hr.jamff.com Open in urlscan Pro
54.164.174.140 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hr.jamff.com/?rid=VxSzZ1Q
Submission: On June 12 via manual (June 12th 2024, 5:40:18 pm UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 13 domains to perform 49 HTTP transactions. The main IP is 54.164.174.140, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is hr.jamff.com.
TLS certificate: Issued by R10 on June 10th 2024. Valid for: 3 months.

This is the only time hr.jamff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	54.164.174.140 54.164.174.140	14618 (AMAZON-AES) (AMAZON-AES)
15	23.201.245.23 23.201.245.23	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2606:4700::68... 2606:4700::6813:b134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20a... 2600:9000:20ab:8600:1b:ef38:3680:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	23.57.30.58 23.57.30.58	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.156.245.251 54.156.245.251	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:310... 2a02:26f0:3100::1735:2833	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:1f16:19a... 2600:1f16:19a4:102:bffa:be21:a2b6:6b2b	16509 (AMAZON-02) (AMAZON-02)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
49	18

1 54.164.174.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: jamff.com

hr.jamff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 23.201.245.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-245-23.deploy.static.akamaitechnologies.com

hcm.paycor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ab:8600:1b:ef38:3680:21 (United States)

ASN16509 (AMAZON-02, US)

d21y75miwcfqoq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.57.30.58 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-30-58.deploy.static.akamaitechnologies.com

secure.paycor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.156.245.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-245-251.compute-1.amazonaws.com

999.paycor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:2833 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f16:19a4:102:bffa:be21:a2b6:6b2b (Columbus, United States)

ASN16509 (AMAZON-02, US)

capig.paycor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	paycor.com hcm.paycor.com — Cisco Umbrella Rank: 31659 secure.paycor.com — Cisco Umbrella Rank: 41786 999.paycor.com capig.paycor.com — Cisco Umbrella Rank: 48220	461 KB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 378	154 KB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 352 www.linkedin.com — Cisco Umbrella Rank: 558 px4.ads.linkedin.com — Cisco Umbrella Rank: 6457	4 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 357	14 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 296	931 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	150 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	177 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 893	29 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 638	295 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 958	17 KB
1	cloudfront.net d21y75miwcfqoq.cloudfront.net	477 B
1	jamff.com hr.jamff.com	27 KB
49	13

	Domain	Requested by
15	hcm.paycor.com	hr.jamff.com hcm.paycor.com
9	cdn.cookielaw.org	hr.jamff.com hcm.paycor.com
5	px.ads.linkedin.com	3 redirects hcm.paycor.com
3	bat.bing.com	hcm.paycor.com hr.jamff.com
2	bam.nr-data.net	hcm.paycor.com
2	www.facebook.com	hr.jamff.com
2	connect.facebook.net	hcm.paycor.com
2	www.googletagmanager.com	hcm.paycor.com
1	js-agent.newrelic.com	hcm.paycor.com
1	capig.paycor.com	hcm.paycor.com
1	px4.ads.linkedin.com	hr.jamff.com
1	www.linkedin.com	1 redirects
1	geolocation.onetrust.com	hcm.paycor.com
1	snap.licdn.com	hcm.paycor.com
1	999.paycor.com	hr.jamff.com
1	secure.paycor.com	hr.jamff.com
1	d21y75miwcfqoq.cloudfront.net	hr.jamff.com
1	hr.jamff.com
49	18

This site contains links to these domains. Also see Links.

Domain
www.paycor.com
go.paycor.com
hcm.paycor.com
www.entrust.net
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
jamff.com R10	`2024-06-10` - `2024-09-08`	3 months	crt.sh
demo.paycor.com GeoTrust RSA CA 2018	`2024-06-10` - `2025-06-09`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
secure.paycor.com DigiCert SHA2 Extended Validation Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
999.paycor.com R3	`2024-05-14` - `2024-08-12`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-22` - `2024-06-20`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
capig.paycor.com Amazon RSA 2048 M01	`2023-09-14` - `2024-10-12`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://hr.jamff.com/?rid=VxSzZ1Q
Frame ID: 53248E6B8391F46A5FD00694198EF2A0
Requests: 45 HTTP requests in this frame

Frame: https://secure.paycor.com/accounts/content/clearstate.html
Frame ID: 246D266EAA22E82BAEEAF81B03BE8461
Requests: 1 HTTP requests in this frame

Frame: https://hcm.paycor.com/paycorapp/xoss.html
Frame ID: B9E87BABEE09C6A800E1CBBA05D7FC5E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Paycor Secure Access Employee Login

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

92 %
HTTPS

65 %
IPv6

13
Domains

18
Subdomains

18
IPs

2
Countries

1035 kB
Transfer

2835 kB
Size

16
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: http://www.paycor.com/

Search URL Search Domain Scan URL

URL: http://www.paycor.com/search
Title: Search

Search URL Search Domain Scan URL

URL: http://www.paycor.com/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: http://go.paycor.com/demo
Title: Watch Demo

Search URL Search Domain Scan URL

URL: https://hcm.paycor.com/authentication/signin
Title: Sign In

Search URL Search Domain Scan URL

URL: http://www.paycor.com/faqs
Title: ?

