employers.wirkn.com Open in urlscan Pro
3.225.156.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.wirkn.com/c/eJxsz81u5CAQBOCnwTcsaJq_gw8rjfwaqzZuxmhsGNmMRvv2qyRKTrl_Vapap-y84oEn7XzUMaK1wzalYJkREmRtc8bgXD...
Effective URL:
https://employers.wirkn.com/login
Submission: On March 20 via manual (March 20th 2023, 6:56:36 pm UTC) from US — Scanned from DE

Summary HTTP 63 Redirects Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 26 domains to perform 63 HTTP transactions. The main IP is 3.225.156.74, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is employers.wirkn.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 17th 2023. Valid for: a year.

This is the only time employers.wirkn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.102.239.211 34.102.239.211	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 7	3.225.156.74 3.225.156.74	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:4... 2600:1901:0:498c::	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:780... 2a02:26f0:780::5f65:3670	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f013:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 8	2600:9000:225... 2600:9000:225e:ca00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:8600:1f:f723:6fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2251:f400:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:82ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eecc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:b348:8565:d835:8061	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.99.74 13.32.99.74	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6811:9d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
63	31

1 34.102.239.211 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.239.102.34.bc.googleusercontent.com

email.wirkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.225.156.74 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-156-74.compute-1.amazonaws.com

employers.wirkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::5f65:3670 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f013:d:face:b00c:0:3 (Helsinki, Finland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:225e:ca00:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:8600:1f:f723:6fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:f400:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:22::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:82ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:b348:8565:d835:8061 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-74.fra60.r.cloudfront.net

tr-rc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:9d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 2412 d.adroll.com — Cisco Umbrella Rank: 1215	82 KB
8	wirkn.com 2 redirects email.wirkn.com employers.wirkn.com	376 KB
7	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4582 app.hubspot.com — Cisco Umbrella Rank: 5247 track.hubspot.com — Cisco Umbrella Rank: 2140	24 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 6583	294 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25 region1.google-analytics.com — Cisco Umbrella Rank: 2388	20 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 333 www.linkedin.com — Cisco Umbrella Rank: 564 px4.ads.linkedin.com — Cisco Umbrella Rank: 6243	3 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 936 trc.taboola.com — Cisco Umbrella Rank: 682 trc-events.taboola.com — Cisco Umbrella Rank: 1889	20 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	239 B
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4449 forms.hscollectedforms.net — Cisco Umbrella Rank: 4631	25 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6069	515 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	515 B
2	lfeeder.com sc.lfeeder.com — Cisco Umbrella Rank: 13669 tr-rc.lfeeder.com — Cisco Umbrella Rank: 18436	11 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	137 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 76	422 B
2	gstatic.com fonts.gstatic.com	26 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	146 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 231
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 341	15 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4451	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 1981	64 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 1977	20 KB
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 812	370 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 692	5 KB
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 3011	18 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	1 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2113	938 B
63	26

	Domain	Requested by
8	s.adroll.com	2 redirects employers.wirkn.com
7	employers.wirkn.com	1 redirects employers.wirkn.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
3	app.hubspot.com	employers.wirkn.com static.hsappstatic.net
3	www.google-analytics.com	employers.wirkn.com
2	trc-events.taboola.com	employers.wirkn.com
2	track.hubspot.com
2	www.facebook.com	employers.wirkn.com
2	api.hubspot.com	employers.wirkn.com
2	region1.google-analytics.com	www.googletagmanager.com
2	px.ads.linkedin.com	2 redirects
2	www.google.de	employers.wirkn.com
2	www.google.com	employers.wirkn.com
2	connect.facebook.net	employers.wirkn.com
2	stats.g.doubleclick.net	employers.wirkn.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	employers.wirkn.com
1	bam.nr-data.net	employers.wirkn.com
1	js-agent.newrelic.com	employers.wirkn.com
1	tr-rc.lfeeder.com	employers.wirkn.com
1	forms.hscollectedforms.net	employers.wirkn.com
1	d.adroll.com	employers.wirkn.com
1	trc.taboola.com	employers.wirkn.com
1	js.usemessages.com	employers.wirkn.com
1	js.hscollectedforms.net	employers.wirkn.com
1	js.hs-banner.com	employers.wirkn.com
1	js.hs-analytics.net	employers.wirkn.com
1	px4.ads.linkedin.com	employers.wirkn.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	employers.wirkn.com
1	sc.lfeeder.com	employers.wirkn.com
1	cdn.taboola.com	employers.wirkn.com
1	snap.licdn.com	employers.wirkn.com
1	cdn.mxpnl.com	employers.wirkn.com
1	fonts.googleapis.com	employers.wirkn.com
1	js.hs-scripts.com	employers.wirkn.com
1	email.wirkn.com	1 redirects
63	37

This site contains no links.

Subject Issuer	Validity	Valid
*.prod4.aws.wirkn.com Amazon RSA 2048 M01	`2023-02-17` - `2024-03-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.mxpnl.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-07-11` - `2023-07-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-28`	3 months	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2023-02-24` - `2023-08-01`	5 months	crt.sh
*.lfeeder.com Amazon RSA 2048 M01	`2023-02-28` - `2023-08-07`	5 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://employers.wirkn.com/login
Frame ID: 7D5AC73E28BA99E85C7A9C9EBB4E9DF7
Requests: 54 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/8171053/threads/utk/3fa9c8c8339d479e92af1aa6ada4753c?uuid=e5f7ee8c64d74cea908e0c0f31b0a2e8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=employers.wirkn.com&inApp53=false&messagesUtk=3fa9c8c8339d479e92af1aa6ada4753c&url=https%3A%2F%2Femployers.wirkn.com%2Flogin&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: D856F8400863170839181CAFF8EFA342
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wirkn Employers

Page URL History Show full URLs

http://email.wirkn.com/c/eJxsz81u5CAQBOCnwTcsaJq_gw8rjfwaqzZuxmhsGNmMRvv2qyRKTrl_Vapap-y84oEn7XzUMa... HTTP 302
https://employers.wirkn.com/locations/0d81e925-c689-4623-abc8-5d8e815f99cc/interested/7e99db75-41a5-456a... HTTP 302
https://employers.wirkn.com/login Page URL

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

63
Requests

95 %
HTTPS

76 %
IPv6

26
Domains

37
Subdomains

31
IPs

6
Countries

1308 kB
Transfer

4353 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.wirkn.com/c/eJxsz81u5CAQBOCnwTcsaJq_gw8rjfwaqzZuxmhsGNmMRvv2qyRKTrl_Vapap-y84oEn7XzUMaK1wzalYJkREmRtc8bgXDaaMHGkkNnpoUygwCijo0LtjR2DdUC4BDCBo_JaoHqX81HH1I5hn7ben5cwfwTMAmY-nnv7x-c1_hgB894S9dLqJWBWa9AcwcrkQpTowEhaUpB2DRy0zTGmJGAutfPJV-dVwOw5xnXxVqImK9E6kkSIcuXFE6BndCTMvFO9C3PjKsC9-vE30fGkcq_C3Cq_a-sll68hB1W68_ntNqqV94_oQWUfzim3a6RlfZ20HVQFqtxa31t68Pl5u0-_F_4PAAD__8ftdeA HTTP 302
https://employers.wirkn.com/locations/0d81e925-c689-4623-abc8-5d8e815f99cc/interested/7e99db75-41a5-456a-aa44-deb7a247e46a?lang=en&utm_campaign=newnotificationmanager&utm_channel=email HTTP 302
https://employers.wirkn.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3615732&time=1679338591453&url=https%3A%2F%2Femployers.wirkn.com%2Flogin HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3615732%26time%3D1679338591453%26url%3Dhttps%253A%252F%252Femployers.wirkn.com%252Flogin%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3615732&time=1679338591453&url=https%3A%2F%2Femployers.wirkn.com%2Flogin&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3615732&time=1679338591453&url=https%3A%2F%2Femployers.wirkn.com%2Flogin&liSync=true&e_ipv6=AQLBg3tGw4TXuQAAAYcAYVclf8c7USF9J9YOPx3lNjyZkHlHGpM8mahUN98wjcmDp0oF0LIz

