src=[^>]+glyphicons)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

126
Requests

96 %
HTTPS

48 %
IPv6

20
Domains

27
Subdomains

25
IPs

4
Countries

3666 kB
Transfer

12723 kB
Size

18
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.brighthorizons.com/Privacy
Title: Privacy Notice

Search URL Search Domain Scan URL

URL: https://www.brighthorizons.com/Text-Pages/Terms-use
Title: Acceptable Use Policy

Search URL Search Domain Scan URL

URL: https://www.brighthorizons.com/trademarks
Title: Trademark

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hr4you.edassist.com/ Page URL
https://bhlogin.brighthorizons.com/Account/Singlesignonservice?benefitId=2&clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8 HTTP 301
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497785163&url=https%3A%2F%2Fhr4you.edassist.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D116151%26time%3D1628497785163%26url%3Dhttps%253A%252F%252Fhr4you.edassist.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497785163&url=https%3A%2F%2Fhr4you.edassist.com%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497785163&url=https%3A%2F%2Fhr4you.edassist.com%2F&liSync=true&e_ipv6=AQKmi_WHDX8A6QAAAXsqCDTnCH0iNYz7u10tMQvmplarvCHVkaoI7JiRhxwWOAai2Jrxb811

Request Chain 52

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AABVWE7CIc8AACg0CA8r1w HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AABVWE7CIc8AACg0CA8r1w&verifyHash=8b0b9ce4a59263a4a03ff2ffef4694342ff70f34

Request Chain 84

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497789565&url=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497789565&url=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&e_ipv6=AQK8S1a9dv_ydAAAAXsqCELTlKnnRBjO6LCvMioNiSVvOaZTB24SjnFu0TE0LrPmH6wC-EEA

Request Chain 109

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AABVWE7CIc8AACg0CA8r1w

126 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
hr4you.edassist.com/ 2 KB
1 KB 721ms
137ms Document
text/html 216.245.141.172
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to

Full URL: https://hr4you.edassist.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.245.141.172 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 9866f5265b6fb988b9989ca2035c8e47c154b8e5b976df0a0ea680bea3923cd5

Request headers

Host: hr4you.edassist.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Age: 3
Date: Mon, 09 Aug 2021 08:29:41 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-9.3: 27
ETag: "02f80a88085d71:0"
Content-Type: text/html
Last-Modified: Fri, 30 Jul 2021 20:22:46 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/8.5
ntCoent-Length: 2058
Content-Encoding: gzip
Content-Length: 937

GET
H/1.1 200
OK global-92269239bb.css
hr4you.edassist.com/dist/css/ 796 KB
182 KB 141ms
140ms Stylesheet
text/css 216.245.141.172
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to

Full URL: https://hr4you.edassist.com/dist/css/global-92269239bb.css
Requested by: Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.245.141.172 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 466da5a789662c476755af73ad431b55280f584a8b29d9355c3770bec1e002b0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hr4you.edassist.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://hr4you.edassist.com/
Connection: keep-alive
Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length: 814641
Date: Mon, 09 Aug 2021 08:29:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Jul 2021 20:22:46 GMT
Server: Microsoft-IIS/8.5
ETag: "02f80a88085d71:0"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: private
Accept-Ranges: bytes

GET
H/1.1 200
OK sprite.css
hr4you.edassist.com/dist/assets/icons/css/ 22 KB
4 KB 409ms
139ms Stylesheet
text/css 216.245.141.172
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to

Full URL: https://hr4you.edassist.com/dist/assets/icons/css/sprite.css
Requested by: Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.245.141.172 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 49b19b372b6bcaa0420f557e413988d5d28beb313e0f228208f7afcbac38d60b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hr4you.edassist.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://hr4you.edassist.com/
Connection: keep-alive
Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length: 22298
Date: Mon, 09 Aug 2021 08:29:41 GMT
Via: NS-CACHE-9.3: 27
Last-Modified: Fri, 30 Jul 2021 20:23:18 GMT
Server: Microsoft-IIS/8.5
Age: 3
ETag: "0ff92bb8085d71:0"
Content-Type: text/css
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 3515

GET
H/1.1 200
OK env.js Show response
hr4you.edassist.com/dist/js/ 353 B
655 B 408ms
138ms Script
application/javascript 216.245.141.172
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to

Full URL: https://hr4you.edassist.com/dist/js/env.js
Requested by: Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.245.141.172 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 96601e0f254362feb25ae1ef3cf9c237bab435f76ec6170161a656fd249f10e6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hr4you.edassist.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://hr4you.edassist.com/
Connection: keep-alive
Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 08:29:41 GMT
Via: NS-CACHE-9.3: 27
Last-Modified: Tue, 03 Aug 2021 10:51:44 GMT
Server: Microsoft-IIS/8.5
Age: 3
ETag: "316f758c5588d71:0"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 353

GET
H/1.1 200
OK vendor-7597f552f9.core.js Show response
hr4you.edassist.com/dist/js/ 2 MB
576 KB 409ms
139ms Script
application/javascript 216.245.141.172
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to

Full URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js
Requested by: Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.245.141.172 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: a24500966d99ebc2ac4bfea809d2f05a3356beb5d22e15457ba0b8ed0acc0ca7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hr4you.edassist.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://hr4you.edassist.com/
Connection: keep-alive
Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 08:29:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Jul 2021 20:23:04 GMT
Server: Microsoft-IIS/8.5
ETag: "0c43ab38085d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 589124

GET
H/1.1 200
OK edassist-ee0eef9186.core.js Show response
hr4you.edassist.com/dist/js/ 4 MB
793 KB 432ms
145ms Script
application/javascript 216.245.141.172
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to

Full URL: https://hr4you.edassist.com/dist/js/edassist-ee0eef9186.core.js
Requested by: Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.245.141.172 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: f4a0e0f07710200d324f749d2f028885bb01fdaa4406365ecc3d78bd2c347009

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hr4you.edassist.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://hr4you.edassist.com/
Connection: keep-alive
Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 08:29:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Jul 2021 20:22:46 GMT
Server: Microsoft-IIS/8.5
ETag: "02f80a88085d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 812215

GET
H/1.1 200
OK muli-regular.woff2
hr4you.edassist.com/dist/fonts/ 19 KB
20 KB 138ms
138ms Font
font/x-woff2 216.245.141.172
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to

Full URL: https://hr4you.edassist.com/dist/fonts/muli-regular.woff2
Requested by: Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/css/global-92269239bb.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.245.141.172 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 2037b7a2a76c8315c06af6189a2d1fff476fae2ba82d72127283090729c0a41b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://hr4you.edassist.com
Accept-Encoding: gzip, deflate, br
Host: hr4you.edassist.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://hr4you.edassist.com/dist/css/global-92269239bb.css
Connection: keep-alive
Origin: https://hr4you.edassist.com
Referer: https://hr4you.edassist.com/dist/css/global-92269239bb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 08:29:41 GMT
Via: NS-CACHE-9.3: 27
Last-Modified: Fri, 30 Jul 2021 20:22:46 GMT
Server: Microsoft-IIS/8.5
Age: 3
ETag: "02f80a88085d71:0"
Content-Type: font/x-woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 19804

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 4563
date: Mon, 09 Aug 2021 07:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Mon, 09 Aug 2021 09:13:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 268 KB
69 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T5MTQWP

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c623f022a4feeeb2ee2044a94ff17f8e91b48108756486e6499fd9306321e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70292
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Aug 2021 08:29:44 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 127 KB
50 KB 37ms
22ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0EY7LSHQSZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5MTQWP

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b130019f01691aa425d47796ae34d08a2b696520b30d13dc132ffc75485cdc30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51131
x-xss-protection: 0
expires: Mon, 09 Aug 2021 08:29:45 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 127 KB
50 KB 47ms
34ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VBG2PWG49C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5MTQWP

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7bfc7d7a0574a286b2e412cc933773a2419cb09a207fc0c31b34664cb53ed6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51135
x-xss-protection: 0
expires: Mon, 09 Aug 2021 08:29:45 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 131 KB
44 KB 39ms
25ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-MCWHWCV&t=gtm4&cid=1350957251.1628497785

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb56969a1925d01c3b02ad4e17b3d63ad50fa1b280c6be8e8db1387dcd007062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45007
x-xss-protection: 0
expires: Mon, 09 Aug 2021 08:29:45 GMT

GET
H2 200 hotjar-1090331.js Show response
static.hotjar.com/c/ 4 KB
2 KB 103ms
33ms Script
application/javascript 13.225.78.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1090331.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5MTQWP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-63.fra2.r.cloudfront.net

Software

Resource Hash

68e4063ded8e4eda895b670a3d73ceace9bd62d05fda06af3e372cc93c1633f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 2
etag: W/9cd6dd44b76a0ba1809e68dec4a6befd
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA2-C2
content-length: 1915
via: 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
x-amz-cf-id: oFaQTRqUJUX3q0Z7b5Mu6F8UI0wAlGdqEmbIDG5ABKnbG8Elbka-rA==

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 56ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5MTQWP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:44 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: F8D6B4874A7345FF99156AA29DCA9339 Ref B: FRAEDGE1318 Ref C: 2021-08-09T08:29:45Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 35ms
15ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 08:29:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Jun 2021 01:25:13 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=61024
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2079