Search URL Search Domain Scan URL

URL: https://hcm.paycor.com/Accounts/Authentication/RecoverUsername
Title: Forgot your username?

Search URL Search Domain Scan URL

URL: https://hcm.paycor.com/Accounts/Authentication/ResetPassword
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://hcm.paycor.com/authentication/sso/SignIn?returnUrl=
Title: Sign In with SSO

Search URL Search Domain Scan URL

URL: https://hcm.paycor.com/Accounts/UserRegistration/Register
Title: Register here!

Search URL Search Domain Scan URL

URL: https://www.entrust.net/customer/profile.cfm?domain=secure.paycor.com&lang=en

Search URL Search Domain Scan URL

URL: http://www.paycor.com/help
Title: FAQ

Search URL Search Domain Scan URL

URL: http://www.paycor.com/system-requirements
Title: System Requirements

Search URL Search Domain Scan URL

URL: http://www.paycor.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1718214012658&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1718214012658&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D10318%26time%3D1718214012658%26url%3Dhttps%253A%252F%252Fhr.jamff.com%252F%253Frid%253DVxSzZ1Q%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1718214012658&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1718214012658&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&cookiesTest=true&liSync=true&e_ipv6=AQLwdqBrHLDzrQAAAZANiTJuQphEqumbWYAinO5CBAJ5fdJxvtl9fkZOYGAB-I7nMj4aBPdjkUZx

49 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hr.jamff.com/ 138 KB
27 KB 522ms
154ms Document
text/html 54.164.174.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.164.174.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: jamff.com
Software: /
Resource Hash: 2ca159c57759b309635de0477a369e1070d8c01ac8c5bdf42710da4c1ca7962c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 12 Jun 2024 17:40:11 GMT
vary: Accept-Encoding
x-server: gophish

GET
H/1.1 200
OK newrelic.js Show response
hcm.paycor.com/authentication/Content/Scripts/ 54 KB
23 KB 197ms
112ms Script
application/x-javascript 23.201.245.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.245.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-245-23.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c8a4bc387276d281d36b78aedf2032ab26bfc65ecf6ea79691fa532e16a9d48f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 17:40:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 May 2024 13:35:54 GMT
Server: Microsoft-IIS/10.0
ETag: "e42b37c83a0da1:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
TLS: 83461673cbea7346
Access-Control-Expose-Headers: Request-Context
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22807
Request-Context: appId=cid-v1:efc5b693-1eec-49b9-865f-43ff43cb5488

GET
H/1.1 200
OK signin Show response
hcm.paycor.com/authentication/bundles/ 124 KB
54 KB 267ms
182ms Script
text/javascript 23.201.245.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/authentication/bundles/signin?v=8LWkHN0EKAiH_xYNJDEgOLrcUrSYUVmm0Yed_9qAR1w1
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.245.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-245-23.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 74ef21d11efa4c6a1f4992c1dbda3466571c344e1df82decf72416f0c0e183c7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Expires: Thu, 12 Jun 2025 17:40:12 GMT
Date: Wed, 12 Jun 2024 17:40:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jun 2024 17:40:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
TLS: 83461673cbea7346
Access-Control-Expose-Headers: Request-Context
Cache-Control: public
Connection: keep-alive
Content-Length: 54051
Request-Context: appId=cid-v1:efc5b693-1eec-49b9-865f-43ff43cb5488

GET
H/1.1 200
OK signin
hcm.paycor.com/authentication/bundles/styles/ 116 KB
30 KB 274ms
188ms Stylesheet
text/css 23.201.245.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/authentication/bundles/styles/signin?v=1TMBwjc_FcDQdFI94Oxx3Pc2mnULbreTT8VsQhWRsSM1
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.245.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-245-23.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 16e31e698ad86dd88a847fabe992d98514011cd9a0cb70e3c40fb113d4b5a753

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Expires: Thu, 12 Jun 2025 17:40:12 GMT
Date: Wed, 12 Jun 2024 17:40:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jun 2024 17:40:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: User-Agent,Accept-Encoding
Content-Type: text/css; charset=utf-8
TLS: 83461673cbea7346
Access-Control-Expose-Headers: Request-Context
Cache-Control: public
Connection: keep-alive
Content-Length: 29294
Request-Context: appId=cid-v1:efc5b693-1eec-49b9-865f-43ff43cb5488

GET
H/1.1 200
OK jquery Show response
hcm.paycor.com/authentication/bundles/signin/ 3 KB
3 KB 177ms
177ms Script
text/javascript 23.201.245.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/authentication/bundles/signin/jquery?v=OogFi3g5HLuGIHAgSqPk_6zluJg3HjxNAuUL0uNC8a81
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.245.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-245-23.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c38b8ed7dbb34d765effeef37cc2c4e22f54cfa34a5fa09e58ac3fdaaa0d8bf7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Expires: Thu, 12 Jun 2025 17:40:12 GMT
Date: Wed, 12 Jun 2024 17:40:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jun 2024 17:40:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
TLS: 83461673cbea7346
Access-Control-Expose-Headers: Request-Context
Cache-Control: public
Connection: keep-alive
Content-Length: 1603
Request-Context: appId=cid-v1:efc5b693-1eec-49b9-865f-43ff43cb5488