Request Chain 34

https://s.adroll.com/j/exp/665GSFVBW5CT5L4CRBZADD/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 35

https://s.adroll.com/j/pre/665GSFVBW5CT5L4CRBZADD/DGUNX3PV2BBSBPA6BNJFTT/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
employers.wirkn.com/
Redirect Chain

http://email.wirkn.com/c/eJxsz81u5CAQBOCnwTcsaJq_gw8rjfwaqzZuxmhsGNmMRvv2qyRKTrl_Vapap-y84oEn7XzUMaK1wzalYJkREmRtc8bgXDaaMHGkkNnpoUygwCijo0LtjR2DdUC4BDCBo_JaoHqX81HH1I5hn7ben5cwfwTMAmY-nnv7x-c1_hgB...
https://employers.wirkn.com/locations/0d81e925-c689-4623-abc8-5d8e815f99cc/interested/7e99db75-41a5-456a-aa44-deb7a247e46a?lang=en&utm_campaign=newnotificationmanager&utm_channel=email
https://employers.wirkn.com/login

36 KB
13 KB

106ms
105ms

Document
text/html

3.225.156.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://employers.wirkn.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.156.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-156-74.compute-1.amazonaws.com
Software: /
Resource Hash: 98aae6d1514239712814ac66e2578e42bbd5d97ab9b407ff9008b1368a59f787

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 20 Mar 2023 18:56:30 GMT
etag: W/"8ff4-WZ0guclexr2Gp/TntX7b/tARG2Y"
vary: Accept-Encoding

Redirect headers

content-language: en
content-length: 56
content-type: text/html; charset=utf-8
date: Mon, 20 Mar 2023 18:56:30 GMT
location: /login
vary: Accept, Accept-Encoding

GET
H2 200 style.min.css
employers.wirkn.com/media/css/ 304 KB
53 KB 102ms
101ms Stylesheet
text/css 3.225.156.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://employers.wirkn.com/media/css/style.min.css
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.156.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-156-74.compute-1.amazonaws.com
Software: /
Resource Hash: 678398425ec646e4d3f1378cba7328847db7e93798d0d477e06f651fa24608f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:30 GMT
content-encoding: gzip
last-modified: Wed, 15 Mar 2023 15:52:54 GMT
etag: W/"4bfcd-186e5f96da0"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 scripts.min.js Show response
employers.wirkn.com/media/js/ 822 KB
228 KB 103ms
103ms Script
application/javascript 3.225.156.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://employers.wirkn.com/media/js/scripts.min.js
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.156.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-156-74.compute-1.amazonaws.com
Software: /
Resource Hash: f31b7549a183ed866bab4dd9fbf91a4f1b3f29531e1a7fdd7c671e817e26154e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:30 GMT
content-encoding: gzip
last-modified: Wed, 15 Mar 2023 15:52:53 GMT
etag: W/"cd61d-186e5f96a4a"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 wirkn-logo.svg
employers.wirkn.com/media/images/ 3 KB
1 KB 103ms
102ms Image
image/svg+xml 3.225.156.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employers.wirkn.com/media/images/wirkn-logo.svg
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.156.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-156-74.compute-1.amazonaws.com
Software: /
Resource Hash: dbdad96049b5e322792b4f1f9d556bcf9d079f1af521622af1805de7de64a920

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:31 GMT
content-encoding: gzip
last-modified: Wed, 15 Mar 2023 15:41:30 GMT
etag: W/"aa0-186e5eefc10"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 wirkn-icon.png
employers.wirkn.com/media/images/ 4 KB
4 KB 101ms
101ms Image
image/png 3.225.156.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employers.wirkn.com/media/images/wirkn-icon.png
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.156.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-156-74.compute-1.amazonaws.com
Software: /
Resource Hash: bb403edbc77f73231ba7715d6779238813d949f2ffbcf3bee693c5dc18b6df43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:31 GMT
cache-control: public, max-age=0
last-modified: Wed, 15 Mar 2023 15:41:30 GMT
accept-ranges: bytes
etag: W/"fd9-186e5eefc10"
content-length: 4057
content-type: image/png

GET
H2 200 8171053.js Show response
js.hs-scripts.com/ 2 KB
938 B 417ms
386ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/8171053.js
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4548eccf7450a074d4050887f41468c77ba03c754a773d1461b8dad9660cdb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:31 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 19 Mar 2023 09:07:58 GMT
server: cloudflare
x-hubspot-correlation-id: 34dcf7ce-239f-4405-900c-a78a79e4f84b
x-trace: 2B097239EB2BCF62C6EB0E705FE0FBF399EBD4FF53000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://employers.wirkn.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7ab02cf29d793a85-FRA
expires: Mon, 20 Mar 2023 18:57:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 134ms
48ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,200,300,400italic,600,700&display=swap

Requested by

Host: employers.wirkn.com
URL: https://employers.wirkn.com/media/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ecded4594c3178c253093a6479089cc7fdfbaee37a02a30dcc570fde5cc1121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Mar 2023 18:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 18:56:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Mar 2023 18:56:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 189 KB
67 KB 150ms
66ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M7S2S3X

Requested by

Host: employers.wirkn.com
URL: https://employers.wirkn.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fedaafb89cfc6e2066b2fcbfe7a3966730850b35ce64aa2efdfed8a62a63af7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68478
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Mar 2023 18:56:31 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 50 KB
18 KB 50ms
14ms Script
text/javascript 2600:1901:0:498c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:50:30 GMT
content-encoding: gzip
age: 361
x-guploader-uploadid: ADPycdvdm8jlEceEfQg9sfGbKGFOo9zS3-aqDnZKNJUO6pPQgiAwDp6e5pQDMr7UTvf2pKfKgaoBKbX34ZIiVP2Yce3pUw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17435
last-modified: Thu, 17 Feb 2022 20:21:50 GMT
server: UploadServer
etag: "caa762087e9d75cecc34b5d6626cb7b9"
vary: Accept-Encoding
x-goog-generation: 1645129310876382
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=600
x-goog-stored-content-length: 17435
accept-ranges: bytes
expires: Mon, 20 Mar 2023 19:00:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 114ms
35ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: employers.wirkn.com
URL: https://employers.wirkn.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 20 Mar 2023 17:19:33 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5818
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 20 Mar 2023 19:19:33 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 127ms
48ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,200,300,400italic,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://employers.wirkn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 06:00:20 GMT
x-content-type-options: nosniff
age: 219371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Mar 2024 06:00:20 GMT

GET
H2 200 fontawesome-webfont.woff2
employers.wirkn.com/media/fonts/ 75 KB
76 KB 101ms
100ms Font
font/woff2 3.225.156.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://employers.wirkn.com/media/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/media/css/style.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.156.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-156-74.compute-1.amazonaws.com
Software: /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://employers.wirkn.com/media/css/style.min.css
Origin: https://employers.wirkn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:31 GMT
cache-control: public, max-age=0
last-modified: Mon, 24 Oct 2016 21:33:21 GMT
accept-ranges: bytes
etag: W/"12d68-157f89cb0e8"
content-length: 77160
content-type: font/woff2

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 114ms
36ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,200,300,400italic,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://employers.wirkn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 00:28:56 GMT
x-content-type-options: nosniff
age: 412055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 00:28:56 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 44ms
43ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1706030209&t=pageview&_s=1&dl=https%3A%2F%2Femployers.wirkn.com%2Flogin&ul=en-us&de=UTF-8&dt=Wirkn%20Employers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=214286606&gjid=2056952615&cid=1106569235.1679338591&tid=UA-55175122-5&_gid=1694342686.1679338591&_r=1&_slc=1&z=2016189761