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
3 KB 28ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2e1982391432ef90d89992d67143bda5fa8dc1412a22a42cbb1ea1ff6c54e634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: r1cLcDOYA4KFNsjblsAmsQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 2168
x-fb-rlafr: 0
x-fb-debug: F0QIMtoUEpObPWDFVR7zWcoJi0iDdSyMUF98ve2HTtlkzU5N1CKtmdo8jn//WycIyXFZ1XJLF9BJOUjIyr0iTA==
x-fb-trip-id: 686109401
x-fb-content-md5: a6f6b0766effdcd8d7be5f0ee6e16ef2
x-frame-options: DENY
date: Mon, 09 Aug 2021 08:29:45 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c2c1d33361a31082b415bfcea448ad9d"
timing-allow-origin: *
expires: Mon, 09 Aug 2021 08:47:53 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 28ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25944
x-xss-protection: 0
pragma: public
x-fb-debug: jdG8x9VvZBU0AgP3x7VjO9fHDyMh3oOL7LtItwmPC4H8kJeSPHY3GwyusiHubxvjTCsHUhGR5FsrP2vySRBoSw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 09 Aug 2021 08:29:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-0EY7LSHQSZ&gtm=2oe840&_p=1521100234&sr=1600x1200&ul=en-us&cid=1350957251.1628497785&_s=1&dl=https%3A%2F%2Fhr4you.edassist.com%2F&dt=&sid=1628497785&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.debug_mode=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0EY7LSHQSZ&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 08:29:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hr4you.edassist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 21ms
5ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=320938781441559&ev=PixelInitialized&dl=https%3A%2F%2Fhr4you.edassist.com%2F&rl=&if=false&ts=1628497785151

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 09 Aug 2021 08:29:45 GMT

GET
H3-29 200 994393773937678 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 446ms
439ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/994393773937678?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

caa3cf742e83438f33fcd49f858609f84d70777a2399156403011c97a7ef9d60

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: ezlZr91JcN0lU7KGKmvNNLnkH50us+yL1GxnLnFy4sjjayS4uKQhi+9AqMdg2tpC4OoPL8+A+k7HXjyp1ZoPKw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 09 Aug 2021 08:29:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497785163&url=https%3A%2F%2Fhr4you.edassist.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D116151%26time%3D1628497785163%26url%3Dhttps%253A%252F%252Fhr4you.edassist.com%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497785163&url=https%3A%2F%2Fhr4you.edassist.com%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497785163&url=https%3A%2F%2Fhr4you.edassist.com%2F&liSync=true&e_ipv6=AQKmi_WHDX8A6QAAAXsqCDTnCH0iNYz7u10tMQvmplarvCHVkaoI7JiRhxw...

0
154 B

324ms
138ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497785163&url=https%3A%2F%2Fhr4you.edassist.com%2F&liSync=true&e_ipv6=AQKmi_WHDX8A6QAAAXsqCDTnCH0iNYz7u10tMQvmplarvCHVkaoI7JiRhxwWOAai2Jrxb811
Requested by: Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:46 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: 2H7wyhuWmRages9boCsAAA==

Redirect headers

date: Mon, 09 Aug 2021 08:29:46 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497785163&url=https%3A%2F%2Fhr4you.edassist.com%2F&liSync=true&e_ipv6=AQKmi_WHDX8A6QAAAXsqCDTnCH0iNYz7u10tMQvmplarvCHVkaoI7JiRhxwWOAai2Jrxb811
x-li-proto: http/2
x-li-pop: prod-eda6
content-length: 0
x-li-uuid: y2l7uBuWmRYQOBXMrCoAAA==

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-VBG2PWG49C&gtm=2oe840&_p=1521100234&sr=1600x1200&ul=en-us&cid=1350957251.1628497785&_s=1&dl=https%3A%2F%2Fhr4you.edassist.com%2F&dt=&sid=1628497785&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.debug_mode=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VBG2PWG49C&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 08:29:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hr4you.edassist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1521100234&t=pageview&_s=1&dl=https%3A%2F%2Fhr4you.edassist.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADUAAAAC~&jid=229186982&gjid=1556456121&cid=1350957251.1628497785&tid=UA-38067903-10&_gid=1867950475.1628497785&_r=1&gtm=2wg840T5MTQWP&cd18=&cd19=&cd21=not-available&cd23=not-available&cd24=not-available&cd25=not-available&cd27=not-available&cd29=not-available&cd30=not-available&cd31=not-available&cd32=not-available&cd33=not-available&cd34=not-available&cd35=not-available&cd36=not-available&cd37=not-available&cd38=not-available&cd39=not-available&cd40=not-available&cd41=not-available&cd42=not-available&cd43=2021-08-09T10%3A29%3A45.183%2B02%3A00&cd44=not-available&cd45=not-available&cd46=not-available&cd47=not-available&cd48=not-available&cd49=not-available&cd50=not-available&cd51=not-available&cd52=not-available&cd53=not-available&cd54=not-available&z=524781217

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 08:29:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hr4you.edassist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 08:29:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hr4you.edassist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
465 B 43ms
14ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-38067903-10&cid=1350957251.1628497785&jid=229186982&gjid=1556456121&_gid=1867950475.1628497785&_u=aGDAAEACUAAAAC~&z=1424256522

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 09 Aug 2021 08:29:45 GMT
content-type: text/plain
access-control-allow-origin: https://hr4you.edassist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 56292788.js Show response
bat.bing.com/p/action/ 0
150 B 219ms
218ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/56292788.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 09 Aug 2021 08:29:45 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 6A1A5EBD9B454B9ABA80A2EAA1A72C4A Ref B: FRAEDGE1318 Ref C: 2021-08-09T08:29:45Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 200 modules.9a6619e61150e4449f35.js Show response
script.hotjar.com/ 221 KB
59 KB 99ms
32ms Script
application/javascript 13.224.222.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.9a6619e61150e4449f35.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1090331.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-60.lhr61.r.cloudfront.net

Software

Resource Hash

fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 14:18:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 324700
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59579
access-control-allow-origin: *
last-modified: Thu, 05 Aug 2021 14:17:07 GMT
etag: "f404c80c4e9647abd5db65360cf9ecee"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5f8ce6fad85064c6a8d3486ad2c8e170.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: LHR61-C2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 4GvK85Sa4M8psxvpY0mDQHAA7H7I4RLyjvDeUnpLKPdreQev4hcjVw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 32ms
15ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-38067903-1&cid=1350957251.1628497785&jid=644552999&gjid=1777955165&_gid=1867950475.1628497785&_u=aGDAAEADUAAAAC~&z=580226522

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 09 Aug 2021 08:29:45 GMT
content-type: text/plain
access-control-allow-origin: https://hr4you.edassist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
327 B 17ms
17ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-38067903-10&cid=1350957251.1628497785&jid=229186982&_u=aGDAAEACUAAAAC~&z=1631107281

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 08:29:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 39ms
17ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-38067903-10&cid=1350957251.1628497785&jid=229186982&_u=aGDAAEACUAAAAC~&z=1631107281

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 08:29:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-38067903-1&cid=1350957251.1628497785&jid=644552999&_u=aGDAAEADUAAAAC~&z=99211165

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 08:29:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 37ms
16ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-38067903-1&cid=1350957251.1628497785&jid=644552999&_u=aGDAAEADUAAAAC~&z=99211165

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 08:29:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
149 B 33ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=56292788&tm=gtm001&Ver=2&mid=30138843-e0aa-4217-9a26-728050012410&sid=f3d7a620f8eb11ebb0c361c33ec9c8dd&vid=f3d7f190f8eb11ebb06907cdb9e067b1&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fhr4you.edassist.com%2F&r=&lt=3032&evt=pageLoad&msclkid=N&sv=1&rn=408845
Requested by: Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 09 Aug 2021 08:29:45 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 20B5154859504521B8C3FCC7D61932E6 Ref B: FRAEDGE1318 Ref C: 2021-08-09T08:29:45Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1521100234&t=pageview&_s=1&dl=https%3A%2F%2Fhr4you.edassist.com%2F&dp=%2Flogin&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADUAAAAC~&jid=947504440&gjid=1419511289&cid=1350957251.1628497785&tid=UA-52850747-3&_gid=1867950475.1628497785&_r=1&_slc=1&cd1=hr4you&cd2=&z=740552868

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 08:29:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hr4you.edassist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 hr4you
svc.edassist.com/ed5/api/v1/content/general/login/ 3 KB
4 KB 186ms
186ms XHR
application/json 216.245.141.171
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to

Full URL

https://svc.edassist.com/ed5/api/v1/content/general/login/hr4you?textOnly=false

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.245.141.171 , United States, ASN7381 (SRS-6-Z-7381, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://hr4you.edassist.com/
source: web
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 08:29:46 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: https://hr4you.edassist.com
Access-Control-Expose-Headers: file-ext
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=60
Expires: 0

GET
H/1.1 404
Not Found bhes-horizontal.svg
hr4you.edassist.com/%7B%7Bvm.constants.urls.cdnBase%7D%7D/images/web-client-logos/ 1 KB
1 KB 144ms
144ms Image
text/html 216.245.141.172
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hr4you.edassist.com/%7B%7Bvm.constants.urls.cdnBase%7D%7D/images/web-client-logos/bhes-horizontal.svg
Requested by: Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.245.141.172 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hr4you.edassist.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hr4you.edassist.com/
Cookie: _gcl_au=1.1.661861450.1628497785; _gid=GA1.2.1867950475.1628497785; _ga_0EY7LSHQSZ=GS1.1.1628497785.1.0.1628497785.0; _ga_VBG2PWG49C=GS1.1.1628497785.1.0.1628497785.0; _ga=GA1.2.1350957251.1628497785; _gat_UA-38067903-10=1; _gat_UA-38067903-1=1; _hjid=fb1e5fe7-a4b2-4dbb-8192-980e73a0bd6c; _hjFirstSeen=1; _uetsid=f3d7a620f8eb11ebb0c361c33ec9c8dd; _uetvid=f3d7f190f8eb11ebb06907cdb9e067b1; _gat=1
Connection: keep-alive
Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length: 1245
Date: Mon, 09 Aug 2021 08:29:44 GMT
Cache-Control: private
Server: Microsoft-IIS/8.5
Content-Encoding: gzip
Content-Length: 679
Content-Type: text/html

OPTIONS
H/1.1 200 hr4you
svc.edassist.com/ed5/api/v1/content/general/login/ Frame 0
0 728ms
148ms Preflight 216.245.141.171
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to