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 89ms
39ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 17:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Dw6K+rTuf8kOuPIEBw1QQA==
age: 75607
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6881
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jun 2024 06:32:22 GMT
server: cloudflare
etag: 0x8DC89E04057A87F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2e61f1b6-801e-007c-1919-bcdc5c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892b9fe93ab69189-FRA
expires: Wed, 12 Jun 2024 20:40:05 GMT

GET
H2 200 4a759233
d21y75miwcfqoq.cloudfront.net/ 68 B
477 B 647ms
573ms Image
image/png 2600:9000:20ab:8600:1b:ef38:3680:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d21y75miwcfqoq.cloudfront.net/4a759233
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:8600:1b:ef38:3680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/?rid=VxSzZ1Q
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 17:40:13 GMT
x-amz-version-id: af19B1lPtVj3beH11.sogw2l7GzkssRI
via: 1.1 eb91f7d4f380e2793c00431a8fc93fe0.cloudfront.net (CloudFront)
last-modified: Fri, 08 Sep 2023 20:25:10 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
etag: "91e42db1c66c0b276abf6234dc50b2eb"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 68
x-amz-cf-id: skmMeA63LoYuVDyUk_rJrxPHRAfaOOmSoxwK6Jd9C6njaW0A4Jc4XA==

GET
H/1.1 200
OK utilities.latest.min.js Show response
hcm.paycor.com/paycorapp/ 98 KB
32 KB 74ms
31ms Script
application/x-javascript 23.201.245.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/paycorapp/utilities.latest.min.js
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.245.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-245-23.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e0be55fbf1a9afaf902f827dec31ebfa71667fe68308ce3ec35b3bdb761cae85

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 17:40:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Apr 2024 18:41:43 GMT
Server: Microsoft-IIS/10.0
ETag: "80d631098dda1:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
TLS: UNKNOWN
Cache-Control: public,max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32451

GET
H/1.1 200
OK PdUccPH4 Show response
hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/ 218 KB
81 KB 30ms
30ms Script
application/javascript 23.201.245.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.245.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-245-23.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ed0366c6c336ed1e83a989b59c96b021f4901b366650eaaeb43ebad781513378

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 17:40:12 GMT
Content-Encoding: br
Last-Modified: Mon, 29 Apr 2024 18:42:12 GMT
ETag: "c7b47cb242bce17acdc9aa40dc0fbc01ad163fcce7922334d0f18838ea014dfc"
Stored-Attribute-Sha-Checksum: ed0366c6c336ed1e83a989b59c96b021f4901b366650eaaeb43ebad781513378
Vary: Accept-Encoding
Content-Type: application/javascript
TLS: 83461673cbea7346
Cache-Control: max-age=21600, max-age=21600
Connection: keep-alive
Content-Length: 81388

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 239 KB
86 KB 106ms
55ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WD22DQG

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3804ae8640becdf746a09e9c022f13ee1baf1d99e8ddccf3de97c2341857bdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 17:40:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87974
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 17:11:55 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Jun 2024 17:40:12 GMT

GET
H/1.1 200
OK clearstate.html
secure.paycor.com/accounts/content/ Frame 246D 0
0 733ms
513ms Document
text/html 23.57.30.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.paycor.com/accounts/content/clearstate.html
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.30.58 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-57-30-58.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://hr.jamff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 11495
Content-Type: text/html
Cteonnt-Length: 32173
Date: Wed, 12 Jun 2024 17:40:13 GMT
ETag: "0e2563921aeda1:0"
Last-Modified: Fri, 24 May 2024 21:27:48 GMT
Vary: Accept-Encoding
X-Akamai-Request-ID: 111d5bc
X-Akamai-Transformed: 9 11813 0 pmb=mTOE,2

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK xoss.html
hcm.paycor.com/paycorapp/ Frame B9E8 0
0 180ms
140ms Document
text/html 23.201.245.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/paycorapp/xoss.html
Requested by: Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.245.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-245-23.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://hr.jamff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Cache-Control: public,max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 219
Content-Type: text/html
Date: Wed, 12 Jun 2024 17:40:12 GMT
ETag: "0579dd14f81da1:0"
Last-Modified: Thu, 28 Mar 2024 20:37:58 GMT
Server: Microsoft-IIS/10.0
TLS: 83461673cbea7346
Vary: Accept-Encoding
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK PdUccPH4
hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/ Frame 0
0 73ms
30ms Preflight
application/json 23.201.245.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.245.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-245-23.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: traceparent,tracestate
Access-Control-Request-Method: POST
Origin: https://hr.jamff.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Wed, 12 Jun 2024 17:40:12 GMT