Requested by

Host: employers.wirkn.com
URL: https://employers.wirkn.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://employers.wirkn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 18:56:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://employers.wirkn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-55175122-5&cid=1106569235.1679338591&jid=214286606&gjid=2056952615&_gid=1694342686.1679338591&_u=IEBAAEAAAAAAACAAI~&z=1616704043

Requested by

Host: employers.wirkn.com
URL: https://employers.wirkn.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://employers.wirkn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 20 Mar 2023 18:56:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://employers.wirkn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 47ms
46ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1706030209&t=pageview&_s=1&dl=https%3A%2F%2Femployers.wirkn.com%2Flogin&ul=en-us&de=UTF-8&dt=Wirkn%20Employers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAAI~&jid=831030396&gjid=306022852&cid=1106569235.1679338591&tid=UA-55175122-1&_gid=1694342686.1679338591&_r=1&_slc=1&gtm=45He33f0n81M7S2S3X&z=2059785308

Requested by

Host: employers.wirkn.com
URL: https://employers.wirkn.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://employers.wirkn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 18:56:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://employers.wirkn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 54ms
6ms Script
application/x-javascript 2a02:26f0:780::5f65:3670
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: employers.wirkn.com
URL: https://employers.wirkn.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3670 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=33515
accept-ranges: bytes
content-length: 4777

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1373260/ 58 KB
18 KB 139ms
115ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1373260/tfa.js
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4da1afd9dc099912b94c2fe3c6fff2e5594300cf62d32ab0162e89254de31b04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: XoCddY5n2lMf5jxFRz_QYB_h70ZOSCqZ
content-encoding: gzip
via: 1.1 varnish
date: Mon, 20 Mar 2023 18:56:31 GMT
x-amz-request-id: X5FAHNSCHXFVMX7S
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18170
x-amz-id-2: FaR0slsg+/tWfxuU/39nSC77cdzbQEGNbm7YXtHcb685yqKu5/dmszgahAS0ckvZG2Oq2Lc5Enc=
x-served-by: cache-fra-eddf8230076-FRA
last-modified: Sun, 19 Mar 2023 11:45:35 GMT
server: AmazonS3
x-timer: S1679338591.417774,VS0,VE109
etag: "bb306eaa983c2e3cefee1e1dd30da629"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 43
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 243ms
43ms Script
application/x-javascript 2a03:2880:f013:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: employers.wirkn.com
URL: https://employers.wirkn.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f013:d:face:b00c:0:3 Helsinki, Finland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 20 Mar 2023 18:56:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: wg9n6BQCDSvMoFFImFl8tPQlqdULuaMZbqyDBdfQD0JkOa75XojKSIpAQN98u2LrcZgkroNk6h1snovyDjoCrw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
79 KB 71ms
70ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B3QHDH8G13&l=dataLayer&cx=c

Requested by

Host: employers.wirkn.com
URL: https://employers.wirkn.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0dcedea5972b8337cf66d35656daf9e08102d5a2c2a865aff64b4cf95e135ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80966
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 20 Mar 2023 18:56:31 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 57 KB
19 KB 205ms
8ms Script
text/javascript 2600:9000:225e:ca00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ca00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e883e2f7756a89ffc5c6762792b18e8f3e92316c7e2e1fd92f487a9acfabf53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

X-Amz-Version-Id: XeQrim4dk9MkkbNLmy.58peQe_oovwl8
Content-Encoding: gzip
Via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
Date: Mon, 20 Mar 2023 18:43:18 GMT
Age: 794
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 09 Mar 2023 23:45:41 GMT
Server: AmazonS3
Etag: W/"19ec07fb842a6e7506aa17575241300d"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: vDWZ_YuZ0KIYl1HXnaApPk7fIb_8dgSuhpH2u9lm1jmp_biWjGwc7Q==

GET
H2 200 lftracker_v1_3P1w24dBpAz8mY5n.js Show response
sc.lfeeder.com/ 31 KB
11 KB 417ms
232ms Script
application/javascript 2600:9000:225e:8600:1f:f723:6fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.lfeeder.com/lftracker_v1_3P1w24dBpAz8mY5n.js
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8600:1f:f723:6fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21f72ffc3eab6e22fd417abc94887d08fb6a96d3d6abfc44d6cc85d870edafc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: DQr9z6b4vfTxdxovqI69q2EXhcZeis3o
content-encoding: gzip
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
date: Mon, 20 Mar 2023 18:56:32 GMT
last-modified: Mon, 20 Mar 2023 08:13:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: W/"a394c4a9d25b29d6023c03c2c77bc086"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: ksUQWkjNmBZPrli2kgC4lJMGuExiOsjLOawAX5p987knjQ0KKEtdiA==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 250ms
75ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-55175122-5&cid=1106569235.1679338591&jid=214286606&_u=IEBAAEAAAAAAACAAI~&z=221490992

Requested by

Host: employers.wirkn.com
URL: https://employers.wirkn.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 18:56:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 247ms
72ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-55175122-5&cid=1106569235.1679338591&jid=214286606&_u=IEBAAEAAAAAAACAAI~&z=221490992

Requested by

Host: employers.wirkn.com
URL: https://employers.wirkn.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 18:56:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-55175122-1&cid=1106569235.1679338591&jid=831030396&gjid=306022852&_gid=1694342686.1679338591&_u=aEDAAEABAAAAACAAI~&z=499667837

Requested by

Host: employers.wirkn.com
URL: https://employers.wirkn.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://employers.wirkn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 20 Mar 2023 18:56:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://employers.wirkn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3615732/domain/employers.wirkn.com/ 36 B
370 B 298ms
155ms XHR
application/json 2600:9000:2251:f400:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3615732/domain/employers.wirkn.com/token
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:f400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://employers.wirkn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:31 GMT
content-encoding: gzip
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: ddw4IGMTrWGL0vK6MZWIJB295-PnzB98SpZFPIHZsNjaZ7Vvej2dDA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3615732&time=1679338591453&url=https%3A%2F%2Femployers.wirkn.com%2Flogin
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3615732%26time%3D1679338591453%26url%3Dhttps%253A%252F%252Femployers.wirkn.com%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3615732&time=1679338591453&url=https%3A%2F%2Femployers.wirkn.com%2Flogin&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3615732&time=1679338591453&url=https%3A%2F%2Femployers.wirkn.com%2Flogin&liSync=true&e_ipv6=AQLBg3tGw4TXuQAAAYcAYVclf8c7USF9J9YOPx3lNjyZkHlHGpM8m...

