hr.jamff.com Open in urlscan Pro
54.164.174.140 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hr.jamff.com/?rid=VxSzZ1Q
Submission: On June 12 via manual (June 12th 2024, 8:48:24 pm UTC) from US — Scanned from US

Summary HTTP 51 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 20 IPs in 1 countries across 15 domains to perform 51 HTTP transactions. The main IP is 54.164.174.140, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is hr.jamff.com.
TLS certificate: Issued by R10 on June 10th 2024. Valid for: 3 months.

This is the only time hr.jamff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	54.164.174.140 54.164.174.140	14618 (AMAZON-AES) (AMAZON-AES)
15	104.68.246.64 104.68.246.64	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2606:4700::68... 2606:4700::6813:b134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:250... 2600:9000:2501:ac00:1b:ef38:3680:21	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c19::61	15169 (GOOGLE) (GOOGLE)
1	23.62.174.9 23.62.174.9	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.156.245.251 54.156.245.251	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1408:c40... 2600:1408:c400:26::17da:d920	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.167.156 142.251.167.156	15169 (GOOGLE) (GOOGLE)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.253.122.104 172.253.122.104	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:1f16:19a... 2600:1f16:19a4:102:bffa:be21:a2b6:6b2b	16509 (AMAZON-02) (AMAZON-02)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
51	20

1 54.164.174.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: jamff.com

hr.jamff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.68.246.64 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-68-246-64.deploy.static.akamaitechnologies.com

hcm.paycor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2501:ac00:1b:ef38:3680:21 (United States)

ASN16509 (AMAZON-02, US)

d21y75miwcfqoq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.62.174.9 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-174-9.deploy.static.akamaitechnologies.com

secure.paycor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.156.245.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-245-251.compute-1.amazonaws.com

999.paycor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:26::17da:d920 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.104 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f16:19a4:102:bffa:be21:a2b6:6b2b (Columbus, United States)

ASN16509 (AMAZON-02, US)

capig.paycor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	paycor.com hcm.paycor.com — Cisco Umbrella Rank: 31659 secure.paycor.com — Cisco Umbrella Rank: 41786 999.paycor.com capig.paycor.com — Cisco Umbrella Rank: 48220	401 KB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 378	154 KB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 352 www.linkedin.com — Cisco Umbrella Rank: 558 px4.ads.linkedin.com — Cisco Umbrella Rank: 6457	4 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 357	14 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 296	931 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	150 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	177 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 893	29 KB
1	google.com www.google.com — Cisco Umbrella Rank: 5	64 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 63	1 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 638	306 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 958	17 KB
1	cloudfront.net d21y75miwcfqoq.cloudfront.net	478 B
1	jamff.com hr.jamff.com	27 KB
51	15

	Domain	Requested by
15	hcm.paycor.com	hr.jamff.com hcm.paycor.com
9	cdn.cookielaw.org	hr.jamff.com hcm.paycor.com
5	px.ads.linkedin.com	3 redirects hcm.paycor.com
3	bat.bing.com	hcm.paycor.com hr.jamff.com
2	bam.nr-data.net	hcm.paycor.com
2	www.facebook.com	hr.jamff.com
2	connect.facebook.net	hcm.paycor.com
2	www.googletagmanager.com	hcm.paycor.com
1	js-agent.newrelic.com	hcm.paycor.com
1	capig.paycor.com	hcm.paycor.com
1	www.google.com	hr.jamff.com
1	px4.ads.linkedin.com	hr.jamff.com
1	www.linkedin.com	1 redirects
1	googleads.g.doubleclick.net	hcm.paycor.com
1	geolocation.onetrust.com	hcm.paycor.com
1	snap.licdn.com	hcm.paycor.com
1	999.paycor.com	hr.jamff.com
1	secure.paycor.com	hr.jamff.com
1	d21y75miwcfqoq.cloudfront.net	hr.jamff.com
1	hr.jamff.com
51	20

This site contains links to these domains. Also see Links.

Domain
www.paycor.com
go.paycor.com
hcm.paycor.com
www.entrust.net
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
jamff.com R10	`2024-06-10` - `2024-09-08`	3 months	crt.sh
demo.paycor.com GeoTrust RSA CA 2018	`2024-06-10` - `2025-06-09`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
secure.paycor.com DigiCert SHA2 Extended Validation Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
999.paycor.com R3	`2024-05-14` - `2024-08-12`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-22` - `2024-06-20`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.google.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
capig.paycor.com Amazon RSA 2048 M01	`2023-09-14` - `2024-10-12`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://hr.jamff.com/?rid=VxSzZ1Q
Frame ID: A1613F803337292A08245E6E1CE1A771
Requests: 47 HTTP requests in this frame

Frame: https://secure.paycor.com/accounts/content/clearstate.html
Frame ID: 4F86E89AFD0DB61063CF01BFE8A81F32
Requests: 1 HTTP requests in this frame

Frame: https://hcm.paycor.com/paycorapp/xoss.html
Frame ID: 86FF4FF9E9154DF48A3A15E9859F8E6F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Paycor Secure Access Employee Login

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

92 %
HTTPS

58 %
IPv6

15
Domains

20
Subdomains

20
IPs

1
Countries

977 kB
Transfer

2778 kB
Size

17
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: http://www.paycor.com/

Search URL Search Domain Scan URL

URL: http://www.paycor.com/search
Title: Search

Search URL Search Domain Scan URL

URL: http://www.paycor.com/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: http://go.paycor.com/demo
Title: Watch Demo

Search URL Search Domain Scan URL

URL: https://hcm.paycor.com/authentication/signin
Title: Sign In

Search URL Search Domain Scan URL

URL: http://www.paycor.com/faqs
Title: ?