GET
H/1.1 200
OK logo.gif
999.paycor.com/images/glvomt4226ouabrl0x4yu6hlw/ 43 B
183 B 1360ms
327ms Image
image/gif 54.156.245.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://999.paycor.com/images/glvomt4226ouabrl0x4yu6hlw/logo.gif?l=https://hr.jamff.com/?rid=VxSzZ1Q&r=
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.156.245.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-245-251.compute-1.amazonaws.com
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 17:40:13 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST PdUccPH4
hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/ 0
0

GET
H/1.1 200
OK paycor-logo.png
hcm.paycor.com/authentication/content/Images/Logo/ 3 KB
4 KB 32ms
32ms Image
image/png 23.201.245.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hcm.paycor.com/authentication/content/Images/Logo/paycor-logo.png
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.245.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-245-23.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f3ad6b8b82f6e9c8067edb141866f5954813a29f6e7a6bdf35186e7b09e9f758

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 17:40:12 GMT
Last-Modified: Tue, 30 Apr 2024 06:18:14 GMT
Server: Microsoft-IIS/10.0
ETag: "057c92ec69ada1:0"
X-Powered-By: ASP.NET
Content-Type: image/png
TLS: 54d1bd9882d1de70
Access-Control-Expose-Headers: Request-Context
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3567
Request-Context: appId=cid-v1:efc5b693-1eec-49b9-865f-43ff43cb5488

GET
H/1.1 200
OK entrust_site_seal_small.png
hcm.paycor.com/authentication/content/Images/ 8 KB
9 KB 38ms
38ms Image
image/png 23.201.245.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hcm.paycor.com/authentication/content/Images/entrust_site_seal_small.png
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.245.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-245-23.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c399c0d0bc5b2d6cafb63d4218e38f81ea8f15216687643e34ddf1a5c48e15f9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 17:40:12 GMT
Last-Modified: Tue, 30 Apr 2024 06:18:14 GMT
Server: Microsoft-IIS/10.0
ETag: "057c92ec69ada1:0"
X-Powered-By: ASP.NET
Content-Type: image/png
TLS: 54d1bd9882d1de70
Access-Control-Expose-Headers: Request-Context
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8430
Request-Context: appId=cid-v1:efc5b693-1eec-49b9-865f-43ff43cb5488

GET
H/1.1 200
OK 3.jpg
hcm.paycor.com/authentication/content/Images/background/ 157 KB
158 KB 56ms
56ms Image
image/jpeg 23.201.245.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hcm.paycor.com/authentication/content/Images/background/3.jpg?v=05.24.2017
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.245.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-245-23.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 24ce7f3e52157b8dc98e17aa1a553fbe25d140d9526dce4bde8d765fbdf7181e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 17:40:12 GMT
Last-Modified: Tue, 30 Apr 2024 06:18:14 GMT
Server: Microsoft-IIS/10.0
ETag: "057c92ec69ada1:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
TLS: 83461673cbea7346, b5088441840266b6
Access-Control-Expose-Headers: Request-Context
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 160868
Request-Context: appId=cid-v1:efc5b693-1eec-49b9-865f-43ff43cb5488

GET
H/1.1 200
OK 3Mobile.jpg
hcm.paycor.com/authentication/content/Images/background/ 66 KB
66 KB 68ms
36ms Image
image/jpeg 23.201.245.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hcm.paycor.com/authentication/content/Images/background/3Mobile.jpg?v=05.24.2017
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.245.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-245-23.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5ded4b510ec9c55e5c76121f6a20b060c5535f4cd33fce181b8af3c00856fd99

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 17:40:12 GMT
Last-Modified: Tue, 30 Apr 2024 06:18:14 GMT
Server: Microsoft-IIS/10.0
ETag: "057c92ec69ada1:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
TLS: b5088441840266b6
Access-Control-Expose-Headers: Request-Context
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67418
Request-Context: appId=cid-v1:efc5b693-1eec-49b9-865f-43ff43cb5488

GET
H2 200 90119edf-b883-42d3-b82f-97977849d151-test.json Show response
cdn.cookielaw.org/consent/90119edf-b883-42d3-b82f-97977849d151-test/ 4 KB
2 KB 242ms
194ms XHR
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/90119edf-b883-42d3-b82f-97977849d151-test/90119edf-b883-42d3-b82f-97977849d151-test.json

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

493caf2148e30a0095b0a31f596e9feac88d5c253eeeb873872f3b136b66f2cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 17:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: CR1f8CUL8Qdja0ydX0bi4A==
content-length: 1476
x-ms-lease-status: unlocked
last-modified: Tue, 03 Jan 2023 15:37:02 GMT
server: cloudflare
etag: 0x8DAEDA05C4B1C89
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d5f81bfb-601e-001b-7b88-bb6ffb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892b9fea2c128f39-FRA

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 47 KB
17 KB 190ms
58ms Script
application/javascript 2a02:26f0:3100::1735:2833
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2833 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 17:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 May 2024 16:52:20 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=70926
accept-ranges: bytes
content-length: 16683

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 116ms
46ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 12 Jun 2024 17:40:11 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DCDB801E22114A5597154DE4054D9F09 Ref B: FRA31EDGE0817 Ref C: 2024-06-12T17:40:12Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-944830538&l=dataLayer&cx=c