Full URL

https://svc.edassist.com/ed5/api/v1/content/general/login/hr4you?textOnly=false

Protocol

HTTP/1.1

Server

216.245.141.171 , United States, ASN7381 (SRS-6-Z-7381, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: source
Origin: https://hr4you.edassist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Access-Control-Allow-Origin: https://hr4you.edassist.com
Access-Control-Allow-Methods: GET,POST,HEAD,OPTIONS,PUT,DELETE,PATCH
Access-Control-Allow-Headers: source
Access-Control-Expose-Headers: file-ext
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Length: 0
Date: Mon, 09 Aug 2021 08:29:43 GMT
Keep-Alive: timeout=60
Connection: keep-alive

GET
DATA 200
OK truncated
/ 383 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 073d79753c8a24a0bf3dabaa3b49100a188abf72ea5f72e636431f15a1939576

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H/1.1 200
OK muli-extrabold.woff2
hr4you.edassist.com/dist/fonts/ 19 KB
19 KB 138ms
137ms Font
font/x-woff2 216.245.141.172
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to

Full URL: https://hr4you.edassist.com/dist/fonts/muli-extrabold.woff2
Requested by: Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/css/global-92269239bb.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.245.141.172 , United States, ASN7381 (SRS-6-Z-7381, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: dd6d7699147ecb7e261ad481f18dcbb3df7ba66de747e4833c369c205ecf7d4c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://hr4you.edassist.com
Accept-Encoding: gzip, deflate, br
Host: hr4you.edassist.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://hr4you.edassist.com/dist/css/global-92269239bb.css
Cookie: _gcl_au=1.1.661861450.1628497785; _gid=GA1.2.1867950475.1628497785; _ga_0EY7LSHQSZ=GS1.1.1628497785.1.0.1628497785.0; _ga_VBG2PWG49C=GS1.1.1628497785.1.0.1628497785.0; _ga=GA1.2.1350957251.1628497785; _gat_UA-38067903-10=1; _gat_UA-38067903-1=1; _hjid=fb1e5fe7-a4b2-4dbb-8192-980e73a0bd6c; _hjFirstSeen=1; _uetsid=f3d7a620f8eb11ebb0c361c33ec9c8dd; _uetvid=f3d7f190f8eb11ebb06907cdb9e067b1; _gat=1
Connection: keep-alive
Origin: https://hr4you.edassist.com
Referer: https://hr4you.edassist.com/dist/css/global-92269239bb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 08:29:44 GMT
Last-Modified: Fri, 30 Jul 2021 20:22:46 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "02f80a88085d71:0"
Content-Length: 19588
Content-Type: font/x-woff2

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame 24BE 2 KB
1 KB 88ms
24ms Document
text/html 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1090331.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hr4you.edassist.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hr4you.edassist.com/

Response headers

content-type: text/html
content-length: 1044
date: Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 0WgQvHPJjjGXeQk8n9z2CIAzJMjmpvkggpZMDk0FJ4b6FuYnfM1tLg==
age: 1930395

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=1521100234&t=pageview&_s=1&dl=https%3A%2F%2Fhr4you.edassist.com%2F&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Login%20-%20EdAssist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADUAAAAC~&jid=&gjid=&cid=1350957251.1628497785&tid=UA-38067903-1&_gid=1867950475.1628497785&gtm=2wg840T5MTQWP&z=114659983

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 05:58:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9093
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 05:58:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9093
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 1353585158113746 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 444ms
444ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1353585158113746?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

092f12ef476f40a036dab7dc398a9cd30153cc2540d1dc8190b16871cd5ba27c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: ph+uD2GGU2/5aBgDTfeTEPOt+Scg/wr5ghGA307wevHTas7+HDH1fOWQ/+l4OFfUiu9JT0hTUJhI/M+2rTpfdg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 09 Aug 2021 08:29:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
91 B 15ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=994393773937678&ev=PageView&dl=https%3A%2F%2Fhr4you.edassist.com%2F%23%2Flogin&rl=&if=false&ts=1628497785948&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628497785947.665872561&it=1628497785159&coo=false&rqm=GET

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 09 Aug 2021 08:29:45 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 11ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1353585158113746&ev=PageView&dl=https%3A%2F%2Fhr4you.edassist.com%2F%23%2Flogin&rl=&if=false&ts=1628497786413&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628497785947.665872561&it=1628497785159&coo=false&rqm=GET

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 09 Aug 2021 08:29:46 GMT

GET
H2 200 nr-974.min.js Show response
js-agent.newrelic.com/ 22 KB
9 KB 81ms
26ms Script
application/javascript 151.101.13.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-974.min.js
Requested by: Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de272e6c7c5237ae60a9f3e96379de2c5778af29343ff06678f767cccf7f7faa

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "634571f9ce8c2fed916ddca30914f48a"
x-amz-request-id: A4Q3Q08TY2QQC0ME
x-cache: HIT
content-length: 8756
x-amz-id-2: 82EEEFVCpqTIh/RJD0ybm/whyb9/J/23pXzR8eBt5evxZOc1J0Q1OCt1Kf4N1TbLka+368Ns06w=
x-served-by: cache-fra19124-FRA
last-modified: Wed, 28 Feb 2018 23:33:45 GMT
server: AmazonS3
x-timer: S1628497787.550227,VS0,VE0
date: Mon, 09 Aug 2021 08:29:46 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 14

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 10ms
9ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=320938781441559&ev=PixelInitialized&dl=https%3A%2F%2Fhr4you.edassist.com%2F%23%2Flogin&rl=https%3A%2F%2Fhr4you.edassist.com%2F&if=false&ts=1628497786490

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 09 Aug 2021 08:29:46 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=994393773937678&ev=PageView&dl=https%3A%2F%2Fhr4you.edassist.com%2F%23%2Flogin&rl=&if=false&ts=1628497786492&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1628497785947.665872561&it=1628497785159&coo=false&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 09 Aug 2021 08:29:46 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1353585158113746&ev=PageView&dl=https%3A%2F%2Fhr4you.edassist.com%2F%23%2Flogin&rl=&if=false&ts=1628497786502&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1628497785947.665872561&it=1628497785159&coo=false&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 09 Aug 2021 08:29:46 GMT

GET
H2 200 0260c743.min.js
tag.demandbase.com/ 74 KB
18 KB 247ms
69ms Script
application/javascript 65.9.49.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.demandbase.com/0260c743.min.js
Requested by: Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.49.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 7lA8m45GlDMLQ7S9a3TGRlQ_2j6M4ctr
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 19:59:02 GMT
server: AmazonS3
age: 1572
etag: W/"f258ed111c40157de373542d30dc55b2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 52bb5852b1acec80b918512e69d8f7dc.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
date: Mon, 09 Aug 2021 08:08:57 GMT
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: 4Wd90HpBCLbBlxsmam9-jAgqz8N1chzGOg4gZSOY_j3Gp-ThViv0Mw==

GET
H/1.1 200
OK 641f598513
bam.nr-data.net/1/ 57 B
268 B 434ms
105ms Script
text/javascript 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/641f598513?a=24485792&sa=1&v=974.7d740e1&t=Unnamed%20Transaction&rst=3989&ref=https://hr4you.edassist.com/&be=2378&fe=1524&dc=644&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1628497782581,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:52,%22c%22:52,%22s%22:66,%22ce%22:585,%22rq%22:585,%22rp%22:722,%22rpe%22:722,%22dl%22:725,%22di%22:3018,%22ds%22:3022,%22de%22:3032,%22dc%22:3901,%22l%22:3901,%22le%22:3908%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-974.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
bhlogin.brighthorizons.com/
Redirect Chain

https://bhlogin.brighthorizons.com/Account/Singlesignonservice?benefitId=2&clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8
https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False

13 KB
5 KB

194ms
193ms

Document
text/html

216.245.141.234
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to

Full URL

https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/edassist-ee0eef9186.core.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),

Reverse DNS

Software

Kestrel /

Resource Hash

871a3ee466b45b57034c7d648e99a0aa12ff8abb677b8c38499f74abad427013

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Host: bhlogin.brighthorizons.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://hr4you.edassist.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hr4you.edassist.com/#/login

Response headers

Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Kestrel
Set-Cookie: bhlogin_benefitid=2; path=/; secure; samesite=none; httponly bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; path=/; secure; samesite=none; httponly .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg; path=/; secure; samesite=strict; httponly
Request-Context: appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
X-Frame-Options: DENY
X-UA-Compatible: IE=edge
X-Xss-Protection: 1
Date: Mon, 09 Aug 2021 08:29:45 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Location: /?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Server: Kestrel
Set-Cookie: bhlogin_benefitid=2; path=/; secure; samesite=none; httponly bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; path=/; secure; samesite=none; httponly bhlogin_sourcebenefitid=0; path=/; secure; samesite=none; httponly saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; path=/; secure; samesite=none; httponly bhlogin_cpt=False; path=/; secure; samesite=none; httponly bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; path=/; secure; samesite=lax; httponly NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660;path=/;secure;httponly
Request-Context: appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Date: Mon, 09 Aug 2021 08:29:45 GMT
Content-Length: 0
Strict-Transport-Security: max-age=31536000

GET
H2 200 ip.json
api.company-target.com/api/v2/ 431 B
941 B 134ms
68ms XHR
application/json 143.204.98.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fhr4you.edassist.com%2F%23%2Flogin&page_title=Login%20-%20EdAssist&src=tag&key=3191a0301271b832d079cd6489cf0963
Requested by: Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-79.fra50.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:46 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
request-id: bcc051cf-3ae8-4242-8540-66e4637589b1
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://hr4you.edassist.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tRN_AshiMgFx1oJu_9N2qPvF_4J_JAWBH99xO55lAV1hKgTfMhlP6w==
expires: Sun, 08 Aug 2021 08:29:46 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AABVWE7CIc8AACg0CA8r1w
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AABVWE7CIc8AACg0CA8r1w&verifyHash=8b0b9ce4a59263a4a03ff2ffef4694342ff70f34