Search URL Search Domain Scan URL

URL: https://hcm.paycor.com/Accounts/Authentication/RecoverUsername
Title: Forgot your username?

Search URL Search Domain Scan URL

URL: https://hcm.paycor.com/Accounts/Authentication/ResetPassword
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://hcm.paycor.com/authentication/sso/SignIn?returnUrl=
Title: Sign In with SSO

Search URL Search Domain Scan URL

URL: https://hcm.paycor.com/Accounts/UserRegistration/Register
Title: Register here!

Search URL Search Domain Scan URL

URL: https://www.entrust.net/customer/profile.cfm?domain=secure.paycor.com&lang=en

Search URL Search Domain Scan URL

URL: http://www.paycor.com/help
Title: FAQ

Search URL Search Domain Scan URL

URL: http://www.paycor.com/system-requirements
Title: System Requirements

Search URL Search Domain Scan URL

URL: http://www.paycor.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1718225298795&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1718225298795&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D10318%26time%3D1718225298795%26url%3Dhttps%253A%252F%252Fhr.jamff.com%252F%253Frid%253DVxSzZ1Q%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1718225298795&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1718225298795&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&cookiesTest=true&liSync=true&e_ipv6=AQJ8bpmytD2eAQAAAZAONWcOu7MxnQaL_ozO6nD0CU7nHPFXZM4uxO8MWNrkwUmeJnqWbw

51 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hr.jamff.com/ 138 KB
27 KB 347ms
74ms Document
text/html 54.164.174.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.164.174.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: jamff.com
Software: /
Resource Hash: 2ca159c57759b309635de0477a369e1070d8c01ac8c5bdf42710da4c1ca7962c

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 12 Jun 2024 20:48:17 GMT
vary: Accept-Encoding
x-server: gophish

GET
H/1.1 200
OK newrelic.js Show response
hcm.paycor.com/authentication/Content/Scripts/ 54 KB
23 KB 270ms
150ms Script
application/x-javascript 104.68.246.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.68.246.64 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-68-246-64.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c8a4bc387276d281d36b78aedf2032ab26bfc65ecf6ea79691fa532e16a9d48f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 20:48:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 May 2024 13:35:54 GMT
Server: Microsoft-IIS/10.0
ETag: "e42b37c83a0da1:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
TLS: b2ae1cf8e54580be, efe82ec56f922644, 83461673cbea7346
Access-Control-Expose-Headers: Request-Context
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22807
Request-Context: appId=cid-v1:efc5b693-1eec-49b9-865f-43ff43cb5488

GET
H/1.1 200
OK signin Show response
hcm.paycor.com/authentication/bundles/ 124 KB
54 KB 268ms
148ms Script
text/javascript 104.68.246.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/authentication/bundles/signin?v=8LWkHN0EKAiH_xYNJDEgOLrcUrSYUVmm0Yed_9qAR1w1
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.68.246.64 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-68-246-64.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 74ef21d11efa4c6a1f4992c1dbda3466571c344e1df82decf72416f0c0e183c7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Expires: Thu, 12 Jun 2025 20:48:18 GMT
Date: Wed, 12 Jun 2024 20:48:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jun 2024 20:48:18 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
TLS: 83461673cbea7346
Access-Control-Expose-Headers: Request-Context
Cache-Control: public
Connection: keep-alive
Content-Length: 54051
Request-Context: appId=cid-v1:efc5b693-1eec-49b9-865f-43ff43cb5488

GET
H/1.1 200
OK signin
hcm.paycor.com/authentication/bundles/styles/ 116 KB
30 KB 317ms
197ms Stylesheet
text/css 104.68.246.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/authentication/bundles/styles/signin?v=1TMBwjc_FcDQdFI94Oxx3Pc2mnULbreTT8VsQhWRsSM1
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.68.246.64 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-68-246-64.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 16e31e698ad86dd88a847fabe992d98514011cd9a0cb70e3c40fb113d4b5a753

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Expires: Thu, 12 Jun 2025 20:48:18 GMT
Date: Wed, 12 Jun 2024 20:48:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jun 2024 20:48:18 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: User-Agent,Accept-Encoding
Content-Type: text/css; charset=utf-8
TLS: 83461673cbea7346
Access-Control-Expose-Headers: Request-Context
Cache-Control: public
Connection: keep-alive
Content-Length: 29294
Request-Context: appId=cid-v1:43e6b201-d6e8-4c24-8c3f-0390d0c5b3a0

GET
H/1.1 200
OK jquery Show response
hcm.paycor.com/authentication/bundles/signin/ 3 KB
3 KB 292ms
290ms Script
text/javascript 104.68.246.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/authentication/bundles/signin/jquery?v=OogFi3g5HLuGIHAgSqPk_6zluJg3HjxNAuUL0uNC8a81
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.68.246.64 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-68-246-64.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c38b8ed7dbb34d765effeef37cc2c4e22f54cfa34a5fa09e58ac3fdaaa0d8bf7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Expires: Thu, 12 Jun 2025 20:48:18 GMT
Date: Wed, 12 Jun 2024 20:48:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jun 2024 20:48:18 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
TLS: 83461673cbea7346
Access-Control-Expose-Headers: Request-Context
Cache-Control: public
Connection: keep-alive
Content-Length: 1603
Request-Context: appId=cid-v1:efc5b693-1eec-49b9-865f-43ff43cb5488