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c7f2474fea02b2df8ebc6642fdf8154e0bf5bfe3216a91859e7a79670852b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 17:40:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92838
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 17:11:55 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Jun 2024 17:40:12 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 68ms
22ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Jun 2024 17:40:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57975
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1297, tbw=2772, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: MjEFnnNMPcqj18aF661QLdkHts05fa+Mb9kUoTpAdqzi7wxIoEfPn1/VivH/uTbKh8cOvcOghhizuCbBTMRHTg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1658281131098209 Show response
connect.facebook.net/signals/config/ 291 KB
91 KB 547ms
547ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1658281131098209?v=2.9.157&r=stable&domain=hr.jamff.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3007f70dea5c6e13e4b9dfdf0370dd05edb016b91ae9ac2f4138912c5122a6a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Jun 2024 17:40:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=64, mss=1297, tbw=63476, tp=-1, tpl=-1, uplat=520, ullat=0
pragma: public
x-fb-debug: JGZ7ZFK/5NH8475o56MWu2ovUpJ3CUljUlA6+jbS+CxV/7tNs0AJl3RlHsjh4BI0VDYWHd73ShtIdYByVrOgZA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 5511164.js Show response
bat.bing.com/p/action/ 0
119 B 117ms
117ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5511164.js

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 12 Jun 2024 17:40:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 89DF7B52C7BD4160B1889FCF0E953E45 Ref B: FRA31EDGE0817 Ref C: 2024-06-12T17:40:12Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 47ms
47ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5511164&tm=gtm002&Ver=2&mid=d98f2f24-7a9a-4fa8-ab66-a3f4939b7b10&sid=d230c68028e211efb1575144c4fcbf56&vid=d230f33028e211ef9a7cc38de8888b34&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Paycor%20Secure%20Access%20Employee%20Login&p=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&r=&lt=1050&evt=pageLoad&sv=1&rn=155176

Requested by

Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Jun 2024 17:40:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F8C5F862F7FB4CC59ADF68F823915363 Ref B: FRA31EDGE0817 Ref C: 2024-06-12T17:40:12Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 96ms
49ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept: application/json
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 17:40:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 892b9feb6dfb924a-FRA
access-control-allow-headers: Content-Type

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
810 B 191ms
140ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=10318&time=1718214012658&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q
Requested by: Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: *
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 17:40:12 GMT
content-encoding: gzip
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 85DDD939540C4E33ABC43AB5989BDE6D Ref B: FRAEDGE2021 Ref C: 2024-06-12T17:40:12Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lva1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYatN/g/KHD9DDeEhbYuQ==
x-fs-uuid: 00061ab4dfe0fca1c3f430de1216d8b9

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1718214012658&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1718214012658&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D10318%26time%3D1718214012658%26url%3Dhttps%253A%252F%252Fhr.jamff.com%252F%253Fri...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1718214012658&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1718214012658&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&cookiesTest=true&liSync=true&e_ipv6=AQLwdqBrHLDzrQAAAZANiTJuQphEqumbWY...

0
265 B

212ms
138ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1718214012658&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&cookiesTest=true&liSync=true&e_ipv6=AQLwdqBrHLDzrQAAAZANiTJuQphEqumbWYAinO5CBAJ5fdJxvtl9fkZOYGAB-I7nMj4aBPdjkUZx
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://hr.jamff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 12 Jun 2024 17:40:13 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8C2489A845F649CF857254A3171CB718 Ref B: FRAEDGE1905 Ref C: 2024-06-12T17:40:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYatN/w9Tq/CZPkAcIgwg==

Redirect headers

date: Wed, 12 Jun 2024 17:40:12 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D3C86C65852E4E70916C5BDCE071851B Ref B: FRAEDGE2020 Ref C: 2024-06-12T17:40:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1718214012658&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&cookiesTest=true&liSync=true&e_ipv6=AQLwdqBrHLDzrQAAAZANiTJuQphEqumbWYAinO5CBAJ5fdJxvtl9fkZOYGAB-I7nMj4aBPdjkUZx
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYatN/svsbrEVHt6mgm8g==

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/ 383 KB
92 KB 42ms
42ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 17:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: uPFqyxtrxGqJsyAvB7RnSg==
age: 3350
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 93482
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:45 GMT
server: cloudflare
etag: 0x8DADC66BDFA5EC7
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a5ea234d-301e-0069-6d88-1700cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892b9febbdf89189-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/90119edf-b883-42d3-b82f-97977849d151-test/9adb7314-bef2-4a0f-9eb2-78fe63d1bb19/ 143 KB
25 KB 101ms
93ms Fetch
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/90119edf-b883-42d3-b82f-97977849d151-test/9adb7314-bef2-4a0f-9eb2-78fe63d1bb19/en.json