26 B
409 B

118ms
118ms

Image
image/gif

143.204.98.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AABVWE7CIc8AACg0CA8r1w&verifyHash=8b0b9ce4a59263a4a03ff2ffef4694342ff70f34
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-23.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 08:29:47 GMT
Via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: 74488790f5e6f5bf
X-Amz-Cf-Id: CKCU6Fgo63nC9TMctBsXEbQvsRQ0MUFL4Bd0aBfbP6Cqr0MHLQgk4g==

Redirect headers

Date: Mon, 09 Aug 2021 08:29:47 GMT
Via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AABVWE7CIc8AACg0CA8r1w&verifyHash=8b0b9ce4a59263a4a03ff2ffef4694342ff70f34
Connection: keep-alive
trace-id: acbd18c7f6da77ae
Content-Length: 0
X-Amz-Cf-Id: lMfLmwrk0dbmIuN3HLFKo1XWlcc05wnMF3qgQ2O-kDf58omW72fAOg==

GET
H2 451 464526.gif
id.rlcdn.com/ 0
66 B 67ms
22ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:46 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
21ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=1521100234&t=event&ni=1&_s=1&dl=https%3A%2F%2Fhr4you.edassist.com%2F&ul=en-us&de=UTF-8&dt=Login%20-%20EdAssist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHDAAEADUAAAAC~&jid=&gjid=&cid=1350957251.1628497785&tid=UA-38067903-1&_gid=1867950475.1628497785&gtm=2wg840T5MTQWP&cd1=(Non-Company%20Visitor)&cd2=(Non-Company%20Visitor)&cd3=(Non-Company%20Visitor)&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=Bot&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=Paris&cd11=IDF&cd12=France&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&z=641969119

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 05:58:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9094
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK 641f598513
bam.nr-data.net/resources/1/ 0
136 B 193ms
192ms XHR
text/plain 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/641f598513?a=24485792&sa=1&v=974.7d740e1&t=Unnamed%20Transaction&rst=4433&ref=https://hr4you.edassist.com/&st=1628497782581
Requested by: Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://hr4you.edassist.com
Access-Control-Allow-Credentials: true
Content-Length: 0

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=994393773937678&ev=Microdata&dl=https%3A%2F%2Fhr4you.edassist.com%2F%23%2Flogin&rl=&if=false&ts=1628497787451&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Login%20-%20EdAssist%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=2&o=30&fbp=fb.1.1628497785947.665872561&it=1628497785159&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hr4you.edassist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 09 Aug 2021 08:29:47 GMT

POST collect
www.google-analytics.com/g/ 0
0

POST 0
bat.bing.com/actionp/ 0
0

POST 641f598513
bam.nr-data.net/jserrors/1/ 0
0

GET
H/1.1 200
OK bootstrap.min.css
bhlogin.brighthorizons.com/lib/bootstrap/dist/css/ 157 KB
27 KB 148ms
146ms Stylesheet
text/css 216.245.141.234
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to

Full URL

https://bhlogin.brighthorizons.com/lib/bootstrap/dist/css/bootstrap.min.css

Requested by

Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8b78b7a13eb9cb5db5e63ed5fc0a301e2a259bf17b7f6d276aae68228bb13a64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bhlogin.brighthorizons.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie: bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection: keep-alive
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 14:55:14 GMT
Via: NS-CACHE-9.3: 27
Age: 322493
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 27264
X-Xss-Protection: 1
Request-Context: appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Cteonnt-Length: 160560
Last-Modified: Mon, 26 Jul 2021 16:45:52 GMT
Server: Kestrel
ETag: "1d7823db1e41330"
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: private
X-UA-Compatible: IE=edge
Accept-Ranges: bytes
Expires: Sat, 04 Sep 2021 14:55:14 GMT

GET
H/1.1 200
OK bootstrap-glyphicons.min.css
bhlogin.brighthorizons.com/lib/bootstrap/dist/css/ 12 KB
4 KB 301ms
145ms Stylesheet
text/css 216.245.141.234
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to

Full URL

https://bhlogin.brighthorizons.com/lib/bootstrap/dist/css/bootstrap-glyphicons.min.css

Requested by

Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

a3842c40cb1001d2ac089315e85344c43199f1b191b91886e87d538cf3028ffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bhlogin.brighthorizons.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie: bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection: keep-alive
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 14:54:27 GMT
Via: NS-CACHE-9.3: 27
Age: 322539
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 3317
X-Xss-Protection: 1
Request-Context: appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Cteonnt-Length: 12085
Last-Modified: Mon, 26 Jul 2021 17:10:54 GMT
Server: Microsoft-IIS/8.5
ETag: "1d7824131294c35"
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: private
X-UA-Compatible: IE=edge
Accept-Ranges: bytes
Expires: Sat, 04 Sep 2021 14:54:28 GMT

GET
H/1.1 200
OK brighthorizons.min.css
bhlogin.brighthorizons.com/css/ 74 KB
11 KB 409ms
135ms Stylesheet
text/css 216.245.141.234
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to

Full URL

https://bhlogin.brighthorizons.com/css/brighthorizons.min.css?v=axbky-aa-VCRtMCgdEtU9m0GKJ8DfJYJ8rpVEvIKOKE

Requested by

Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),

Reverse DNS

Software

Kestrel /

Resource Hash

6b16e4cbe69af95091b4c0a0744b54f66d06289f037c9609f2ba5512f20a38a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bhlogin.brighthorizons.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie: bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection: keep-alive
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 02:58:46 GMT
Via: NS-CACHE-9.3: 27
Age: 2352793
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 10984
X-Xss-Protection: 1
Request-Context: appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Cteonnt-Length: 75448
Last-Modified: Tue, 25 May 2021 16:53:35 GMT
Server: Kestrel
ETag: "1d7518680433738"
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: private
X-UA-Compatible: IE=edge
Accept-Ranges: bytes
Expires: Thu, 12 Aug 2021 02:58:46 GMT

GET
H/1.1 200
OK jquery-ui.min.css
bhlogin.brighthorizons.com/lib/jquery-ui/dist/ 31 KB
9 KB 436ms
145ms Stylesheet
text/css 216.245.141.234
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to

Full URL

https://bhlogin.brighthorizons.com/lib/jquery-ui/dist/jquery-ui.min.css

Requested by

Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bhlogin.brighthorizons.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie: bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection: keep-alive
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 14:55:14 GMT
Via: NS-CACHE-9.3: 27
Age: 322493
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 8316
X-Xss-Protection: 1
Request-Context: appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Cteonnt-Length: 32082
Last-Modified: Mon, 26 Jul 2021 16:45:52 GMT
Server: Kestrel
ETag: "1d7823db1e61d52"
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: private
X-UA-Compatible: IE=edge
Accept-Ranges: bytes
Expires: Sat, 04 Sep 2021 14:55:14 GMT

GET
H/1.1 200
OK jquery-3.5.0.min.js Show response
bhlogin.brighthorizons.com/lib/jquery/dist/ 105 KB
106 KB 442ms
152ms Script
application/javascript 216.245.141.234
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to

Full URL

https://bhlogin.brighthorizons.com/lib/jquery/dist/jquery-3.5.0.min.js

Requested by

Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c181032bad058161602603c4dec87d5af028f57d4d41a716894547d8dddcf83c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bhlogin.brighthorizons.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie: bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection: keep-alive
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 08:29:45 GMT
Last-Modified: Wed, 04 Aug 2021 17:58:40 GMT
Server: Kestrel
X-Frame-Options: DENY
ETag: "1d7895a5b27acf7"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Expires: Wed, 08 Sep 2021 08:29:46 GMT
Cache-Control: public, max-age=2592000
Request-Context: appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Accept-Ranges: bytes
Content-Length: 107767
X-Xss-Protection: 1
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK bootstrap.min.js Show response
bhlogin.brighthorizons.com/lib/bootstrap/dist/js/ 59 KB
59 KB 435ms
146ms Script
application/javascript 216.245.141.234
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to

Full URL

https://bhlogin.brighthorizons.com/lib/bootstrap/dist/js/bootstrap.min.js

Requested by

Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4fb5913ee978bde28acce2944e8139aaedc5c22bd51f88a1fcab174b1cc5694a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bhlogin.brighthorizons.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie: bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection: keep-alive
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 14:44:24 GMT
Via: NS-CACHE-9.3: 27
Age: 323142
Connection: Keep-Alive
Content-Length: 60016
X-Xss-Protection: 1
Request-Context: appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Last-Modified: Mon, 26 Jul 2021 16:45:52 GMT
Server: Kestrel
ETag: "1d7823db1e68a70"
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Cache-Control: max-age=2592000 ,public
X-UA-Compatible: IE=edge
Accept-Ranges: bytes
Expires: Sat, 04 Sep 2021 14:44:25 GMT

GET
H/1.1 200
OK carl.min.js Show response
bhlogin.brighthorizons.com/js/ 716 B
1 KB 448ms
148ms Script
application/javascript 216.245.141.234
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to

Full URL

https://bhlogin.brighthorizons.com/js/carl.min.js?v=nAEIguVzMUfBqZrpsyqOGL2RKRptZgw58mucD7d_uSU

Requested by

Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

9c010882e5733147c1a99ae9b32a8e18bd91291a6d660c39f26b9c0fb77fb925

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bhlogin.brighthorizons.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie: bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection: keep-alive
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 02:58:04 GMT
Via: NS-CACHE-9.3: 27
Age: 1143168
Connection: Keep-Alive
Content-Length: 716
X-Xss-Protection: 1
Request-Context: appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Last-Modified: Tue, 25 May 2021 16:57:07 GMT
Server: Microsoft-IIS/8.5
ETag: "1d75186fe9eb14c"
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Cache-Control: max-age=2592000 ,public
X-UA-Compatible: IE=edge
Accept-Ranges: bytes
Expires: Thu, 26 Aug 2021 02:58:05 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
bhlogin.brighthorizons.com/lib/jquery-ui/dist/ 248 KB
248 KB 549ms
140ms Script
application/javascript 216.245.141.234
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to