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 110ms
41ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 20:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Dw6K+rTuf8kOuPIEBw1QQA==
age: 73892
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6881
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jun 2024 06:32:22 GMT
server: cloudflare
etag: 0x8DC89E04057A87F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2e61f1b6-801e-007c-1919-bcdc5c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892cb372ac8574b0-MIA

GET
H2 200 4a759233
d21y75miwcfqoq.cloudfront.net/ 68 B
478 B 464ms
327ms Image
image/png 2600:9000:2501:ac00:1b:ef38:3680:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d21y75miwcfqoq.cloudfront.net/4a759233
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2501:ac00:1b:ef38:3680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/?rid=VxSzZ1Q
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 20:48:19 GMT
x-amz-version-id: af19B1lPtVj3beH11.sogw2l7GzkssRI
via: 1.1 ccabfbceff64477665e33f03003a399c.cloudfront.net (CloudFront)
last-modified: Fri, 08 Sep 2023 20:25:10 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5
etag: "91e42db1c66c0b276abf6234dc50b2eb"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 68
x-amz-cf-id: V79M7yBr7d47f5Y_GzM7QI_pWvDj7c4EaHu7GLvZiyUEOpB1ryJqCQ==

GET
H/1.1 200
OK utilities.latest.min.js Show response
hcm.paycor.com/paycorapp/ 98 KB
32 KB 179ms
72ms Script
application/x-javascript 104.68.246.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/paycorapp/utilities.latest.min.js
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.68.246.64 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-68-246-64.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e0be55fbf1a9afaf902f827dec31ebfa71667fe68308ce3ec35b3bdb761cae85

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 20:48:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Apr 2024 18:41:43 GMT
Server: Microsoft-IIS/10.0
ETag: "80d631098dda1:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32451

GET
H/1.1 200
OK PdUccPH4 Show response
hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/ 218 KB
81 KB 95ms
94ms Script
application/javascript 104.68.246.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.68.246.64 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-68-246-64.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ed0366c6c336ed1e83a989b59c96b021f4901b366650eaaeb43ebad781513378

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 20:48:18 GMT
Content-Encoding: br
Last-Modified: Mon, 29 Apr 2024 18:42:12 GMT
ETag: "c7b47cb242bce17acdc9aa40dc0fbc01ad163fcce7922334d0f18838ea014dfc"
Stored-Attribute-Sha-Checksum: ed0366c6c336ed1e83a989b59c96b021f4901b366650eaaeb43ebad781513378
Vary: Accept-Encoding
Content-Type: application/javascript
TLS: efe82ec56f922644
Cache-Control: max-age=21600, max-age=21600
Connection: keep-alive
Content-Length: 81388

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 239 KB
86 KB 196ms
82ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WD22DQG

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b292eb164a67595eb8b66cd8f1694b0867aab27e1b5b4b5c1dab689c6461f326

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 20:48:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87971
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 20:04:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Jun 2024 20:48:18 GMT

GET
H/1.1 200
OK clearstate.html
secure.paycor.com/accounts/content/ Frame 4F86 0
0 269ms
98ms Document
text/html 23.62.174.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.paycor.com/accounts/content/clearstate.html
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.174.9 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-174-9.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://hr.jamff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 11813
Content-Type: text/html
Cteonnt-Length: 32173
Date: Wed, 12 Jun 2024 20:48:18 GMT
ETag: "0e2563921aeda1:0"
Last-Modified: Fri, 24 May 2024 21:27:48 GMT
Vary: Accept-Encoding
X-Akamai-Request-ID: 1ecb1c89

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK xoss.html
hcm.paycor.com/paycorapp/ Frame 86FF 0
0 293ms
187ms Document
text/html 104.68.246.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/paycorapp/xoss.html
Requested by: Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.68.246.64 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-68-246-64.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://hr.jamff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Cache-Control: public,max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 219
Content-Type: text/html
Date: Wed, 12 Jun 2024 20:48:18 GMT
ETag: "0579dd14f81da1:0"
Last-Modified: Thu, 28 Mar 2024 20:37:58 GMT
Server: Microsoft-IIS/10.0
TLS: 83461673cbea7346
Vary: Accept-Encoding
X-Powered-By: ASP.NET

GET
H/1.1 200
OK logo.gif
999.paycor.com/images/glvomt4226ouabrl0x4yu6hlw/ 43 B
183 B 429ms
215ms Image
image/gif 54.156.245.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://999.paycor.com/images/glvomt4226ouabrl0x4yu6hlw/logo.gif?l=https://hr.jamff.com/?rid=VxSzZ1Q&r=
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.156.245.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-245-251.compute-1.amazonaws.com
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 20:48:18 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

OPTIONS
H/1.1 200
OK PdUccPH4
hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/ Frame 0
0 170ms
64ms Preflight
application/json 104.68.246.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.68.246.64 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-68-246-64.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: traceparent,tracestate
Access-Control-Request-Method: POST
Origin: https://hr.jamff.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Wed, 12 Jun 2024 20:48:18 GMT