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

374ba02b44412645b5db18a26b6b146c8c1b3b976992fa9be64d77df2ec7e9fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 17:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: AU09UGtfHv1TvIF9132x5A==
content-length: 25309
x-ms-lease-status: unlocked
last-modified: Tue, 03 Jan 2023 15:37:07 GMT
server: cloudflare
etag: 0x8DAEDA05F1F350D
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4582b496-001e-00aa-7eef-bc9786000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 892b9fec3f588f39-FRA

OPTIONS
H/1.1 200
OK PdUccPH4
hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/ Frame 0
0 25ms
25ms Preflight
application/json 23.201.245.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.245.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-245-23.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: traceparent,tracestate
Access-Control-Request-Method: POST
Origin: https://hr.jamff.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Wed, 12 Jun 2024 17:40:12 GMT

POST PdUccPH4
hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/ 0
0

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 13 KB
3 KB 64ms
64ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otFlat.json

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 17:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: vO8A/abKpoPacUrvSk9OSw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:35 GMT
server: cloudflare
etag: 0x8DADC66B7AF38D0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8423dfcc-501e-0018-3c88-bb6cfc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892b9fecd8428f39-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 62 KB
15 KB 131ms
131ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otPcCenter.json

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 17:40:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: MDgKSvnSO+c999jgSnUf4g==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14749
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:35 GMT
server: cloudflare
etag: 0x8DADC66B80F4BC7
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 397a2e01-501e-005c-5eef-bcb090000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892b9fecd8458f39-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 21 KB
4 KB 77ms
77ms Fetch
text/css 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otCommonStyles.css

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 17:40:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 131c6dbf-f01e-009d-14de-bc3b29000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 892b9fecd8478f39-FRA

GET
H2 200 ot_company_logo.png
cdn.cookielaw.org/logos/static/ 4 KB
4 KB 44ms
43ms Image
image/png 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_company_logo.png

Requested by

Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 17:40:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: E8+sk/ECzKgTUVtDLikiIA==
age: 7549
content-length: 4036
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jun 2024 06:32:25 GMT
server: cloudflare
etag: 0x8DC89E041F7123F
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f038269f-601e-0093-2252-bcd722000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892b9fedd8c59189-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 42ms
42ms Image
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 17:40:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 62510
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jun 2024 06:32:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 7560aff8-801e-0011-6132-bc7672000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 892b9fedd8c79189-FRA

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 74ms
23ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1658281131098209&ev=PageView&dl=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&rl=&if=false&ts=1718214013197&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718214013197.439727737107514754&eid=ob3_plugin-set_1ba6d8c8d275849f6bab3f953b1f9794cf1392af8f3160ee101110bae1fe49e3&ler=empty&cdl=API_unavailable&it=1718214012585&coo=false&rqm=GET

Requested by

Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1297, tbw=2779, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Jun 2024 17:40:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 259ms
209ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1658281131098209&ev=PageView&dl=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&rl=&if=false&ts=1718214013197&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718214013197.439727737107514754&eid=ob3_plugin-set_1ba6d8c8d275849f6bab3f953b1f9794cf1392af8f3160ee101110bae1fe49e3&ler=empty&cdl=API_unavailable&it=1718214012585&coo=false&rqm=FGET

Requested by

Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9f63f1eedc4d5092","source_keys":["1","2"]},{"key_piece":"0x17490caa54683377","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 12 Jun 2024 17:40:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7379672994845568723", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1297, tbw=3097, tp=-1, tpl=-1, uplat=184, ullat=0
pragma: no-cache
x-fb-debug: pskPbl/RaHKzRmFK3HeNpZDLlgoCmrA5HFI9E7J2CkZEuhFaOXYwZYGVgLri/+cwdRdxtyPMNmJrkyLaK9h7ng==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7379672994845568723"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 e3ddc3b6489d023fcc795e073199fa44641de3aac9be80d113d3ec98a545f9f3 Show response
capig.paycor.com/events/ 0
315 B 399ms
118ms XHR
text/plain 2600:1f16:19a4:102:bffa:be21:a2b6:6b2b
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capig.paycor.com/events/e3ddc3b6489d023fcc795e073199fa44641de3aac9be80d113d3ec98a545f9f3
Requested by: Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:19a4:102:bffa:be21:a2b6:6b2b Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://hr.jamff.com
date: Wed, 12 Jun 2024 17:40:13 GMT
access-control-allow-credentials: true
content-length: 0
vary: origin

OPTIONS
H/1.1 200
OK PdUccPH4
hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/ Frame 0
0 37ms
29ms Preflight
application/json 23.201.245.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.245.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-245-23.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: traceparent,tracestate
Access-Control-Request-Method: POST
Origin: https://hr.jamff.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Wed, 12 Jun 2024 17:40:13 GMT

POST PdUccPH4
hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/ 0
0

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
192 B 144ms
142ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://hr.jamff.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 17:40:13 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: E1B6D3B9D4F54940B587959A54F42DAD Ref B: FRAEDGE2020 Ref C: 2024-06-12T17:40:13Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://hr.jamff.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYatN/zOQddpQaBsg8w8g==

GET
H2 200 nr-spa-1.248.0.min.js Show response
js-agent.newrelic.com/ 87 KB
29 KB 71ms
21ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.248.0.min.js