Full URL

https://bhlogin.brighthorizons.com/lib/jquery-ui/dist/jquery-ui.min.js

Requested by

Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),

Reverse DNS

Software

Kestrel /

Resource Hash

21cacca8e9eb98f1f32702b4176685f2f941af51ab5bc7cf88ccb5435a1bb080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bhlogin.brighthorizons.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie: bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection: keep-alive
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 08:29:45 GMT
Last-Modified: Wed, 04 Aug 2021 17:58:40 GMT
Server: Kestrel
X-Frame-Options: DENY
ETag: "1d7895a5b25d6f1"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Expires: Wed, 08 Sep 2021 08:29:46 GMT
Cache-Control: public, max-age=2592000
Request-Context: appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Accept-Ranges: bytes
Content-Length: 253681
X-Xss-Protection: 1
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK jquery.passwordRequirements.min.js Show response
bhlogin.brighthorizons.com/js/ 3 KB
3 KB 585ms
150ms Script
application/javascript 216.245.141.234
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to

Full URL

https://bhlogin.brighthorizons.com/js/jquery.passwordRequirements.min.js?v=y-jyD-DmtmKc0uJqH9JrYPIzQbDLU1YIxn277tNKPtA

Requested by

Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),

Reverse DNS

Software

Kestrel /

Resource Hash

cbe8f20fe0e6b6629cd2e26a1fd26b60f23341b0cb535608c67dbbeed34a3ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bhlogin.brighthorizons.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie: bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection: keep-alive
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 14:44:24 GMT
Via: NS-CACHE-9.3: 27
Age: 323142
Connection: Keep-Alive
Content-Length: 2906
X-Xss-Protection: 1
Request-Context: appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Last-Modified: Mon, 26 Jul 2021 17:10:54 GMT
Server: Kestrel
ETag: "1d782413129685a"
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Cache-Control: max-age=2592000 ,public
X-UA-Compatible: IE=edge
Accept-Ranges: bytes
Expires: Sat, 04 Sep 2021 14:44:25 GMT

GET
H3-29 200 api.js Show response
www.google.com/recaptcha/ 907 B
594 B 31ms
15ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback

Requested by

Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

86abd3076292960ce4a9e29ccd52ea54944bc08446a46f6130b2747dd1c6ba61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 573
x-xss-protection: 1; mode=block
expires: Mon, 09 Aug 2021 08:29:47 GMT

GET
H/1.1 200
OK bh-logo.png
bhlogin.brighthorizons.com/images/ 22 KB
23 KB 155ms
151ms Image
image/png 216.245.141.234
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bhlogin.brighthorizons.com/images/bh-logo.png

Requested by

Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),

Reverse DNS

Software

Kestrel /

Resource Hash

70b77802995cf4e0aaaab07987e52f5039f6bec5544d7a226769e2c694332eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bhlogin.brighthorizons.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie: bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection: keep-alive
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 14:09:41 GMT
Via: NS-CACHE-9.3: 27
Age: 2571751
Connection: Keep-Alive
Content-Length: 22998
X-Xss-Protection: 1
Request-Context: appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Last-Modified: Tue, 25 May 2021 16:53:35 GMT
Server: Kestrel
ETag: "1d7518680424856"
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: max-age=2592000 ,public
X-UA-Compatible: IE=edge
Accept-Ranges: bytes
Expires: Mon, 09 Aug 2021 14:09:42 GMT

GET
H/1.1 200
OK bright-horizons-logo.svg
bhlogin.brighthorizons.com/images/ 14 KB
15 KB 148ms
145ms Image
image/svg+xml 216.245.141.234
SRS-6-Z-7381

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bhlogin.brighthorizons.com/images/bright-horizons-logo.svg

Requested by

Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.245.141.234 , United States, ASN7381 (SRS-6-Z-7381, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ac1bd666f3915789a14d4b5c308b9a9d126d216c86df6700aef7afe08f97d26d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bhlogin.brighthorizons.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Cookie: bhlogin_benefitid=2; bhlogin_clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8; bhlogin_sourcebenefitid=0; saml-session=c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f; bhlogin_cpt=False; bhlogin-session=CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm; NSC_cimphjo-cibenjo.ci.dpn=ffffffff092cac6545525d5f4f58455e445a4a423660; .AspNetCore.Antiforgery.wTXcPMLj6uU=CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
Connection: keep-alive
Referer: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 14:44:24 GMT
Via: NS-CACHE-9.3: 27
Age: 323143
Connection: Keep-Alive
Content-Length: 14649
X-Xss-Protection: 1
Request-Context: appId=cid-v1:5a878bcb-a270-4355-87f5-6793d6443c5b
Last-Modified: Mon, 26 Jul 2021 16:45:52 GMT
Server: Kestrel
ETag: "1d7823db1e65939"
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000
Content-Type: image/svg+xml
Cache-Control: max-age=2592000 ,public
X-UA-Compatible: IE=edge
Accept-Ranges: bytes
Expires: Sat, 04 Sep 2021 14:44:25 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 268 KB
69 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T5MTQWP

Requested by

Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c623f022a4feeeb2ee2044a94ff17f8e91b48108756486e6499fd9306321e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70292
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Aug 2021 08:29:48 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ 341 KB
133 KB 35ms
6ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b468609a3058aeac4dcd21581d0d8ce84ee810878a513735ed4a1676fd3b77fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bhlogin.brighthorizons.com
Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 06:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135980
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 02:15:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 06:15:22 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 127 KB
50 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0EY7LSHQSZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5MTQWP

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b130019f01691aa425d47796ae34d08a2b696520b30d13dc132ffc75485cdc30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:49 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51131
x-xss-protection: 0
expires: Mon, 09 Aug 2021 08:29:49 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5MTQWP

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 4568
date: Mon, 09 Aug 2021 07:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Mon, 09 Aug 2021 09:13:41 GMT

GET
H2 200 hotjar-1090331.js Show response
static.hotjar.com/c/ 4 KB
2 KB 32ms
31ms Script
application/javascript 13.225.78.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1090331.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5MTQWP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-63.fra2.r.cloudfront.net

Software

Resource Hash

68e4063ded8e4eda895b670a3d73ceace9bd62d05fda06af3e372cc93c1633f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 6
etag: W/9cd6dd44b76a0ba1809e68dec4a6befd
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA2-C2
content-length: 1915
via: 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
x-amz-cf-id: u59S_zE-ovBzfts10FRF_5VNvghHE5W5f3vVnJo2VfmbTewlu_hm0Q==

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 33ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5MTQWP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:49 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: 6C1408ED90D84DD8B2B0B4DA6A462CEF Ref B: FRAEDGE1318 Ref C: 2021-08-09T08:29:49Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 08:29:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Jun 2021 01:25:13 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=61020
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2079

GET
H3-29 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
2 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2e1982391432ef90d89992d67143bda5fa8dc1412a22a42cbb1ea1ff6c54e634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: r1cLcDOYA4KFNsjblsAmsQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 2168
x-fb-rlafr: 0
x-fb-debug: F0QIMtoUEpObPWDFVR7zWcoJi0iDdSyMUF98ve2HTtlkzU5N1CKtmdo8jn//WycIyXFZ1XJLF9BJOUjIyr0iTA==
x-fb-content-md5: a6f6b0766effdcd8d7be5f0ee6e16ef2
x-frame-options: DENY
date: Mon, 09 Aug 2021 08:29:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c2c1d33361a31082b415bfcea448ad9d"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 09 Aug 2021 08:47:53 GMT

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25944
x-xss-protection: 0
pragma: public
x-fb-debug: jdG8x9VvZBU0AgP3x7VjO9fHDyMh3oOL7LtItwmPC4H8kJeSPHY3GwyusiHubxvjTCsHUhGR5FsrP2vySRBoSw==
x-frame-options: DENY
date: Mon, 09 Aug 2021 08:29:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET anchor
www.google.com/recaptcha/api2/ Frame 7257 0
0

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 78C1 39 KB
20 KB 43ms
41ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&co=aHR0cHM6Ly9iaGxvZ2luLmJyaWdodGhvcml6b25zLmNvbTo0NDM.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&sa=submit&cb=7kdil7ybystx

Requested by

Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/lib/jquery/dist/jquery-3.5.0.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9513440644dcc6fe0efa43fb5f2822a70947dec379097c60a6d409b8de93aa93

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-29zU67nD0z303ESLntRNzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&co=aHR0cHM6Ly9iaGxvZ2luLmJyaWdodGhvcml6b25zLmNvbTo0NDM.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&sa=submit&cb=7kdil7ybystx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bhlogin.brighthorizons.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bhlogin.brighthorizons.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 09 Aug 2021 08:29:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-29zU67nD0z303ESLntRNzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20498
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497789565&url=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fs...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497789565&url=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26f...