POST PdUccPH4
hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/ 0
0

GET
H/1.1 200
OK paycor-logo.png
hcm.paycor.com/authentication/content/Images/Logo/ 3 KB
4 KB 88ms
87ms Image
image/png 104.68.246.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hcm.paycor.com/authentication/content/Images/Logo/paycor-logo.png
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.68.246.64 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-68-246-64.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f3ad6b8b82f6e9c8067edb141866f5954813a29f6e7a6bdf35186e7b09e9f758

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 20:48:18 GMT
Last-Modified: Tue, 30 Apr 2024 06:18:14 GMT
Server: Microsoft-IIS/10.0
ETag: "057c92ec69ada1:0"
X-Powered-By: ASP.NET
Content-Type: image/png
TLS: UNKNOWN, 83461673cbea7346
Access-Control-Expose-Headers: Request-Context
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3567
Request-Context: appId=cid-v1:efc5b693-1eec-49b9-865f-43ff43cb5488

GET
H/1.1 200
OK entrust_site_seal_small.png
hcm.paycor.com/authentication/content/Images/ 8 KB
9 KB 70ms
69ms Image
image/png 104.68.246.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hcm.paycor.com/authentication/content/Images/entrust_site_seal_small.png
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.68.246.64 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-68-246-64.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c399c0d0bc5b2d6cafb63d4218e38f81ea8f15216687643e34ddf1a5c48e15f9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 20:48:18 GMT
Last-Modified: Tue, 30 Apr 2024 06:18:14 GMT
Server: Microsoft-IIS/10.0
ETag: "057c92ec69ada1:0"
X-Powered-By: ASP.NET
Content-Type: image/png
TLS: 83461673cbea7346
Access-Control-Expose-Headers: Request-Context
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8430
Request-Context: appId=cid-v1:efc5b693-1eec-49b9-865f-43ff43cb5488

GET
H/1.1 200
OK 2.jpg
hcm.paycor.com/authentication/content/Images/background/ 95 KB
95 KB 84ms
83ms Image
image/jpeg 104.68.246.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hcm.paycor.com/authentication/content/Images/background/2.jpg?v=05.24.2017
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.68.246.64 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-68-246-64.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2661f8ec50ab7261544609cd2bf6c45e78ee6f30cee9ce95bdd0c0c36969aace

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 20:48:18 GMT
Last-Modified: Tue, 30 Apr 2024 06:18:14 GMT
Server: Microsoft-IIS/10.0
ETag: "057c92ec69ada1:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
TLS: 83461673cbea7346
Access-Control-Expose-Headers: Request-Context
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96896
Request-Context: appId=cid-v1:efc5b693-1eec-49b9-865f-43ff43cb5488

GET
H/1.1 200
OK 2Mobile.jpg
hcm.paycor.com/authentication/content/Images/background/ 69 KB
69 KB 144ms
74ms Image
image/jpeg 104.68.246.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hcm.paycor.com/authentication/content/Images/background/2Mobile.jpg?v=05.24.2017
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.68.246.64 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-68-246-64.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 422d908ca79fcb614760939956fd4e8aba8fe75d78278f7fe10f43517e2afd78

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 20:48:18 GMT
Last-Modified: Thu, 23 May 2024 20:27:24 GMT
Server: Microsoft-IIS/10.0
ETag: "09eda9e4fadda1:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
TLS: 83461673cbea7346
Access-Control-Expose-Headers: Request-Context
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70349
Request-Context: appId=cid-v1:43e6b201-d6e8-4c24-8c3f-0390d0c5b3a0

GET
H2 200 90119edf-b883-42d3-b82f-97977849d151-test.json Show response
cdn.cookielaw.org/consent/90119edf-b883-42d3-b82f-97977849d151-test/ 4 KB
2 KB 245ms
188ms XHR
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/90119edf-b883-42d3-b82f-97977849d151-test/90119edf-b883-42d3-b82f-97977849d151-test.json

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

493caf2148e30a0095b0a31f596e9feac88d5c253eeeb873872f3b136b66f2cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 20:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: CR1f8CUL8Qdja0ydX0bi4A==
content-length: 1476
x-ms-lease-status: unlocked
last-modified: Tue, 03 Jan 2023 15:37:02 GMT
server: cloudflare
etag: 0x8DAEDA05C4B1C89
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d5f81bfb-601e-001b-7b88-bb6ffb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892cb373e83ba69b-MIA

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 47 KB
17 KB 178ms
56ms Script
application/javascript 2600:1408:c400:26::17da:d920
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:26::17da:d920 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 20:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 May 2024 16:52:42 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=19072
accept-ranges: bytes
content-length: 16683

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 118ms
54ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 12 Jun 2024 20:48:18 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 917FB69F09E94CB19690349B58E04FEF Ref B: MIAEDGE1507 Ref C: 2024-06-12T20:48:18Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 90ms
88ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-944830538&l=dataLayer&cx=c

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

74e6013dee512f76aec90e51ae42ba3c085f398f6f72859ed38eff6f5808d831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 20:48:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92949
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 20:04:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Jun 2024 20:48:18 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 171ms
55ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Jun 2024 20:48:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57975
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=12, mss=1297, tbw=2795, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: xqDT0N5Uvg7kWKCEVLpWmTSfwYboMSFJulWDpFpqRX8c4mu6RfbVNqLvBQTWh4IRLsxA7NztaJbRKEqcPFrO9g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
306 B 126ms
58ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
accept: application/json
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 20:48:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 892cb3757cf08db8-MIA
access-control-allow-headers: Content-Type