0
266 B

281ms
148ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3615732&time=1679338591453&url=https%3A%2F%2Femployers.wirkn.com%2Flogin&liSync=true&e_ipv6=AQLBg3tGw4TXuQAAAYcAYVclf8c7USF9J9YOPx3lNjyZkHlHGpM8mahUN98wjcmDp0oF0LIz
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:32 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: D6D7E80D272F419C88DADB52C4BE5BE9 Ref B: FRAEDGE1311 Ref C: 2023-03-20T18:56:32Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX3WXxAyKOkBAXKcSolyQ==

Redirect headers

date: Mon, 20 Mar 2023 18:56:32 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 96A4C791A0A947A684826FF7BCC4BA5E Ref B: VIEEDGE3210 Ref C: 2023-03-20T18:56:31Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3615732&time=1679338591453&url=https%3A%2F%2Femployers.wirkn.com%2Flogin&liSync=true&e_ipv6=AQLBg3tGw4TXuQAAAYcAYVclf8c7USF9J9YOPx3lNjyZkHlHGpM8mahUN98wjcmDp0oF0LIz
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX3WXw8L64E2hH3vfFAdQ==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 207ms
73ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-55175122-1&cid=1106569235.1679338591&jid=831030396&_u=aEDAAEABAAAAACAAI~&z=1925090042

Requested by

Host: employers.wirkn.com
URL: https://employers.wirkn.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 18:56:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 206ms
72ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-55175122-1&cid=1106569235.1679338591&jid=831030396&_u=aEDAAEABAAAAACAAI~&z=1925090042

Requested by

Host: employers.wirkn.com
URL: https://employers.wirkn.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 18:56:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 75ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B3QHDH8G13&gtm=45je33f0&_p=1706030209&cid=1106569235.1679338591&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679338591&sct=1&seg=0&dl=https%3A%2F%2Femployers.wirkn.com%2Flogin&dt=Wirkn%20Employers&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B3QHDH8G13&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 18:56:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://employers.wirkn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 8171053.js Show response
js.hs-analytics.net/analytics/1679338500000/ 65 KB
20 KB 541ms
493ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1679338500000/8171053.js
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbd355cfed2a43227d5ad4ac8f93a6fa0693f13d40ba8a64c2758e1a71a85bef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:32 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 7DQ5FWZRBTBYZZ05
x-amz-server-side-encryption: AES256
x-amz-id-2: 9DWMEWDazsim+z9e0C2hkcebBM2Uw/ZDzuausTEimXak/gyQGvQewyE7ytJTd2bTZeCD2Nfc8yU=
last-modified: Thu, 02 Mar 2023 23:26:22 GMT
server: cloudflare
etag: W/"ecc1f5b53ed6dd59e2f8fd7a0950f432"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 7ab02cf57b6b363d-FRA
expires: Mon, 20 Mar 2023 19:01:31 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/8171053/ 208 KB
64 KB 652ms
620ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/8171053/banner.js
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33d5527817a2f0d84c85b9f2641cbe848077e7dd706587ac873dd4e5b0df8d78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:32 GMT
x-amz-version-id: ExsIpR3M3_p2KOTkN.1HYfO8HCIzeQSd
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 7DQ2KMGMGQ643P88
x-amz-server-side-encryption: AES256
x-amz-id-2: BJIjG69XYf3EhE15w7WM056l8cM12ltn87AG8GSpOwoVHGzM9l2V/ewJjWbXTjUcADQxByOhBJk=
last-modified: Fri, 10 Mar 2023 17:19:40 GMT
server: cloudflare
etag: W/"084f19f3db6bdd1bba09a9032f4afb94"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://employers.wirkn.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7ab02cf5b86c37d4-FRA
expires: Mon, 20 Mar 2023 19:01:31 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 68 KB
25 KB 148ms
114ms Script
application/javascript 2606:4700::6811:82ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:82ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3f2b8b4f35e3ac89735724f660e345274378e92d3d1c1f2695c04a0460fab3c

Request headers

Referer: https://employers.wirkn.com/
Origin: https://employers.wirkn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:31 GMT
x-amz-version-id: UTgFLxzqgfPWpvgFow3DNbYx_N7FOQZ9
via: 1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
cf-cache-status: MISS
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.331/bundles/project.js&cfRay=7ab02cf5c9b339ee-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Thu, 02 Mar 2023 01:24:29 UTC
server: cloudflare
etag: W/"9656224f3534bbb83c23ef97671f6be1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 7ab02cf5c9b339ee-FRA
x-amz-cf-id: ms2w939vAaSLTQQZmYEguyOAssYs48961eFozVJq-eIWDe3Bi2TzZA==
x-hs-target-asset: collected-forms-embed-js/static-1.331/bundles/project.js

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 75 KB
21 KB 56ms
25ms Script
application/javascript 2606:4700::6811:eecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 013e9ff0376e9c4b06e720578fb91b8e886c0689294ffcf5eeb22ce8b339155c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:31 GMT
x-amz-version-id: GWRNAlpMGduoWCESISmkVgOy10CnwF6L
via: 1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 239
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.12627/bundles/project.js&cfRay=7ab0271e6f309b52-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Thu, 16 Mar 2023 01:11:41 UTC
server: cloudflare
etag: W/"2d53582a381a9889688fb7aecfc418ba"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 7ab02cf61ecd5c68-FRA
x-amz-cf-id: 6PfWusx8KpFG-dCmZ0nYmWVJcDRaNAGoB7CRnXxhc2BWzItnQd6ZBA==
x-hs-target-asset: conversations-embed/static-1.12627/bundles/project.js

GET
H2 200 json Show response
trc.taboola.com/1373260/trc/3/ 2 KB
2 KB 35ms
27ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1373260/trc/3/json?tim=1679338591555&data=%7B%22id%22%3A535%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1679338591550%2C%22cv%22%3A%2220230319-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Femployers.wirkn.com%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-marcossekoiaca%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1679338591554%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Femployers.wirkn.com%2Flogin%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d34c33833ae740c5b0692aed47656db6518d96f01413699926cd995c7db56b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 20
date: Mon, 20 Mar 2023 18:56:31 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra-eddf8230076-FRA
server: nginx
x-timer: S1679338592.676723,VS0,VE20
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/665GSFVBW5CT5L4CRBZADD/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

14ms
9ms

Script
application/javascript

2600:9000:225e:ca00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: HTTP/1.1
Server: 2600:9000:225e:ca00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

X-Amz-Version-Id: vl4sIq5L75I77eKRxMdoJ1ZCUifm_NK5
Date: Mon, 20 Mar 2023 01:51:08 GMT
Via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
Age: 71131
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Thu, 02 Mar 2023 00:16:22 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: jxP18S6J494bWmOzFP2PsTQueOHrA1g2OMSSyUlmcGeGY8yZ_R-9JA==

Redirect headers

Date: Mon, 20 Mar 2023 01:01:24 GMT
Via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
Age: 64506
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: x62BHJP-XydvUNY_I5eNq7Js2s0JBbXOat3R5dQaW01lN8oHfRSa5g==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/665GSFVBW5CT5L4CRBZADD/DGUNX3PV2BBSBPA6BNJFTT/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

8ms
8ms

Script
application/javascript

2600:9000:225e:ca00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: HTTP/1.1
Server: 2600:9000:225e:ca00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Sun, 19 Mar 2023 23:08:13 GMT
Via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
Age: 73935
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: w9Xyc2VNJZC9dUntBN_TXowkloEDhr6jtsI97AbmasHJdIsjrWfjgg==

Redirect headers

Date: Sun, 19 Mar 2023 19:26:35 GMT
Via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
Age: 84595
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: GGtGb2UW44Hn5jYXtazmBNHQm2xHA0AZOq4fs4PKWX7wMvyKI1p-7g==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/665GSFVBW5CT5L4CRBZADD/DGUNX3PV2BBSBPA6BNJFTT/ 4 KB
3 KB 604ms
604ms Script
text/javascript 2600:9000:225e:ca00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/665GSFVBW5CT5L4CRBZADD/DGUNX3PV2BBSBPA6BNJFTT/index.js
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ca00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0cb0a48c76b0f668105a76c39481285b24b12dadca2090687a984f7210688025

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

X-Amz-Version-Id: HYatxUr6sVZWhPdAsbuA6pNZlAI8NRiG
Content-Encoding: gzip
Via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
Date: Mon, 20 Mar 2023 18:56:33 GMT
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Last-Modified: Sat, 18 Mar 2023 23:08:25 GMT
Server: AmazonS3
Etag: W/"a7bb70ece1e3f0f3879dcfca4857a770"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 6GrVefu4WLtUFYvMVzYGoaKvocqntY04e0tdv7NTam9o78P8O-FV4A==