0
63 B

137ms
136ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497789565&url=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&e_ipv6=AQK8S1a9dv_ydAAAAXsqCELTlKnnRBjO6LCvMioNiSVvOaZTB24SjnFu0TE0LrPmH6wC-EEA
Requested by: Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:49 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: 9TR7lxyWmRaw/g7ToCsAAA==

Redirect headers

date: Mon, 09 Aug 2021 08:29:49 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116151&time=1628497789565&url=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&e_ipv6=AQK8S1a9dv_ydAAAAXsqCELTlKnnRBjO6LCvMioNiSVvOaZTB24SjnFu0TE0LrPmH6wC-EEA
x-li-proto: http/2
x-li-pop: prod-eda6
content-length: 0
x-li-uuid: wGCBjByWmRbw+lNYrCoAAA==

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=320938781441559&ev=PixelInitialized&dl=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&rl=https%3A%2F%2Fhr4you.edassist.com%2F&if=false&ts=1628497789567

Requested by

Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 09 Aug 2021 08:29:49 GMT

GET
H3-29 200 994393773937678 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/994393773937678?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

caa3cf742e83438f33fcd49f858609f84d70777a2399156403011c97a7ef9d60

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 73520
x-xss-protection: 0
pragma: public
x-fb-debug: ezlZr91JcN0lU7KGKmvNNLnkH50us+yL1GxnLnFy4sjjayS4uKQhi+9AqMdg2tpC4OoPL8+A+k7HXjyp1ZoPKw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 09 Aug 2021 08:29:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
13ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-0EY7LSHQSZ&gtm=2oe840&_p=2136785179&sr=1600x1200&ul=en-us&cid=292824737.1628497790&_s=1&dl=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&dr=https%3A%2F%2Fhr4you.edassist.com%2F&dt=Bright%20Horizons%20%7C%20Log%20In&sid=1628497789&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0EY7LSHQSZ&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 08:29:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bhlogin.brighthorizons.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.9a6619e61150e4449f35.js Show response
script.hotjar.com/ 221 KB
59 KB 31ms
31ms Script
application/javascript 13.224.222.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.9a6619e61150e4449f35.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1090331.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-60.lhr61.r.cloudfront.net

Software

Resource Hash

fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 14:18:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 324704
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59579
access-control-allow-origin: *
last-modified: Thu, 05 Aug 2021 14:17:07 GMT
etag: "f404c80c4e9647abd5db65360cf9ecee"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5f8ce6fad85064c6a8d3486ad2c8e170.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: LHR61-C2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: MhOsI7EoaTIw3qhRtVWH_hT_5TBDq4GTkMBE5cGnFjlCzMcwcX0WrA==

GET
H2 204 56292788.js Show response
bat.bing.com/p/action/ 0
92 B 61ms
60ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/56292788.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 09 Aug 2021 08:29:49 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 7D3F4B57BB914C3E977C290019A30476 Ref B: FRAEDGE1318 Ref C: 2021-08-09T08:29:49Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
94 B 58ms
54ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=56292788&tm=gtm001&Ver=2&mid=ccbc78fe-b58b-4275-a4cf-38fa96c85023&sid=f62abce0f8eb11eb97c1edcf076cd3cd&vid=f62afae0f8eb11eb8ee5f53088e8e5ec&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Bright%20Horizons%20%7C%20Log%20In&p=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&r=https%3A%2F%2Fhr4you.edassist.com%2F&lt=2209&evt=pageLoad&msclkid=N&sv=1&rn=179483
Requested by: Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 09 Aug 2021 08:29:49 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 4C02F96B21FD4D4390377F87A7E76C95 Ref B: FRAEDGE1318 Ref C: 2021-08-09T08:29:49Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 131 KB
44 KB 68ms
24ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-MCWHWCV&t=gtm4&cid=292824737.1628497790

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04938a5fbaec1f89e7dfc36a8316f4aca8bd0c8431a3a9a9d0a241da619ebd41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:49 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45053
x-xss-protection: 0
expires: Mon, 09 Aug 2021 08:29:49 GMT

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame 78E1 2 KB
1 KB 30ms
29ms Document
text/html 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1090331.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bhlogin.brighthorizons.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bhlogin.brighthorizons.com/

Response headers

content-type: text/html
content-length: 1044
date: Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: HZGNaK7w_Waue-kb9AKs7deR-QSE7PVk9TdvI_lov02LvxqcivrWSQ==
age: 1930399

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ Frame 78C1 52 KB
25 KB 22ms
6ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&co=aHR0cHM6Ly9iaGxvZ2luLmJyaWdodGhvcml6b25zLmNvbTo0NDM.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&sa=submit&cb=7kdil7ybystx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 07:51:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 02:15:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 07:51:05 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ Frame 78C1 341 KB
133 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b468609a3058aeac4dcd21581d0d8ce84ee810878a513735ed4a1676fd3b77fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 06:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135980
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 02:15:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 06:15:22 GMT

GET
H3-29 200 1353585158113746 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 11ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1353585158113746?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

092f12ef476f40a036dab7dc398a9cd30153cc2540d1dc8190b16871cd5ba27c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 73503
x-xss-protection: 0
pragma: public
x-fb-debug: ph+uD2GGU2/5aBgDTfeTEPOt+Scg/wr5ghGA307wevHTas7+HDH1fOWQ/+l4OFfUiu9JT0hTUJhI/M+2rTpfdg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 09 Aug 2021 08:29:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 20ms
19ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=994393773937678&ev=PageView&dl=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&rl=https%3A%2F%2Fhr4you.edassist.com%2F&if=false&ts=1628497789707&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628497789703.2092481637&it=1628497789572&coo=false&rqm=GET

Requested by

Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 09 Aug 2021 08:29:49 GMT

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 78C1 2 KB
2 KB 12ms
6ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 23:34:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 550544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Mon, 09 Aug 2021 23:34:05 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 78C1 15 KB
15 KB 41ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 558148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 21:27:21 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 78C1 15 KB
15 KB 39ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 14:26:18 GMT
x-content-type-options: nosniff
age: 497011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 14:26:18 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1353585158113746&ev=PageView&dl=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&rl=https%3A%2F%2Fhr4you.edassist.com%2F&if=false&ts=1628497790012&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628497789703.2092481637&it=1628497789572&coo=false&rqm=GET

Requested by

Host: bhlogin.brighthorizons.com
URL: https://bhlogin.brighthorizons.com/?clientguid=EB63EC53-25A9-E211-AC37-0050568B60D8&benefitid=2&fsTargetId=0&isMobile=False

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 09 Aug 2021 08:29:50 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 78C1 102 B
132 B 19ms
15ms Other
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f9fb02852dda1e5714cdaed5afa720c8b3a12e5ac59744bb303ce601c280dd23

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&co=aHR0cHM6Ly9iaGxvZ2luLmJyaWdodGhvcml6b25zLmNvbTo0NDM.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&sa=submit&cb=7kdil7ybystx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 09 Aug 2021 08:29:50 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
15ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=2136785179&t=pageview&_s=1&dl=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&dr=https%3A%2F%2Fhr4you.edassist.com%2F&ul=en-us&de=UTF-8&dt=Bright%20Horizons%20%7C%20Log%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEADQAAAAC~&jid=479892703&gjid=362419184&cid=292824737.1628497790&tid=UA-38067903-1&_gid=1501152389.1628497790&_r=1&gtm=2wg840T5MTQWP&cd18=hr4you.edassist.com&cd19=https%3A%2F%2Fhr4you.edassist.com%2F&cd21=not-available&cd23=not-available&cd24=not-available&cd25=not-available&cd27=not-available&cd29=not-available&cd30=not-available&cd31=not-available&cd32=not-available&cd33=not-available&cd34=not-available&cd35=not-available&cd36=not-available&cd37=not-available&cd38=not-available&cd39=not-available&cd40=not-available&cd41=not-available&cd42=not-available&cd43=2021-08-09T10%3A29%3A50.110%2B02%3A00&cd44=not-available&cd45=not-available&cd46=not-available&cd47=not-available&cd48=not-available&cd49=not-available&cd50=not-available&cd51=not-available&cd52=not-available&cd53=not-available&cd54=not-available&z=2073772243

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 08:29:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bhlogin.brighthorizons.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 27ms
25ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-38067903-1&cid=292824737.1628497790&jid=479892703&gjid=362419184&_gid=1501152389.1628497790&_u=aCDAAEACQAAAAC~&z=1303268489

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 09 Aug 2021 08:29:50 GMT
content-type: text/plain
access-control-allow-origin: https://bhlogin.brighthorizons.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 36ms
35ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-38067903-1&cid=292824737.1628497790&jid=479892703&_u=aCDAAEACQAAAAC~&z=1172671035

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 08:29:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 60ms
22ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-38067903-1&cid=292824737.1628497790&jid=479892703&_u=aCDAAEACQAAAAC~&z=1172671035

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 08:29:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 4E53 7 KB
1 KB 31ms
21ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&cb=pytaer5s9ie0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ab4b02dcf7a55be23d6e9d3c398cf5877fa83432f50014c5ff3e7d462a338924

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z8wcuId7QkuCi1Kdy565Fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&cb=pytaer5s9ie0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bhlogin.brighthorizons.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bhlogin.brighthorizons.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 09 Aug 2021 08:29:50 GMT
content-security-policy: script-src 'report-sample' 'nonce-z8wcuId7QkuCi1Kdy565Fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1111
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 0260c743.min.js Show response
tag.demandbase.com/ 74 KB
18 KB 67ms
67ms Script
application/javascript 65.9.49.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.demandbase.com/0260c743.min.js
Requested by: Host: hr4you.edassist.com
URL: https://hr4you.edassist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.49.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30c8833b64eaba651bfa571c29bf222fb9d3502ef530d60236524f00523bed4a

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 7lA8m45GlDMLQ7S9a3TGRlQ_2j6M4ctr
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 19:59:02 GMT
server: AmazonS3
age: 1576
etag: W/"f258ed111c40157de373542d30dc55b2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 52bb5852b1acec80b918512e69d8f7dc.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
date: Mon, 09 Aug 2021 08:08:57 GMT
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: cO5D9jQLX9U0L_6TnBUjJAcW7qpm_1_i8ljeyMRWx818BUfl7PGmYA==

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 431 B
947 B 80ms
79ms XHR
application/json 143.204.98.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=https%3A%2F%2Fhr4you.edassist.com%2F&page=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&page_title=Bright%20Horizons%20%7C%20Log%20In&src=tag&key=3191a0301271b832d079cd6489cf0963
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/0260c743.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-79.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: caad3eb3537eefdd9a3e97b626e5cdaadc483894c7aa556f6824fb1a0cf13769

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:50 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
request-id: 971a8719-0c09-4717-99d7-e53edf74eb6b
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://bhlogin.brighthorizons.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2IXdEhTUpWwbFGDd3VMNA_5QETi0ynnvB4Lp2A5lMUdhjp3vco9Xvw==
expires: Sun, 08 Aug 2021 08:29:50 GMT

GET
H/1.1

200
OK

log
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://segments.company-target.com/log?vendor=choca&user_id=AABVWE7CIc8AACg0CA8r1w