GET
H2 204 5511164.js Show response
bat.bing.com/p/action/ 0
116 B 52ms
52ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5511164.js

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 12 Jun 2024 20:48:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 39C6DCAD579743EB8B4123CD5C505708 Ref B: MIAEDGE1507 Ref C: 2024-06-12T20:48:18Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
359 B 114ms
113ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5511164&tm=gtm002&Ver=2&mid=61824480-4fd2-419c-9422-df5361efe4b4&sid=1942626028fd11ef8ebcdf623be57ef9&vid=194264c028fd11ef9d8bed1ab3ed0a3a&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Paycor%20Secure%20Access%20Employee%20Login&p=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&r=&lt=902&evt=pageLoad&sv=1&rn=238988

Requested by

Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Jun 2024 20:48:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5480A251B88A4970BB4022FB53F12AA6 Ref B: MIAEDGE1507 Ref C: 2024-06-12T20:48:18Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/944830538/ 3 KB
1 KB 172ms
66ms Script
text/javascript 142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944830538/?random=1718225298764&cv=11&fst=1718225298764&bg=ffffff&guid=ON&async=1&gtm=45be46a0v872632945z8835361745za201zb835361745&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&hn=www.googleadservices.com&frm=0&tiba=Paycor%20Secure%20Access%20Employee%20Login&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

cafe /

Resource Hash

fa054f2da53da1a415e8c707a5d7daf5932960d7e3939ae4bcf417c0d94c6aad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 20:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1418
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
761 B 200ms
131ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=10318&time=1718225298795&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q
Requested by: Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: *
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 20:48:18 GMT
content-encoding: gzip
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 69C1D4ED08FA41A7A42C9DAD643C18EF Ref B: MIAEDGE2113 Ref C: 2024-06-12T20:48:18Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lva1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYat4CVr1tQrsMkIst/Ww==
x-fs-uuid: 00061ab78095af5b50aec32422cb7f5b

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1718225298795&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1718225298795&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D10318%26time%3D1718225298795%26url%3Dhttps%253A%252F%252Fhr.jamff.com%252F%253Fri...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1718225298795&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1718225298795&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&cookiesTest=true&liSync=true&e_ipv6=AQJ8bpmytD2eAQAAAZAONWcOu7MxnQaL_o...

0
488 B

198ms
130ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1718225298795&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&cookiesTest=true&liSync=true&e_ipv6=AQJ8bpmytD2eAQAAAZAONWcOu7MxnQaL_ozO6nD0CU7nHPFXZM4uxO8MWNrkwUmeJnqWbw
Requested by: Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://hr.jamff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 12 Jun 2024 20:48:18 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 832E932B2722411D8559EC3868EDC45E Ref B: MIA301000102031 Ref C: 2024-06-12T20:48:19Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYat4CckR6270npEYNd7w==

Redirect headers

date: Wed, 12 Jun 2024 20:48:19 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5641CB37ABA043BBA0D92E0515D166BA Ref B: MIAEDGE2722 Ref C: 2024-06-12T20:48:19Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1718225298795&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&cookiesTest=true&liSync=true&e_ipv6=AQJ8bpmytD2eAQAAAZAONWcOu7MxnQaL_ozO6nD0CU7nHPFXZM4uxO8MWNrkwUmeJnqWbw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYat4CabGhO5YWgiImK9w==

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/ 383 KB
92 KB 42ms
41ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 20:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: uPFqyxtrxGqJsyAvB7RnSg==
age: 30294
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 93482
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:45 GMT
server: cloudflare
etag: 0x8DADC66BDFA5EC7
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 21668104-b01e-0083-2e08-7c27e1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892cb375e91574b0-MIA

OPTIONS
H/1.1 200
OK PdUccPH4
hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/ Frame 0
0 74ms
74ms Preflight
application/json 104.68.246.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.68.246.64 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-68-246-64.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: traceparent,tracestate
Access-Control-Request-Method: POST
Origin: https://hr.jamff.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Wed, 12 Jun 2024 20:48:19 GMT

POST PdUccPH4
hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/ 0
0

GET
H2 200 1658281131098209 Show response
connect.facebook.net/signals/config/ 291 KB
91 KB 326ms
325ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1658281131098209?v=2.9.157&r=stable&domain=hr.jamff.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3007f70dea5c6e13e4b9dfdf0370dd05edb016b91ae9ac2f4138912c5122a6a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Jun 2024 20:48:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=65, mss=1297, tbw=63478, tp=-1, tpl=-1, uplat=269, ullat=0
pragma: public
x-fb-debug: DccDzFJnUL8rImtZV2fQOZ0GArLtn7y355kNPUImHD1j9v4NcCymX3+LGLI+YjEWsoHjJF5Hfhf9ERdhGncXQA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/944830538/ 42 B
64 B 169ms
62ms Image
image/gif 172.253.122.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/944830538/?random=1718225298764&cv=11&fst=1718222400000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v872632945z8835361745za201zb835361745&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&hn=www.googleadservices.com&frm=0&tiba=Paycor%20Secure%20Access%20Employee%20Login&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLpykMOjvLYT0yAbnK5ZUCsB8iy0ohDg&random=2347777283&rmt_tld=0&ipr=y