GET
H2 200 644561733149514 Show response
connect.facebook.net/signals/config/ 381 KB
109 KB 159ms
158ms Script
application/x-javascript 2a03:2880:f013:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/644561733149514?v=2.9.99&r=stable

Requested by

Host: employers.wirkn.com
URL: https://employers.wirkn.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f013:d:face:b00c:0:3 Helsinki, Finland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe8bb148b9d586ad83e21ba642a895bc2b4032fcb68010de583529eaf787ae12

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 20 Mar 2023 18:56:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: NpvBSClYQurmI6UdVbB6SyIJrLhLkK3SP4X4iLAWgLzXaJxsUtlPVPYBGSEOl+qO4yfnCXrBxmxaA6akAhYmgg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 665GSFVBW5CT5L4CRBZADD Show response
d.adroll.com/consent/check/ 453 B
546 B 105ms
30ms Script
application/javascript 2a05:d018:cc3:fe04:b348:8565:d835:8061
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/665GSFVBW5CT5L4CRBZADD?pv=2411495515.8657246&arrfrr=https%3A%2F%2Femployers.wirkn.com%2Flogin&_s=dfc5a0a812a2074c15b1bcfecbe06b22&_b=2
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:b348:8565:d835:8061 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 5465a67a49fc1351c2d3b4ee2dd725e35be27e371f79c9daf127f130c7ca22d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:31 GMT
server: nginx/1.22.1
content-length: 453
content-type: application/javascript

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 163ms
163ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=8171053&conversations-embed=static-1.12627&mobile=false&messagesUtk=3fa9c8c8339d479e92af1aa6ada4753c&traceId=3fa9c8c8339d479e92af1aa6ada4753c

Requested by

Host: employers.wirkn.com
URL: https://employers.wirkn.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa885fba9fb53c1597d3d1eb5a9f1116b7de29863fc21eb05f3203089004cf43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://employers.wirkn.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://employers.wirkn.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: d712031a-5ac1-4312-8b09-f5e1c42bec0e
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1374
server: cloudflare
x-trace: 2BF6BCA8567639645D2DDD77EE3CBF1211BDB61FA9000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://employers.wirkn.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMI9zF3CRZgnwu7BoCH5S1Q3rSuxtZ9gcWsvsHjsvd0b2AIy31BYCmexbIpaE%2BF8KAREgEBybWxG%2FKSZd%2FgYHUhm1Pt6HhMKH8%2FdDUCJ6DF1RmpzPU5aq4CRV6Tb3xfNpbK%2BYd4qJwv4JkYwUg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 7ab02cf739563722-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 141ms
124ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://employers.wirkn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://employers.wirkn.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ab02cf67fe73722-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Mon, 20 Mar 2023 18:56:31 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vcKEVLlgkYDPmgEd2smyAniIpE7X1rXyG4NLAwFwt%2B5WjueKR1vJrZ7LxIOP8EmsyfaImA%2FRGEO2iZGRmPRTXuwDE%2BgSdfAS28jFCi7xFOScGgFQpISK9kEwd2zOk7nWotQsVQWyfSHvOOynw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 898e8ab2-5f09-48aa-bcb9-b9c01e7a848c
x-trace: 2BA79873C3ACB82B1B286F9A2B396E262A5AFEE4B9000000000000000000

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
382 B 129ms
114ms XHR
application/json 2606:4700::6811:82ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=8171053&utk=
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:82ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edb9075ec8a58502757d719892916f710802dffdc586a0456e5fe1c687481d3f

Request headers

Accept: application/json, text/plain, */*
Referer: https://employers.wirkn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 07258722-0cd0-49a8-812b-4ee9654fa677
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://employers.wirkn.com
cache-control: max-age=0
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7ab02cf6db5b39ee-FRA

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 410 KB
55 KB 10ms
10ms Script
application/javascript 2600:9000:225e:ca00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ca00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

X-Amz-Version-Id: 44sIT20LqRj70wQHqyIoOw7etYYdjkbK
Content-Encoding: gzip
Via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
Date: Mon, 20 Mar 2023 18:54:07 GMT
Age: 152
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 19:41:48 GMT
Server: AmazonS3
Etag: W/"0a7d0ea8d7d31b07e925fe340acf431b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: kYsvFWIb7rn4EomfBCN3mbNWe2NMY8AR1t5aWcb2QrI-qO2FI23VfQ==

GET
H2 200 /
tr-rc.lfeeder.com/ 43 B
295 B 103ms
47ms Image
image/gif 13.32.99.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr-rc.lfeeder.com/?sid=3P1w24dBpAz8mY5n&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTU1MTc1MTIyLTUiLCJVQS01NTE3NTEyMi0xIl0sImdhTWVhc3VyZW1lbnRJZHMiOlsiRy1CM1FIREg4RzEzIl0sImdhQ2xpZW50SWRzIjpbIjExMDY1NjkyMzUuMTY3OTMzODU5MSJdLCJjb250ZXh0Ijp7ImxpYnJhcnkiOnsibmFtZSI6ImxmdHJhY2tlciIsInZlcnNpb24iOiIyLjYwLjEifSwicGFnZVVybCI6Imh0dHBzOi8vZW1wbG95ZXJzLndpcmtuLmNvbS9sb2dpbiIsInBhZ2VUaXRsZSI6IldpcmtuIEVtcGxveWVycyIsInJlZmVycmVyIjoiIn0sImV2ZW50IjoidHJhY2tpbmctZXZlbnQiLCJjbGllbnRFdmVudElkIjoiNDdjZTVmMGJiOGJiNzgzMCIsInNjcmlwdElkIjoiM1AxdzI0ZEJwQXo4bVk1biIsImNvb2tpZXNFbmFibGVkIjp0cnVlLCJjb25zZW50TGV2ZWwiOiJub25lIiwiYW5vbnltaXplSXAiOmZhbHNlLCJsZkNsaWVudElkIjoiTEYxLjEuMzlkN2U0Nzc2ZmEyNDRhNi4xNjc5MzM4NTkxODI4IiwiZm9yZWlnbkNvb2tpZXMiOltdLCJwcm9wZXJ0aWVzIjp7fSwiYXV0b1RyYWNraW5nRW5hYmxlZCI6dHJ1ZSwiYXV0b1RyYWNraW5nTW9kZSI6Im9uX3NjcmlwdF9sb2FkIn0=
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-74.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:31 GMT
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P3
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: kslLIRILgkmF5vhpymiJ7Pz92hbl6yN-kCOH0dEWxCg9GJr3CkO2Ew==

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 11ms
11ms Image
image/png 2600:9000:225e:ca00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ca00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date: Sun, 19 Mar 2023 23:41:23 GMT
Via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
Age: 69919
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: V38nUZyPj_18K5Hh1kFDq5oDFz67AyIxgnmBJGZj0I-O57fSnnHPFA==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 47ms
15ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=644561733149514&ev=PageView&dl=https%3A%2F%2Femployers.wirkn.com%2Flogin&rl=&if=false&ts=1679338591967&sw=1600&sh=1200&v=2.9.99&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22331605302139214%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22585854122477224%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&cs_est=true&fbp=fb.1.1679338591966.1697746043&it=1679338591706&coo=false&rqm=GET