26 B
409 B

207ms
206ms

Image
image/gif

143.204.98.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/log?vendor=choca&user_id=AABVWE7CIc8AACg0CA8r1w
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-23.fra50.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 08:29:51 GMT
Via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: 989b472a9cb11e01
X-Amz-Cf-Id: 8AzgBtw_MzQNyENMy1bR_mmZZW_mgwhBUvDqLyz-FEHEmF8HDDnO8A==

Redirect headers

location: https://segments.company-target.com/log?vendor=choca&user_id=AABVWE7CIc8AACg0CA8r1w
Date: Mon, 09 Aug 2021 08:29:50 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 451 464526.gif
id.rlcdn.com/ 0
42 B 23ms
22ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:50 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ Frame 4E53 52 KB
25 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&cb=pytaer5s9ie0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 07:51:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 02:15:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 07:51:05 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ Frame 4E53 341 KB
133 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&cb=pytaer5s9ie0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b468609a3058aeac4dcd21581d0d8ce84ee810878a513735ed4a1676fd3b77fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 06:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135980
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 02:15:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 06:15:22 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=2136785179&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&dr=https%3A%2F%2Fhr4you.edassist.com%2F&ul=en-us&de=UTF-8&dt=Bright%20Horizons%20%7C%20Log%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aDDAAEADQAAAAC~&jid=&gjid=&cid=292824737.1628497790&tid=UA-38067903-1&_gid=1501152389.1628497790&gtm=2wg840T5MTQWP&cd1=(Non-Company%20Visitor)&cd2=(Non-Company%20Visitor)&cd3=(Non-Company%20Visitor)&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=Bot&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=Paris&cd11=IDF&cd12=France&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&z=548078675

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 05:58:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9098
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 reload Show response
www.google.com/recaptcha/api2/ Frame 4E53 35 KB
21 KB 56ms
56ms XHR
application/json 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cbd6d19c21e2530d3f8fb6c9635a8db0da0471e4380034c6372e588561c05ae3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&cb=pytaer5s9ie0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 09 Aug 2021 08:29:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21549
x-xss-protection: 1; mode=block
expires: Mon, 09 Aug 2021 08:29:50 GMT

GET
H3-29 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 4E53 600 B
622 B 14ms
13ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 08:57:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 516718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
expires: Tue, 10 Aug 2021 08:57:53 GMT

GET
H3-29 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 4E53 530 B
552 B 14ms
13ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 04:57:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 185548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
expires: Sat, 14 Aug 2021 04:57:23 GMT

GET
H3-29 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 4E53 665 B
687 B 14ms
13ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 03:00:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 538166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
expires: Tue, 10 Aug 2021 03:00:25 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4E53 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&cb=pytaer5s9ie0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 558150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 21:27:21 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4E53 15 KB
15 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&cb=pytaer5s9ie0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 14:26:18 GMT
x-content-type-options: nosniff
age: 497013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 14:26:18 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4E53 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&cb=pytaer5s9ie0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 14:26:18 GMT
x-content-type-options: nosniff
age: 497013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 14:26:18 GMT

GET
H3-29 200 payload
www.google.com/recaptcha/api2/ Frame 4E53 24 KB
24 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AGdBq27sdC-rqfvXHoPenCRbTHGzZPiszDEC0BMFKmo31176D5utFsP2n4_zly8pUEivA9B1G73GXQDY2loEH_L4M1NWVC8YhotLRIxKZuB2gaxQK7buR0vpV3UiyTXZxvS-Cy46HN0qRc4vW67Jafgoy-tuTbejhqS6-gBcSupnVuv7o81VEuDfBKAADrs33va7W4QJLAmUeTsHQAmA2EhGHFiW2kMapw&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c0a71028ee9ec7416490d87563a9bafb5b666b910b9742cac75ab99d4e3c2000

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&cb=pytaer5s9ie0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:51 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24707
x-xss-protection: 1; mode=block
expires: Mon, 09 Aug 2021 08:29:51 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=994393773937678&ev=Microdata&dl=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&rl=https%3A%2F%2Fhr4you.edassist.com%2F&if=false&ts=1628497791362&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Bright%20Horizons%20%7C%20Log%20In%22%2C%22meta%3Adescription%22%3A%22Sign%20in%20to%20access%20Bright%20Horizons%20Child%20Care%20and%20other%20employee%20benefits%20including%20Back-Up%20Care%2C%20Elder%20Care%2C%20College%20Coach%2C%20and%20EdAssist%20or%20sign%20up%20for%20a%20new%20account.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1628497789703.2092481637&it=1628497789572&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 09 Aug 2021 08:29:51 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1353585158113746&ev=Microdata&dl=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&rl=https%3A%2F%2Fhr4you.edassist.com%2F&if=false&ts=1628497791793&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Bright%20Horizons%20%7C%20Log%20In%22%2C%22meta%3Adescription%22%3A%22Sign%20in%20to%20access%20Bright%20Horizons%20Child%20Care%20and%20other%20employee%20benefits%20including%20Back-Up%20Care%2C%20Elder%20Care%2C%20College%20Coach%2C%20and%20EdAssist%20or%20sign%20up%20for%20a%20new%20account.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1628497789703.2092481637&it=1628497789572&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:29:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 09 Aug 2021 08:29:51 GMT

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
13ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-0EY7LSHQSZ&gtm=2oe840&_p=2136785179&sr=1600x1200&ul=en-us&cid=292824737.1628497790&_s=2&dl=https%3A%2F%2Fbhlogin.brighthorizons.com%2F%3Fclientguid%3DEB63EC53-25A9-E211-AC37-0050568B60D8%26benefitid%3D2%26fsTargetId%3D0%26isMobile%3DFalse&dr=https%3A%2F%2Fhr4you.edassist.com%2F&dt=Bright%20Horizons%20%7C%20Log%20In&sid=1628497789&sct=1&seg=0&en=scroll&_et=987&ep.debug_mode=true&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0EY7LSHQSZ&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 08:29:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bhlogin.brighthorizons.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
13ms Ping
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bhlogin.brighthorizons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 08:30:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://bhlogin.brighthorizons.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-0EY7LSHQSZ&gtm=2oe840&_p=1521100234&sr=1600x1200&ul=en-us&cid=1350957251.1628497785&dl=https%3A%2F%2Fhr4you.edassist.com%2F&dt=Login%20-%20EdAssist&sid=1628497785&sct=1&seg=0&_s=2

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-VBG2PWG49C&gtm=2oe840&_p=1521100234&sr=1600x1200&ul=en-us&cid=1350957251.1628497785&dl=https%3A%2F%2Fhr4you.edassist.com%2F&dt=Login%20-%20EdAssist&sid=1628497785&sct=1&seg=0&_s=2

Domain: bat.bing.com
URL: https://bat.bing.com/actionp/0?ti=56292788&tm=gtm001&Ver=2&mid=30138843-e0aa-4217-9a26-728050012410&sid=f3d7a620f8eb11ebb0c361c33ec9c8dd&vid=f3d7f190f8eb11ebb06907cdb9e067b1&vids=1&evt=pageHide

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/jserrors/1/641f598513?a=24485792&sa=1&v=974.7d740e1&t=Unnamed%20Transaction&rst=5280&ref=https://hr4you.edassist.com/&xhr=%5B%7B%22params%22:%7B%22method%22:%22POST%22,%22host%22:%22www.google-analytics.com:443%22,%22pathname%22:%22/j/collect%22,%22status%22:200%7D,%22metrics%22:%7B%22count%22:3,%22duration%22:%7B%22t%22:166,%22min%22:17,%22max%22:128,%22sos%22:17114,%22c%22:3%7D,%22rxSize%22:%7B%22t%22:6,%22min%22:2,%22max%22:2,%22sos%22:12,%22c%22:3%7D,%22cbTime%22:%7B%22t%22:0,%22min%22:0,%22max%22:0,%22sos%22:0,%22c%22:3%7D,%22time%22:%7B%22t%22:8488,%22min%22:2613,%22max%22:3246,%22sos%22:24275926,%22c%22:3%7D%7D%7D,%7B%22params%22:%7B%22method%22:%22POST%22,%22host%22:%22stats.g.doubleclick.net:443%22,%22pathname%22:%22/j/collect%22,%22status%22:200%7D,%22metrics%22:%7B%22count%22:2,%22duration%22:%7B%22t%22:81,%22min%22:36,%22max%22:45,%22sos%22:3321,%22c%22:2%7D,%22rxSize%22:%7B%22t%22:8,%22min%22:4,%22max%22:4,%22sos%22:32,%22c%22:2%7D,%22cbTime%22:%7B%22t%22:0,%22min%22:0,%22max%22:0,%22sos%22:0,%22c%22:2%7D,%22time%22:%7B%22t%22:5279,%22min%22:2634,%22max%22:2645,%22sos%22:13933981,%22c%22:2%7D%7D%7D,%7B%22params%22:%7B%22method%22:%22GET%22,%22host%22:%22svc.edassist.com:443%22,%22pathname%22:%22/ed5/api/v1/content/general/login/hr4you%22,%22status%22:200%7D,%22metrics%22:%7B%22count%22:1,%22duration%22:%7B%22t%22:933%7D,%22rxSize%22:%7B%22t%22:3365%7D,%22cbTime%22:%7B%22t%22:17%7D,%22time%22:%7B%22t%22:3247%7D%7D%7D,%7B%22params%22:%7B%22method%22:%22GET%22,%22host%22:%22api.company-target.com:443%22,%22pathname%22:%22/api/v2/ip.json%22,%22status%22:200%7D,%22metrics%22:%7B%22count%22:1,%22duration%22:%7B%22t%22:145%7D,%22rxSize%22:%7B%22t%22:430%7D,%22cbTime%22:%7B%22t%22:0%7D,%22time%22:%7B%22t%22:4190%7D%7D%7D,%7B%22params%22:%7B%22method%22:%22POST%22,%22host%22:%22bam.nr-data.net:443%22,%22pathname%22:%22/resources/1/641f598513%22,%22status%22:200%7D,%22metrics%22:%7B%22count%22:1,%22txSize%22:%7B%22t%22:6417%7D,%22duration%22:%7B%22t%22:196%7D,%22cbTime%22:%7B%22t%22:0%7D,%22time%22:%7B%22t%22:4434%7D%7D%7D%5D