Requested by

Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 20:48:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/90119edf-b883-42d3-b82f-97977849d151-test/9adb7314-bef2-4a0f-9eb2-78fe63d1bb19/ 143 KB
25 KB 167ms
167ms Fetch
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/90119edf-b883-42d3-b82f-97977849d151-test/9adb7314-bef2-4a0f-9eb2-78fe63d1bb19/en.json

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

374ba02b44412645b5db18a26b6b146c8c1b3b976992fa9be64d77df2ec7e9fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 20:48:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: AU09UGtfHv1TvIF9132x5A==
content-length: 25309
x-ms-lease-status: unlocked
last-modified: Tue, 03 Jan 2023 15:37:07 GMT
server: cloudflare
etag: 0x8DAEDA05F1F350D
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 09effc6c-b01e-005d-4c09-bdb16d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 892cb3773e64a69b-MIA

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 13 KB
3 KB 177ms
177ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otFlat.json

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 20:48:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: vO8A/abKpoPacUrvSk9OSw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:35 GMT
server: cloudflare
etag: 0x8DADC66B7AF38D0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8423dfcc-501e-0018-3c88-bb6cfc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892cb3784822a69b-MIA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 62 KB
15 KB 153ms
152ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otPcCenter.json

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 20:48:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: MDgKSvnSO+c999jgSnUf4g==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14749
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:35 GMT
server: cloudflare
etag: 0x8DADC66B80F4BC7
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 33e5b298-901e-008d-2788-bb0dcf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892cb3785827a69b-MIA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 21 KB
4 KB 162ms
162ms Fetch
text/css 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otCommonStyles.css

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 20:48:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 131c6dbf-f01e-009d-14de-bc3b29000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 892cb3785829a69b-MIA

OPTIONS
H/1.1 200
OK PdUccPH4
hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/ Frame 0
0 59ms
58ms Preflight
application/json 104.68.246.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.68.246.64 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-68-246-64.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: traceparent,tracestate
Access-Control-Request-Method: POST
Origin: https://hr.jamff.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Wed, 12 Jun 2024 20:48:19 GMT

POST PdUccPH4
hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/ 0
0

GET
H2 200 ot_company_logo.png
cdn.cookielaw.org/logos/static/ 4 KB
4 KB 41ms
40ms Image
image/png 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_company_logo.png

Requested by

Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 20:48:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: E8+sk/ECzKgTUVtDLikiIA==
age: 4374
content-length: 4036
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jun 2024 06:32:25 GMT
server: cloudflare
etag: 0x8DC89E041F7123F
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f038269f-601e-0093-2252-bcd722000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892cb379ce4d74b0-MIA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 41ms
41ms Image
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 20:48:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 30296
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jun 2024 06:32:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 7560aff8-801e-0011-6132-bc7672000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 892cb379ce5174b0-MIA

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
192 B 68ms
68ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://hr.jamff.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 20:48:19 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 4FCF555882044F69A3B5C097575195A2 Ref B: MIAEDGE2722 Ref C: 2024-06-12T20:48:19Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://hr.jamff.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYat4CfJC5gAXYf7/ioKA==

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 177ms
55ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1658281131098209&ev=PageView&dl=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&rl=&if=false&ts=1718225299525&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718225299524.200203752332601793&eid=ob3_plugin-set_e7b4c3996d590345cd47bb028b268b03a810a48817e260c7cbfe4175f41b4e6f&ler=empty&cdl=API_unavailable&it=1718225299051&coo=false&rqm=GET

Requested by

Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=10, mss=1297, tbw=2778, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Jun 2024 20:48:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 347ms
226ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1658281131098209&ev=PageView&dl=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&rl=&if=false&ts=1718225299525&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718225299524.200203752332601793&eid=ob3_plugin-set_e7b4c3996d590345cd47bb028b268b03a810a48817e260c7cbfe4175f41b4e6f&ler=empty&cdl=API_unavailable&it=1718225299051&coo=false&rqm=FGET

Requested by

Host: hr.jamff.com
URL: https://hr.jamff.com/?rid=VxSzZ1Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9f63f1eedc4d5092","source_keys":["1","2"]},{"key_piece":"0x17490caa54683377","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 12 Jun 2024 20:48:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7379721468502545740", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=10, mss=1297, tbw=3092, tp=-1, tpl=-1, uplat=171, ullat=1
pragma: no-cache
x-fb-debug: z35cfeok9If613ucMY1VZRoPygWYabZeSRej0uL1zfXVX+2MOx9sezNd7YXy4T5vzpIoII/8OxRM83kVWV9HPg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7379721468502545740"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 e3ddc3b6489d023fcc795e073199fa44641de3aac9be80d113d3ec98a545f9f3 Show response
capig.paycor.com/events/ 0
315 B 208ms
65ms XHR
text/plain 2600:1f16:19a4:102:bffa:be21:a2b6:6b2b
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capig.paycor.com/events/e3ddc3b6489d023fcc795e073199fa44641de3aac9be80d113d3ec98a545f9f3
Requested by: Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:19a4:102:bffa:be21:a2b6:6b2b Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://hr.jamff.com
date: Wed, 12 Jun 2024 20:48:19 GMT
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 nr-spa-1.248.0.min.js Show response
js-agent.newrelic.com/ 87 KB
29 KB 87ms
28ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.248.0.min.js