Requested by

Host: employers.wirkn.com
URL: https://employers.wirkn.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 20 Mar 2023 18:56:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 3fa9c8c8339d479e92af1aa6ada4753c Show response
app.hubspot.com/conversations-visitor/8171053/threads/utk/ Frame D856 53 KB
19 KB 222ms
198ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/8171053/threads/utk/3fa9c8c8339d479e92af1aa6ada4753c?uuid=e5f7ee8c64d74cea908e0c0f31b0a2e8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=employers.wirkn.com&inApp53=false&messagesUtk=3fa9c8c8339d479e92af1aa6ada4753c&url=https%3A%2F%2Femployers.wirkn.com%2Flogin&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: employers.wirkn.com
URL: https://employers.wirkn.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c61b87a4b7f9e3dcaa3db0e9ae4918e3e61bd68b00011359caa6af1cf2ffd97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://employers.wirkn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 2135
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 7ab02cf87834916a-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.15081/html/index.html&cfRay=7ab02cf87834916a&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F8171053%2Fthreads%2Futk%2F3fa9c8c8339d479e92af1aa6ada4753c%3Fuuid%3De5f7ee8c64d74cea908e0c0f31b0a2e8%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Demployers.wirkn.com%26inApp53%3Dfalse%26messagesUtk%3D3fa9c8c8339d479e92af1aa6ada4753c%26url%3Dhttps%253A%252F%252Femployers.wirkn.com%252Flogin%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Femployers.wirkn.com%2F&cfenv=prod&pdt=2023-03-20&csp=ro
content-type: text/html; charset=utf-8
date: Mon, 20 Mar 2023 18:56:32 GMT
etag: W/"ff9f02a1396463924c30ff1302c57011"
last-modified: Thu, 16 Mar 2023 01:11:41 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
reporting-endpoints: default="https://exceptions.hubspot.com/csp/reports?cfRay=7ab02cf87834916a&resource=conversations-visitor-ui/static-1.15081/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 c3d335addde48969fafe25d4064cee80.cloudfront.net (CloudFront)
x-amz-cf-id: VYccwCDkryD-TL-UemmuePbudoOjUVjnoVZ4ie25h-59sono-AH2EA==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: 7kJNgIrAMfyhpFKVXcVLEKudRKareC_n
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.15081/html/index.html
x-hs-worker-debug-mode: false

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.275/ Frame D856 44 KB
17 KB 33ms
15ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.275/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/8171053/threads/utk/3fa9c8c8339d479e92af1aa6ada4753c?uuid=e5f7ee8c64d74cea908e0c0f31b0a2e8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=employers.wirkn.com&inApp53=false&messagesUtk=3fa9c8c8339d479e92af1aa6ada4753c&url=https%3A%2F%2Femployers.wirkn.com%2Flogin&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9752edec2c899387503153d1551723b43fde48b8461a5d712b150880d40da9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:32 GMT
x-amz-version-id: _fgCzuf2WzF57fSNAEh6LsPhbbn5lujM
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 1725235
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Feb 2023 14:12:54 GMT
server: cloudflare
etag: W/"4b0cdd38b8ba1288f55501298927729e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3goWPXuYgkJmU2CURDHnGgjQr113IoPXKNxwnSzYgqR0TPKJLWR%2FHjniWDZFtwVcf19F3UJkGLeRcTzwVl60wkxRB6SjcgZi%2FkOrgdRf41HlzccirtpzrYRC9aZV6VETJYZUCTkot41QpZSaknL%2BjUcxIg%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7ab02cf9dad29969-FRA
x-amz-cf-id: GI7pEuG9iCFxCdMpRhsX5e1B9HXLglUHCVKzlWfYlvnpGwUNiORS6A==
expires: Tue, 19 Mar 2024 18:56:32 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.14945/sass/ Frame D856 20 KB
4 KB 54ms
24ms Stylesheet
text/css 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.14945/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36d655313c51c3540e79a4ed3bff5be86110779b4e25043a6e78150a58cdbc66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:32 GMT
x-amz-version-id: eTttM9S_vWGkXsa3G13R54bOHuRyRlPL
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 1187565
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Mar 2023 22:24:16 GMT
server: cloudflare
etag: W/"8b2053a9d9199e217c1f3e61d80f5d90"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u39jUmjrxhfuLFit9HECD3vZjG7pMk9Dv%2BGi7Vvyw5GVttlfs06IBI004FnRASclMHqdMdvQUKfuK6f1BoATzds08pZjg13DrzAN4OeyGhZhLbFeRtsPktWsQdBfbKqcJMvYZNUsaeHHphtSsJ102VYgz%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7ab02cf9e96137fc-FRA
x-amz-cf-id: d7Uhiq8cXKOs0j22esb_Lp6IVq64KBABI2XrjQot4bgS3dGiDtm0qw==
expires: Tue, 19 Mar 2024 18:56:32 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.376/ Frame D856 294 KB
94 KB 34ms
17ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.376/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0300214e11b240e10522e4f1ad62ec169cc2aaf02d2baf2da0a549684fd9a4d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:32 GMT
x-amz-version-id: a6ZTSsHVt9l6.9nsUWaYQP1mG4R5Ivop
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 1215182
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Mar 2023 16:47:40 GMT
server: cloudflare
etag: W/"55586520536599ca305d3b7b5396a562"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TV%2Bb3mqmu%2FP9n%2FQbjUt7P2EVi72HENvbKa4UJc%2FdTL1AzhXT9cZ7SFngV2gEAxTWYcgxF0as4zUe5zruH6Iqy2FwocpPm0X5LQDjERXR54HQx2wdoy4AE9zFOWG%2BJlqZ3AcfLvp%2Btvzu6QcPhv0XL0m3DhQ%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7ab02cf9dad49969-FRA
x-amz-cf-id: W_MdMQqLclLp5PWx6aS6k7_Te8SPnAa0YpCVBFQ5E1p67BDBVez_UQ==
expires: Tue, 19 Mar 2024 18:56:32 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.15081/bundles/ Frame D856 607 KB
178 KB 41ms
23ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.15081/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6959406d76b52ff3052db98848c930f59ef82f4c37041bf78931e04004423bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:32 GMT
x-amz-version-id: 5DAJrgeshU9fkkpeIdCbjbeRPO7rqtsm
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 366280
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 15 Mar 2023 20:59:28 GMT
server: cloudflare
etag: W/"daefbab4c2aeea7f3b504c3d0f24d318"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xm9YJccBtmG1nTaklo4dFa3K49HRl%2BY9Z1nzOdcpy4FoTU8fgJeqL5LiAKcF2UPymyDznb1lDuwDtfczZTKKM%2ByUhwfA2qH9%2FmqVDPGNz1cFuzT%2FYyg2FCi%2BgZ3HO%2B3t%2BP%2F9dlXKi5gJAkOOM9c1Icqgjr4%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7ab02cf9dad69969-FRA
x-amz-cf-id: kB7jmRhVfQkDjeHg18VfWjgt5uDzTFxm_xInJ-inUfUoBV3_WR8Ghg==
expires: Tue, 19 Mar 2024 18:56:32 GMT

GET
H2 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.14996/ Frame D856 776 B
816 B 15ms
14ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.14996/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.15081/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99bab4b1541e206ab32cf8350e893eb7d1cb8d0edf36bd6ddc1066354cef2747

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:32 GMT
x-amz-version-id: bFsI9hlKDHvsURQ_j88lekjNwl3z5qdB
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 853332
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Mar 2023 20:06:59 GMT
server: cloudflare
etag: W/"0a0ee213fac387634f85872a3f472d5c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twWsFFdCizrBNkU5RmZJxknSYH2oOVljQCqcdgkdUtj%2FnfdLx6w1AIqUa6n8Z2bXDe%2BlXDpGRBLlTY2quRIBAeb4UC4BemvOUP%2BkpzyfE204vO6SfduKf90sbR%2F8exkpxaFAnIUckH20fzT3ZCoD50Z7wgw%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7ab02cfadc4c9969-FRA
x-amz-cf-id: zRjlQC0yEDIn_INFJGv5JRk0fNflMSuaaXGmCgjvUX1fcoXCEIooOA==
expires: Tue, 19 Mar 2024 18:56:32 GMT