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Origin: https://hr.jamff.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: WdicPIzDGJD8og5dR8sXZo1iUf3RkEzi
content-encoding: br
via: 1.1 varnish
date: Wed, 12 Jun 2024 17:40:13 GMT
strict-transport-security: max-age=300
x-amz-request-id: G6WQ3KNS7VFW49GN
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 29446
x-amz-id-2: DglMbEVtM/sFkd7+aoBgZWiVdJHaYM+KQHT7J8k3MbjgbTOi0MtlT3QI7XJgK7rQHllUS7bSPGk=
x-served-by: cache-fra-eddf8230153-FRA
last-modified: Thu, 16 Nov 2023 17:54:54 GMT
server: AmazonS3
etag: "9aea0ff91a800a354637269e96e31dac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 52893

GET
H/1.1 200
OK favicon.ico
hcm.paycor.com/authentication/ 1 KB
823 B 30ms
30ms Other
image/x-icon 23.201.245.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/authentication/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.245.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-245-23.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f8132340c7be589c4ca35a88d20f6523551542e2cb0611d5bfcea22e71d4023f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 17:40:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Apr 2024 06:18:14 GMT
Server: Microsoft-IIS/10.0
ETag: "057c92ec69ada1:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/x-icon
TLS: UNKNOWN
Access-Control-Expose-Headers: Request-Context
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 372
Request-Context: appId=cid-v1:efc5b693-1eec-49b9-865f-43ff43cb5488

POST
H/1.1 200 NRBR-7784dc3f05e7c9bd31b Show response
bam.nr-data.net/1/ 151 B
592 B 350ms
266ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRBR-7784dc3f05e7c9bd31b?a=1103143923&sa=1&v=1.248.0&t=Unnamed%20Transaction&rst=2654&ck=0&s=588e83dc9769af80&ref=https://hr.jamff.com/&af=err,xhr,stn,ins,spa&be=522&fe=2043&dc=527&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1718214011328,%22n%22:0,%22f%22:0,%22dn%22:16,%22dne%22:16,%22c%22:16,%22s%22:140,%22ce%22:368,%22rq%22:369,%22rp%22:522,%22rpe%22:644,%22di%22:1022,%22ds%22:1022,%22de%22:1049,%22dc%22:2564,%22l%22:2564,%22le%22:2565%7D,%22navigation%22:%7B%7D%7D&fp=997&fcp=997
Requested by: Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8245a2acc3d8bc6fab8a1ee0489c79154cc63f11f21708879b9c95c11a234686

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 12 Jun 2024 17:40:14 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://hr.jamff.com
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: https://hr.jamff.com
Content-Length: 151
x-served-by: cache-fra-eddf8230043-FRA

POST
H/1.1 200 NRBR-7784dc3f05e7c9bd31b Show response
bam.nr-data.net/events/1/ 24 B
339 B 142ms
142ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRBR-7784dc3f05e7c9bd31b?a=1103143923&sa=1&v=1.248.0&t=Unnamed%20Transaction&rst=3012&ck=0&s=588e83dc9769af80&ref=https://hr.jamff.com/
Requested by: Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://hr.jamff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 12 Jun 2024 17:40:14 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://hr.jamff.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230043-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hcm.paycor.com
URL: https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4

Domain: hcm.paycor.com
URL: https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4

Domain: hcm.paycor.com
URL: https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.capig.paycor.com/events/e3ddc3b6489d023fcc795e073199fa44641de3aac9be80d113d3ec98a545f9f3	1970-01-20 23:26:30	Name: cee Value: pWw%2B7QK1ZL9h4dJPVCyozBNMcSywWoR89AST1WXC5Ew%3D.%7B%7D
hr.jamff.com/	1969-12-31 23:59:59	Name: paycordfp Value: 66b7ce4fd029554d444d1a0dc98e2ccb
.hr.jamff.com/	1970-01-20 22:00:06	Name: clientvisitor Value: true
.jamff.com/	1970-01-20 21:18:20	Name: _uetsid Value: d230c68028e211efb1575144c4fcbf56
.jamff.com/	1970-01-21 06:38:30	Name: _uetvid Value: d230f33028e211ef9a7cc38de8888b34
.bing.com/	1970-01-21 06:38:30	Name: MUID Value: 3C720425064867BF3A2110B907E466BD
.linkedin.com/	1970-01-20 23:26:30	Name: li_sugr Value: 56e43cde-4720-4a21-93f4-2e9437c5f212
.linkedin.com/	1970-01-21 06:02:30	Name: bcookie Value: "v=2&99344149-4181-4713-8d57-999398bffdf2"
.linkedin.com/	1970-01-20 21:18:20	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3260:u=1:x=1:i=1718214012:t=1718300412:v=2:sig=AQFXRM0QaxS2MJbaJ3xndnfj42BKctKE"
hr.jamff.com/	1970-01-21 06:02:30	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Jun+12+2024+19%3A40%3A13+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202211.2.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&groups=C0004%3A1%2CC0002%3A1%2CC0003%3A1%2CC0001%3A1
.linkedin.com/	1970-01-20 22:00:06	Name: UserMatchHistory Value: AQKbe-Bs4PVWaAAAAZANiTB88c3sFENLEnYbFTPsTsH9-_XMVN2g8jSbCMdtDBhq9iVnkrefLS7BRA
.linkedin.com/	1970-01-20 22:00:06	Name: AnalyticsSyncHistory Value: AQLNNs8biBmqcgAAAZANiTB8UbplRaLashABF1PgBN-WdH7ma-wPP3YOb6jplvaerjXq3tIUQjZxYdKXSRO_pA
.jamff.com/	1970-01-20 23:26:30	Name: _fbp Value: fb.1.1718214013197.439727737107514754
.www.linkedin.com/	1970-01-21 06:02:30	Name: bscookie Value: "v=1&20240612174013076b1447-f71d-4e5c-8f8e-3a577eca60d8AQGjrdEyucsnXEKlu8jfoUA0CMJx3nFT"
.linkedin.com/	1970-01-21 01:36:06	Name: li_gc Value: MTswOzE3MTgyMTQwMTM7MjswMjE3f+XAwUwJlChEq4cRp17AwiKdtR19wM/XHKil9PB6Zw==
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: d441224264a49f8