Requested by

Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Origin: https://hr.jamff.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: WdicPIzDGJD8og5dR8sXZo1iUf3RkEzi
content-encoding: br
via: 1.1 varnish
date: Wed, 12 Jun 2024 20:48:19 GMT
strict-transport-security: max-age=300
x-amz-request-id: X6MFXGDJ9KK6FCBF
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 29446
x-amz-id-2: Y4076pP8kjI56w61FtwlB2MXKQqUl8ZwQSidqhyGV90ebzWwSNCCApmcbW++oG3XNrgo/4ET1I7JPtmNoqUZEHVNrpbME/XCOjNACwG7fCM=
x-served-by: cache-mia-kmia1760023-MIA
last-modified: Thu, 16 Nov 2023 17:54:54 GMT
server: AmazonS3
etag: "9aea0ff91a800a354637269e96e31dac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 53406

GET
H/1.1 200
OK favicon.ico
hcm.paycor.com/authentication/ 1 KB
809 B 64ms
64ms Other
image/x-icon 104.68.246.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hcm.paycor.com/authentication/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.68.246.64 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-68-246-64.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f8132340c7be589c4ca35a88d20f6523551542e2cb0611d5bfcea22e71d4023f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 20:48:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Apr 2024 06:18:14 GMT
Server: Microsoft-IIS/10.0
ETag: "057c92ec69ada1:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/x-icon
Access-Control-Expose-Headers: Request-Context
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 372
Request-Context: appId=cid-v1:efc5b693-1eec-49b9-865f-43ff43cb5488

POST
H/1.1 200 NRBR-7784dc3f05e7c9bd31b Show response
bam.nr-data.net/1/ 151 B
592 B 140ms
82ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRBR-7784dc3f05e7c9bd31b?a=1103143923&sa=1&v=1.248.0&t=Unnamed%20Transaction&rst=2486&ck=0&s=8a70d6fa83e9e38a&ref=https://hr.jamff.com/&af=err,xhr,stn,ins,spa&be=347&fe=2017&dc=556&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1718225297518,%22n%22:0,%22f%22:0,%22dn%22:39,%22dne%22:39,%22c%22:39,%22s%22:91,%22ce%22:274,%22rq%22:274,%22rp%22:348,%22rpe%22:401,%22di%22:851,%22ds%22:851,%22de%22:903,%22dc%22:2362,%22l%22:2362,%22le%22:2364%7D,%22navigation%22:%7B%7D%7D&fp=796&fcp=796
Requested by: Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8245a2acc3d8bc6fab8a1ee0489c79154cc63f11f21708879b9c95c11a234686

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 12 Jun 2024 20:48:20 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://hr.jamff.com
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: https://hr.jamff.com
Content-Length: 151
x-served-by: cache-mia-kmia1760098-MIA

POST
H/1.1 200 NRBR-7784dc3f05e7c9bd31b Show response
bam.nr-data.net/events/1/ 24 B
339 B 69ms
68ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRBR-7784dc3f05e7c9bd31b?a=1103143923&sa=1&v=1.248.0&t=Unnamed%20Transaction&rst=2641&ck=0&s=8a70d6fa83e9e38a&ref=https://hr.jamff.com/
Requested by: Host: hcm.paycor.com
URL: https://hcm.paycor.com/authentication/Content/Scripts/newrelic.js?v=2024-06-12T00:00:00.0000000+00:00
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://hr.jamff.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 12 Jun 2024 20:48:20 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://hr.jamff.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-mia-kmia1760098-MIA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hcm.paycor.com
URL: https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4

Domain: hcm.paycor.com
URL: https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4

Domain: hcm.paycor.com
URL: https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.capig.paycor.com/events/e3ddc3b6489d023fcc795e073199fa44641de3aac9be80d113d3ec98a545f9f3	1970-01-20 23:26:41	Name: cee Value: pWw%2B7QK1ZL9h4dJPVCyozBNMcSywWoR89AST1WXC5Ew%3D.%7B%7D
hr.jamff.com/	1969-12-31 23:59:59	Name: paycordfp Value: 90c8417bcaaad7a737bf735ee527f135
.hr.jamff.com/	1970-01-20 22:00:17	Name: clientvisitor Value: true
.jamff.com/	1970-01-20 21:18:31	Name: _uetsid Value: 1942626028fd11ef8ebcdf623be57ef9
.jamff.com/	1970-01-21 06:38:41	Name: _uetvid Value: 194264c028fd11ef9d8bed1ab3ed0a3a
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 54afdf174759984f
.bing.com/	1970-01-21 06:38:41	Name: MUID Value: 06A9D636DEB464081CCBC2AADF24657F
.bat.bing.com/	1970-01-20 21:27:10	Name: MR Value: 0
.doubleclick.net/	1970-01-20 21:17:06	Name: test_cookie Value: CheckForPermission
.linkedin.com/	1970-01-20 23:26:41	Name: li_sugr Value: 6508b67d-7f91-48b7-bd42-412ea6a5e1b5
.linkedin.com/	1970-01-21 06:02:41	Name: bcookie Value: "v=2&971f5b6a-c70d-4bd0-8668-fbfe23bf5df2"
.linkedin.com/	1970-01-20 21:18:31	Name: lidc Value: "b=VGST05:s=V:r=V:a=V:p=V:g=3121:u=1:x=1:i=1718225298:t=1718311698:v=2:sig=AQGoTMbU2XpeVtph0OQMzZoq04GXxujY"
.linkedin.com/	1970-01-20 22:00:17	Name: UserMatchHistory Value: AQIWqkQ41frahAAAAZAONWZ9cANGT1-OHNz_8PD59znX7cKX5BkcZkfFhLuTDwx8LnvPNfjFmnQ06Q
.linkedin.com/	1970-01-20 22:00:17	Name: AnalyticsSyncHistory Value: AQLSxYy0ps0WUgAAAZAONWZ9KRH7VgOGjj5weo81Is4ZJfbyxTdhZ29Mb9WvPYDBsqXYi9TgRX7t3tXc820MyA
.www.linkedin.com/	1970-01-21 06:02:41	Name: bscookie Value: "v=1&202406122048193f876af9-b540-48aa-8c9f-4878d9aab72fAQG4cn3xPBA7vr8a12Zxut3cYT7sSY8d"
hr.jamff.com/	1970-01-21 06:02:41	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Jun+12+2024+10%3A48%3A19+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202211.2.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fhr.jamff.com%2F%3Frid%3DVxSzZ1Q&groups=C0004%3A1%2CC0002%3A1%2CC0003%3A1%2CC0001%3A1
.jamff.com/	1970-01-20 23:26:41	Name: _fbp Value: fb.1.1718225299524.200203752332601793