GET
H2 200 nr-spa-1194.min.js Show response
js-agent.newrelic.com/ 38 KB
15 KB 37ms
9ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1194.min.js
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8834ddce6c2616d408815291510e0cdb40f167096470453cb1f507dd10f3874a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Mon, 20 Mar 2023 18:56:32 GMT
x-amz-request-id: 98EHSFGWDG37XQC5
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14542
x-amz-id-2: e9iJBCcnsGtzQA5JWbMrjzgZ1WYN0tIuTVSRKRdFZluOAQM53x/FU5I3Q3DAD/FY/StNezEy5hk=
x-served-by: cache-fra-eddf8230080-FRA
last-modified: Wed, 06 Jan 2021 22:25:52 GMT
server: AmazonS3
x-timer: S1679338593.527534,VS0,VE0
etag: "358d2665ead3c6938bfd0db8a15a6ceb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 52

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
482 B 126ms
125ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1413633234&v=1.1&a=8171053&po=%2Flogin&rcu=https%3A%2F%2Femployers.wirkn.com%2F&pu=https%3A%2F%2Femployers.wirkn.com%2Flogin&t=Wirkn+Employers&cts=1679338592508&i=email%3D&vi=d272c704183f56edec8909c8df77bce7&nc=true&u=1656302.d272c704183f56edec8909c8df77bce7.1679338592504.1679338592504.1679338592504.1&b=1656302.1.1679338592505&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: b5fa1fe5-585f-4424-bc0a-af73b505b9a1
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPIV19Fkvi3D0PX4%2BMbJbDn1WMTTiAPtDDrc1YyqHt7GB8g4iJgMRgYS9Ol7Ws9P4VRHip6Va%2FYWS1%2BkFXA5gjoju%2BbLFZcq5YX6TiOzLnMDrMR2T6mqT1W30P6%2Bw4zW%2FhcW%2BqoXVOIpq6wOzusG"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ab02cfb2cba916a-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
514 B 124ms
123ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1413633234&v=1.1&a=8171053&po=%2Flogin&rcu=https%3A%2F%2Femployers.wirkn.com%2F&pu=https%3A%2F%2Femployers.wirkn.com%2Flogin&t=Wirkn+Employers&cts=1679338592509&i=email%3D&vi=d272c704183f56edec8909c8df77bce7&nc=true&u=1656302.d272c704183f56edec8909c8df77bce7.1679338592504.1679338592504.1679338592504.1&b=1656302.1.1679338592505&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f576c903-ce97-46f2-8ae6-219a37996c98
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3YeSBRQ%2FAKMTxwyDgfN%2BNKazkJNoDhcGuVrosdj3E94hFKxeEPURA3zaPQ3J7jTDEvRa9RNe3vRmU7Egqw1JhQXQwnFtCkMKtJc86A5uUOyKkiCNP%2B8sdFoqg%2F4vBWJvwD%2FiLlZ2qScBjHocn1d"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ab02cfb2cbc916a-FRA
x-robots-tag: none

POST
H2 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame D856 0
1 KB 150ms
150ms Ping
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.15081

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.15081/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/conversations-visitor/8171053/threads/utk/3fa9c8c8339d479e92af1aa6ada4753c?uuid=e5f7ee8c64d74cea908e0c0f31b0a2e8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=employers.wirkn.com&inApp53=false&messagesUtk=3fa9c8c8339d479e92af1aa6ada4753c&url=https%3A%2F%2Femployers.wirkn.com%2Flogin&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 20 Mar 2023 18:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 6f2f995d-631d-4adf-a151-a14ea69e4ec9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9mQQCdUQA%2FbXyHF6HAgsWa29yuPSFG1i%2FfHU1YIpquJIUfu%2BypXNaVHeMtTi%2FncyE4rPWLMHz0HvJpHfR%2B8mtUoyp1JWS21hPY6%2BbWOthwDdpzoQrWvyubQwtX7%2B757K3lmeDsbS9CRjLmZF%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet, X-HubSpot-Auth-Failure
access-control-max-age: 604800
access-control-allow-credentials: true
cf-ray: 7ab02cfb5d03916a-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer
timing-allow-origin: *

GET
H2 200 welcomeMessages Show response
app.hubspot.com/api/livechat-public/v1/bots/public/bot/1183984/ Frame D856 1 KB
1 KB 179ms
178ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/1183984/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.15081&conversations-visitor-ui=static-1.15081&traceId=3fa9c8c8339d479e92af1aa6ada4753c&sessionId=AMOaWbJ_EM5d7awAc1i1F-dVnn4Li5sVuAhrC7SkFNq3widKqnj1erLKMhevrMoQDFrNo8DllaxoxY_sdq5fjvKoDQLol39YTCA-310X7wZKETmJn_81URpV0ebOn-GCuRzd5-KZeQsAUijr8SREn4AbMn_BoVbXpA2Mqyp_C_QwPpiezH6SprM

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.275/bundle.production.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e3f2de5e2677f5712942fffef071c4e74de799a487766c455825660ccc7bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/conversations-visitor/8171053/threads/utk/3fa9c8c8339d479e92af1aa6ada4753c?uuid=e5f7ee8c64d74cea908e0c0f31b0a2e8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=employers.wirkn.com&inApp53=false&messagesUtk=3fa9c8c8339d479e92af1aa6ada4753c&url=https%3A%2F%2Femployers.wirkn.com%2Flogin&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: eba06ff5-0f74-4a64-9200-46ed7d5eaff6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B6E4097574EC6079FB0741BD25BFBA8D6838C87A5000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcAaqG5kS5bjJISt6DTY2vyHhqBhWXwRZAJCLexoWSzDYSTjB0o0hHyaRQGkQnmnY3K%2BdqLVwi6wngNH0Yyd66MHNtBteOxTvuEaPYpDimG6lReY4vHTE4PPcaUXPb3vuM6AWcHjG%2BgAWRG9WA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 7ab02cfb6d1a916a-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H/1.1 402
Payment Required NRJS-72e1b4bf35738b8ac5b
bam.nr-data.net/1/ 0
0 158ms
123ms Script
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-72e1b4bf35738b8ac5b?a=831610506&sa=1&v=1194.94d5a62&t=Unnamed%20Transaction&rst=2792&ck=1&ref=https://employers.wirkn.com/login&be=1382&fe=2726&dc=1406&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1679338589776,%22n%22:0,%22f%22:784,%22dn%22:784,%22dne%22:784,%22c%22:784,%22ce%22:784,%22rq%22:785,%22rp%22:890,%22rpe%22:892,%22dl%22:893,%22di%22:1405,%22ds%22:1405,%22de%22:1405,%22dc%22:2725,%22l%22:2725,%22le%22:2734%7D,%22navigation%22:%7B%7D%7D&fp=1419&fcp=1419&jsonp=NREUM.setToken
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 20 Mar 2023 18:56:32 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 7ab02cfbcd4430c9-FRA
Content-Length: 2
Vary: Accept-Encoding
Content-Type: text/plain;charset=UTF-8