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Access to XMLHttpRequest at 'https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4' from origin 'https://hr.jamff.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Access to XMLHttpRequest at 'https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4' from origin 'https://hr.jamff.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Access to XMLHttpRequest at 'https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4' from origin 'https://hr.jamff.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

999.paycor.com
bam.nr-data.net
bat.bing.com
capig.paycor.com
cdn.cookielaw.org
connect.facebook.net
d21y75miwcfqoq.cloudfront.net
geolocation.onetrust.com
hcm.paycor.com
hr.jamff.com
js-agent.newrelic.com
px.ads.linkedin.com
px4.ads.linkedin.com
secure.paycor.com
snap.licdn.com
www.facebook.com
www.googletagmanager.com
www.linkedin.com
hcm.paycor.com
13.107.42.14
162.247.243.29
23.201.245.23
23.57.30.58
2600:1f16:19a4:102:bffa:be21:a2b6:6b2b
2600:9000:20ab:8600:1b:ef38:3680:21
2602:816:5001::39
2606:4700:4400::ac40:9b77
2606:4700::6813:b134
2620:1ec:21::14
2620:1ec:c11::237
2a00:1450:4001:80e::2008
2a02:26f0:3100::1735:2833
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
54.156.245.251
54.164.174.140
0c7f2474fea02b2df8ebc6642fdf8154e0bf5bfe3216a91859e7a79670852b5f
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
16e31e698ad86dd88a847fabe992d98514011cd9a0cb70e3c40fb113d4b5a753
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
24ce7f3e52157b8dc98e17aa1a553fbe25d140d9526dce4bde8d765fbdf7181e
2ca159c57759b309635de0477a369e1070d8c01ac8c5bdf42710da4c1ca7962c
3007f70dea5c6e13e4b9dfdf0370dd05edb016b91ae9ac2f4138912c5122a6a8
374ba02b44412645b5db18a26b6b146c8c1b3b976992fa9be64d77df2ec7e9fe
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
493caf2148e30a0095b0a31f596e9feac88d5c253eeeb873872f3b136b66f2cb
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
5ded4b510ec9c55e5c76121f6a20b060c5535f4cd33fce181b8af3c00856fd99
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88
74ef21d11efa4c6a1f4992c1dbda3466571c344e1df82decf72416f0c0e183c7
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8245a2acc3d8bc6fab8a1ee0489c79154cc63f11f21708879b9c95c11a234686
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
c3804ae8640becdf746a09e9c022f13ee1baf1d99e8ddccf3de97c2341857bdb
c38b8ed7dbb34d765effeef37cc2c4e22f54cfa34a5fa09e58ac3fdaaa0d8bf7
c399c0d0bc5b2d6cafb63d4218e38f81ea8f15216687643e34ddf1a5c48e15f9
c8a4bc387276d281d36b78aedf2032ab26bfc65ecf6ea79691fa532e16a9d48f
cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4
e0be55fbf1a9afaf902f827dec31ebfa71667fe68308ce3ec35b3bdb761cae85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed0366c6c336ed1e83a989b59c96b021f4901b366650eaaeb43ebad781513378
f3ad6b8b82f6e9c8067edb141866f5954813a29f6e7a6bdf35186e7b09e9f758
f8132340c7be589c4ca35a88d20f6523551542e2cb0611d5bfcea22e71d4023f

hr.jamff.com Open in urlscan Pro 54.164.174.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

92 %HTTPS

65 %IPv6

13 Domains

18 Subdomains

18 IPs

2 Countries

1035 kBTransfer

2835 kBSize

16 Cookies

16 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hr.jamff.com Open in urlscan Pro
54.164.174.140 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

92 %
HTTPS

65 %
IPv6

13
Domains

18
Subdomains

18
IPs

2
Countries

1035 kB
Transfer

2835 kB
Size

16
Cookies

49 HTTP transactions
1 data transactions