49 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Access to XMLHttpRequest at 'https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4' from origin 'https://hr.jamff.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Access to XMLHttpRequest at 'https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4' from origin 'https://hr.jamff.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Access to XMLHttpRequest at 'https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4' from origin 'https://hr.jamff.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://hcm.paycor.com/QEvpqq4V3CusreSuZA/wOOESNh4GD/d2tkKgcmAQ/dSU/PdUccPH4 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hr.jamff.com/?rid=VxSzZ1Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

999.paycor.com
bam.nr-data.net
bat.bing.com
capig.paycor.com
cdn.cookielaw.org
connect.facebook.net
d21y75miwcfqoq.cloudfront.net
geolocation.onetrust.com
googleads.g.doubleclick.net
hcm.paycor.com
hr.jamff.com
js-agent.newrelic.com
px.ads.linkedin.com
px4.ads.linkedin.com
secure.paycor.com
snap.licdn.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.linkedin.com
hcm.paycor.com
104.68.246.64
13.107.42.14
142.251.167.156
162.247.243.29
172.253.122.104
23.62.174.9
2600:1408:c400:26::17da:d920
2600:1f16:19a4:102:bffa:be21:a2b6:6b2b
2600:9000:2501:ac00:1b:ef38:3680:21
2602:816:5001::39
2606:4700:4400::6812:2089
2606:4700::6813:b134
2607:f8b0:4004:c19::61
2620:1ec:21::14
2620:1ec:c11::237
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
54.156.245.251
54.164.174.140
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
16e31e698ad86dd88a847fabe992d98514011cd9a0cb70e3c40fb113d4b5a753
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
2661f8ec50ab7261544609cd2bf6c45e78ee6f30cee9ce95bdd0c0c36969aace
2ca159c57759b309635de0477a369e1070d8c01ac8c5bdf42710da4c1ca7962c
3007f70dea5c6e13e4b9dfdf0370dd05edb016b91ae9ac2f4138912c5122a6a8
374ba02b44412645b5db18a26b6b146c8c1b3b976992fa9be64d77df2ec7e9fe
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
422d908ca79fcb614760939956fd4e8aba8fe75d78278f7fe10f43517e2afd78
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
493caf2148e30a0095b0a31f596e9feac88d5c253eeeb873872f3b136b66f2cb
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
74e6013dee512f76aec90e51ae42ba3c085f398f6f72859ed38eff6f5808d831
74ef21d11efa4c6a1f4992c1dbda3466571c344e1df82decf72416f0c0e183c7
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8245a2acc3d8bc6fab8a1ee0489c79154cc63f11f21708879b9c95c11a234686
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b292eb164a67595eb8b66cd8f1694b0867aab27e1b5b4b5c1dab689c6461f326
c38b8ed7dbb34d765effeef37cc2c4e22f54cfa34a5fa09e58ac3fdaaa0d8bf7
c399c0d0bc5b2d6cafb63d4218e38f81ea8f15216687643e34ddf1a5c48e15f9
c8a4bc387276d281d36b78aedf2032ab26bfc65ecf6ea79691fa532e16a9d48f
cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4
e0be55fbf1a9afaf902f827dec31ebfa71667fe68308ce3ec35b3bdb761cae85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed0366c6c336ed1e83a989b59c96b021f4901b366650eaaeb43ebad781513378
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3ad6b8b82f6e9c8067edb141866f5954813a29f6e7a6bdf35186e7b09e9f758
f8132340c7be589c4ca35a88d20f6523551542e2cb0611d5bfcea22e71d4023f
fa054f2da53da1a415e8c707a5d7daf5932960d7e3939ae4bcf417c0d94c6aad

hr.jamff.com Open in urlscan Pro 54.164.174.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

51 Requests

92 %HTTPS

58 %IPv6

15 Domains

20 Subdomains

20 IPs

1 Countries

977 kBTransfer

2778 kBSize

17 Cookies

16 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hr.jamff.com Open in urlscan Pro
54.164.174.140 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

92 %
HTTPS

58 %
IPv6

15
Domains

20
Subdomains

20
IPs

1
Countries

977 kB
Transfer

2778 kB
Size

17
Cookies

51 HTTP transactions
1 data transactions