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le-neoaAAAAABFpHAmLlJi2k_AbejpNhH9rkOF9&co=aHR0cHM6Ly9iaGxvZ2luLmJyaWdodGhvcml6b25zLmNvbTo0NDM.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&sa=submit&cb=7kdil7ybystx

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.brighthorizons.com/	1970-01-20 05:07:13	Name: _hjid Value: 090e66bd-7639-4675-843a-58628f69612d
.brighthorizons.com/	1970-01-19 22:31:13	Name: _fbp Value: fb.1.1628497789703.2092481637
.brighthorizons.com/	1970-01-19 20:23:04	Name: _gid Value: GA1.2.1501152389.1628497790
.brighthorizons.com/	1970-01-20 05:43:13	Name: _uetvid Value: f62afae0f8eb11eb8ee5f53088e8e5ec
.brighthorizons.com/	1970-01-20 13:52:49	Name: _ga_0EY7LSHQSZ Value: GS1.1.1628497789.1.0.1628497789.0
.brighthorizons.com/	1970-01-19 22:31:13	Name: _gcl_au Value: 1.1.226507822.1628497789
bhlogin.brighthorizons.com/	1969-12-31 23:59:59	Name: bhlogin_cpt Value: False
bhlogin.brighthorizons.com/	1969-12-31 23:59:59	Name: saml-session Value: c50e35cb-f8d3-4ef6-97d6-5f1756ea9e0f
bhlogin.brighthorizons.com/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.wTXcPMLj6uU Value: CfDJ8O8CbYNHF1pNj0AeprWk-aGPoV-cvivOp_pwJHIRjtI-ej-nh07iQ5TIatyF4-c8SToTsm5-ARmW_-ccZ6enMneb5EahrFm2aqOSXrYpNfnvXR4egonzHsqdVhEExI8znQPsOjq8aTxnsL_IHkdvRSg
.brighthorizons.com/	1970-01-19 20:21:37	Name: _gat_UA-38067903-1 Value: 1
.brighthorizons.com/	1970-01-19 20:21:39	Name: _hjFirstSeen Value: 1
bhlogin.brighthorizons.com/	1969-12-31 23:59:59	Name: NSC_cimphjo-cibenjo.ci.dpn Value: ffffffff092cac6545525d5f4f58455e445a4a423660
.brighthorizons.com/	1970-01-20 13:52:49	Name: _ga Value: GA1.2.292824737.1628497790
bhlogin.brighthorizons.com/	1969-12-31 23:59:59	Name: bhlogin-session Value: CfDJ8O8CbYNHF1pNj0AeprWk%2BaFU6Og%2BaYlrtOl6zS85EHHSZGU8IYMv%2FkL49gkPQK1TG74AWOJETEJeC2SpA2I%2FxHQpUUmiOoLhqq3f2%2FQLb9Cwnm5VYSbeclRUl66IHVsnPBdgjPXctroZmNXhhL7jkeZPus8RTedh5s1SSd%2B%2BGidm
.brighthorizons.com/	1970-01-19 20:23:04	Name: _uetsid Value: f62abce0f8eb11eb97c1edcf076cd3cd
bhlogin.brighthorizons.com/	1969-12-31 23:59:59	Name: bhlogin_sourcebenefitid Value: 0
bhlogin.brighthorizons.com/	1969-12-31 23:59:59	Name: bhlogin_clientguid Value: EB63EC53-25A9-E211-AC37-0050568B60D8
bhlogin.brighthorizons.com/	1969-12-31 23:59:59	Name: bhlogin_benefitid Value: 2

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 24) Message: [Facebook Pixel] - Multiple pixels with conflicting versions were detected on this page.
console-api	warning	URL: https://hr4you.edassist.com/dist/js/vendor-7597f552f9.core.js(Line 17220) Message: This browser does not support Web Storage!
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 24) Message: [Facebook Pixel] - Multiple pixels with conflicting versions were detected on this page.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.company-target.com
bam.nr-data.net
bat.bing.com
bhlogin.brighthorizons.com
connect.facebook.net
fonts.gstatic.com
hr4you.edassist.com
id.rlcdn.com
js-agent.newrelic.com
match.prod.bidr.io
px.ads.linkedin.com
px4.ads.linkedin.com
script.hotjar.com
segments.company-target.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
svc.edassist.com
tag.demandbase.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
bam.nr-data.net
bat.bing.com
www.google-analytics.com
www.google.com
108.174.10.14
13.224.222.60
13.225.78.63
143.204.98.123
143.204.98.23
143.204.98.79
151.101.13.27
162.247.242.18
216.245.141.171
216.245.141.172
216.245.141.234
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:802::2003
2a00:1450:4001:803::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2003
2a00:1450:4001:828::200e
2a00:1450:400c:c00::9a
2a02:26f0:6c00:28c::25ea
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.252.144.15
35.244.174.68
65.9.49.42
04938a5fbaec1f89e7dfc36a8316f4aca8bd0c8431a3a9a9d0a241da619ebd41
073d79753c8a24a0bf3dabaa3b49100a188abf72ea5f72e636431f15a1939576
092f12ef476f40a036dab7dc398a9cd30153cc2540d1dc8190b16871cd5ba27c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c623f022a4feeeb2ee2044a94ff17f8e91b48108756486e6499fd9306321e7b
2037b7a2a76c8315c06af6189a2d1fff476fae2ba82d72127283090729c0a41b
21cacca8e9eb98f1f32702b4176685f2f941af51ab5bc7cf88ccb5435a1bb080
2e1982391432ef90d89992d67143bda5fa8dc1412a22a42cbb1ea1ff6c54e634
30c8833b64eaba651bfa571c29bf222fb9d3502ef530d60236524f00523bed4a
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
466da5a789662c476755af73ad431b55280f584a8b29d9355c3770bec1e002b0
49b19b372b6bcaa0420f557e413988d5d28beb313e0f228208f7afcbac38d60b
4fb5913ee978bde28acce2944e8139aaedc5c22bd51f88a1fcab174b1cc5694a
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
68e4063ded8e4eda895b670a3d73ceace9bd62d05fda06af3e372cc93c1633f8
6b16e4cbe69af95091b4c0a0744b54f66d06289f037c9609f2ba5512f20a38a1
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271
70b77802995cf4e0aaaab07987e52f5039f6bec5544d7a226769e2c694332eef
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7bfc7d7a0574a286b2e412cc933773a2419cb09a207fc0c31b34664cb53ed6cf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86abd3076292960ce4a9e29ccd52ea54944bc08446a46f6130b2747dd1c6ba61
871a3ee466b45b57034c7d648e99a0aa12ff8abb677b8c38499f74abad427013
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8b78b7a13eb9cb5db5e63ed5fc0a301e2a259bf17b7f6d276aae68228bb13a64
9513440644dcc6fe0efa43fb5f2822a70947dec379097c60a6d409b8de93aa93
96601e0f254362feb25ae1ef3cf9c237bab435f76ec6170161a656fd249f10e6
9866f5265b6fb988b9989ca2035c8e47c154b8e5b976df0a0ea680bea3923cd5
9c010882e5733147c1a99ae9b32a8e18bd91291a6d660c39f26b9c0fb77fb925
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a24500966d99ebc2ac4bfea809d2f05a3356beb5d22e15457ba0b8ed0acc0ca7
a3842c40cb1001d2ac089315e85344c43199f1b191b91886e87d538cf3028ffa
ab4b02dcf7a55be23d6e9d3c398cf5877fa83432f50014c5ff3e7d462a338924
ac1bd666f3915789a14d4b5c308b9a9d126d216c86df6700aef7afe08f97d26d
b130019f01691aa425d47796ae34d08a2b696520b30d13dc132ffc75485cdc30
b468609a3058aeac4dcd21581d0d8ce84ee810878a513735ed4a1676fd3b77fc
c0a71028ee9ec7416490d87563a9bafb5b666b910b9742cac75ab99d4e3c2000
c181032bad058161602603c4dec87d5af028f57d4d41a716894547d8dddcf83c
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e
caa3cf742e83438f33fcd49f858609f84d70777a2399156403011c97a7ef9d60
caad3eb3537eefdd9a3e97b626e5cdaadc483894c7aa556f6824fb1a0cf13769
cbd6d19c21e2530d3f8fb6c9635a8db0da0471e4380034c6372e588561c05ae3
cbe8f20fe0e6b6629cd2e26a1fd26b60f23341b0cb535608c67dbbeed34a3ed0
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
dd6d7699147ecb7e261ad481f18dcbb3df7ba66de747e4833c369c205ecf7d4c
de272e6c7c5237ae60a9f3e96379de2c5778af29343ff06678f767cccf7f7faa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4a0e0f07710200d324f749d2f028885bb01fdaa4406365ecc3d78bd2c347009
f9fb02852dda1e5714cdaed5afa720c8b3a12e5ac59744bb303ce601c280dd23
fb56969a1925d01c3b02ad4e17b3d63ad50fa1b280c6be8e8db1387dcd007062
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a

bhlogin.brighthorizons.com Open in urlscan Pro 216.245.141.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

96 %HTTPS

48 %IPv6

20 Domains

27 Subdomains

25 IPs

4 Countries

3666 kBTransfer

12723 kBSize

18 Cookies

3 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bhlogin.brighthorizons.com Open in urlscan Pro
216.245.141.234 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

96 %
HTTPS

48 %
IPv6

20
Domains

27
Subdomains

25
IPs

4
Countries

3666 kB
Transfer

12723 kB
Size

18
Cookies

126 HTTP transactions
1 data transactions