GET
H2 204 unip Show response
trc-events.taboola.com/1373260/log/3/ 0
250 B 59ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1373260/log/3/unip?en=pre_d_eng_tb&tos=1556&scd=0&ssd=1&est=1679338591552&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1679338593108&vi=1679338591550&ri=f63ceaebbd01968f0d5bab60d4a94591&ref=null&cv=20230319-5-RELEASE&item-url=https%3A%2F%2Femployers.wirkn.com%2Flogin
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: https://employers.wirkn.com
pragma: no-cache
date: Mon, 20 Mar 2023 18:56:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 15ms
15ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=644561733149514&ev=Microdata&dl=https%3A%2F%2Femployers.wirkn.com%2Flogin&rl=&if=false&ts=1679338593481&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Wirkn%20Employers%22%2C%22meta%3Adescription%22%3A%22Find%20your%20next%20employees.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.99&r=stable&ec=1&o=30&fbp=fb.1.1679338591966.1697746043&it=1679338591706&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 20 Mar 2023 18:56:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1373260/log/3/ 0
249 B 16ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1373260/log/3/unip?en=pre_d_eng_tb&tos=4557&scd=0&ssd=1&est=1679338591552&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1679338596110&vi=1679338591550&ri=f63ceaebbd01968f0d5bab60d4a94591&ref=null&cv=20230319-5-RELEASE&item-url=https%3A%2F%2Femployers.wirkn.com%2Flogin
Requested by: Host: employers.wirkn.com
URL: https://employers.wirkn.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: https://employers.wirkn.com
pragma: no-cache
date: Mon, 20 Mar 2023 18:56:36 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 19ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B3QHDH8G13&gtm=45je33f0&_p=1706030209&cid=1106569235.1679338591&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1679338591&sct=1&seg=0&dl=https%3A%2F%2Femployers.wirkn.com%2Flogin&dt=Wirkn%20Employers&en=scroll&epn.percent_scrolled=90&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B3QHDH8G13&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employers.wirkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 18:56:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://employers.wirkn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wirkn.com/	1970-01-20 11:12:10	Name: wirkn-session.sid Value: s%3A7PpmdYMEipUWiiRApjV4Z3DN8Glv8uYD.pU1sWS6ulW7D9ePGFSO9FTm5vMIXu7crx4sXe%2B%2F2hGQ
.wirkn.com/	1970-01-20 19:14:34	Name: mp_0af17209a33e01f50a7af28913ab092d_mixpanel Value: %7B%22distinct_id%22%3A%20%22187006153f912-04db49c118728c-1430337c-1d4c00-187006153fad2b%22%2C%22%24device_id%22%3A%20%22187006153f912-04db49c118728c-1430337c-1d4c00-187006153fad2b%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.wirkn.com/	1970-01-20 10:30:24	Name: _gid Value: GA1.2.1694342686.1679338591
.wirkn.com/	1970-01-20 10:28:58	Name: _gat Value: 1
.wirkn.com/	1970-01-20 10:28:58	Name: _gat_UA-55175122-1 Value: 1
.wirkn.com/	1970-01-20 20:04:58	Name: _ga Value: GA1.1.1106569235.1679338591
.wirkn.com/	1970-01-20 20:04:58	Name: _ga_B3QHDH8G13 Value: GS1.1.1679338591.1.0.1679338591.0.0.0
employers.wirkn.com/	1970-01-20 10:30:24	Name: ln_or Value: eyIzNjE1NzMyIjoiZCJ9
.linkedin.com/	1970-01-20 11:12:10	Name: UserMatchHistory Value: AQIfrlVgdgBeggAAAYcAYVW8ia0LWwocQuF4WNo1UbkATSlTDfMah0ItaBb6HdvX8xH_CDliuP_lJA
.linkedin.com/	1970-01-20 11:12:10	Name: AnalyticsSyncHistory Value: AQIMZD_SUGKcrwAAAYcAYVW85Qw595h-FoZPtOXxUHB-LXAqt7qovVrvzkgk1zoPVXGtBEloHUko_ZkT6L1Hcw
.linkedin.com/	1970-01-20 19:14:34	Name: bcookie Value: "v=2&479cf32a-ac33-4772-86f1-577e1c441781"
.linkedin.com/	1970-01-20 10:30:24	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2906:u=1:x=1:i=1679338591:t=1679424991:v=2:sig=AQEN6--C11TgIkWjK0sCaT3j6ewzGgLI"
.wirkn.com/	1970-01-20 20:04:58	Name: _lfa Value: LF1.1.39d7e4776fa244a6.1679338591828
.www.linkedin.com/	1970-01-20 19:14:34	Name: bscookie Value: "v=1&20230320185631ef7a99da-d256-471b-84d9-0f0a02f8e855AQHRjMu8ByH27ZC-IqN16CamBDfZuuIF"
.linkedin.com/	1970-01-20 14:48:10	Name: li_gc Value: MTswOzE2NzkzMzg1OTE7MjswMjExicAqHc+fqiAQ45rdsT0bpIwwX4AXPjJv8CS9Jm7wZQ==
.wirkn.com/	1970-01-20 12:38:34	Name: _fbp Value: fb.1.1679338591966.1697746043
.hubspot.com/	1970-01-20 10:29:00	Name: __cf_bm Value: 4.Ph3eSOLVy2OiK.C4E7Q4R1ePOz0s.FYTxlwH7xwZo-1679338592-0-Aeioa92Msksm6wmt/rvRGVeLhnLhSeVkb2BH96gTXx0svp+Ro8LCI5c3wfs+MuUMw/MCKkcQ1nzLNZJu9uv8TG0=
.wirkn.com/	1970-01-20 14:48:10	Name: __hstc Value: 1656302.d272c704183f56edec8909c8df77bce7.1679338592504.1679338592504.1679338592504.1
.wirkn.com/	1970-01-20 14:48:10	Name: hubspotutk Value: d272c704183f56edec8909c8df77bce7
.wirkn.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.wirkn.com/	1970-01-20 10:29:00	Name: __hssc Value: 1656302.1.1679338592505

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bam.nr-data.net/1/NRJS-72e1b4bf35738b8ac5b?a=831610506&sa=1&v=1194.94d5a62&t=Unnamed%20Transaction&rst=2792&ck=1&ref=https://employers.wirkn.com/login&be=1382&fe=2726&dc=1406&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1679338589776,%22n%22:0,%22f%22:784,%22dn%22:784,%22dne%22:784,%22c%22:784,%22ce%22:784,%22rq%22:785,%22rp%22:890,%22rpe%22:892,%22dl%22:893,%22di%22:1405,%22ds%22:1405,%22de%22:1405,%22dc%22:2725,%22l%22:2725,%22le%22:2734%7D,%22navigation%22:%7B%7D%7D&fp=1419&fcp=1419&jsonp=NREUM.setToken Message: Failed to load resource: the server responded with a status of 402 (Payment Required)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
app.hubspot.com
bam.nr-data.net
cdn.linkedin.oribi.io
cdn.mxpnl.com
cdn.taboola.com
connect.facebook.net
d.adroll.com
email.wirkn.com
employers.wirkn.com
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
js-agent.newrelic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.usemessages.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
s.adroll.com
sc.lfeeder.com
snap.licdn.com
static.hsappstatic.net
stats.g.doubleclick.net
tr-rc.lfeeder.com
track.hubspot.com
trc-events.taboola.com
trc.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
13.107.42.14
13.32.99.74
141.226.228.48
151.101.1.44
151.101.130.137
162.247.241.14
2001:4860:4802:32::36
2600:1901:0:498c::
2600:9000:2251:f400:2:53b2:240:93a1
2600:9000:225e:8600:1f:f723:6fc0:93a1
2600:9000:225e:ca00:6:9280:1080:93a1
2606:4700:4400::6812:21ab
2606:4700::6811:46b0
2606:4700::6811:82ab
2606:4700::6811:9d2
2606:4700::6811:d6cc
2606:4700::6811:eecc
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:22::14
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2008
2a00:1450:4001:827::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:400c:c00::9a
2a02:26f0:780::5f65:3670
2a03:2880:f013:d:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
2a05:d018:cc3:fe04:b348:8565:d835:8061
3.225.156.74
34.102.239.211
013e9ff0376e9c4b06e720578fb91b8e886c0689294ffcf5eeb22ce8b339155c
0300214e11b240e10522e4f1ad62ec169cc2aaf02d2baf2da0a549684fd9a4d1
0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec
0cb0a48c76b0f668105a76c39481285b24b12dadca2090687a984f7210688025
0dcedea5972b8337cf66d35656daf9e08102d5a2c2a865aff64b4cf95e135ab2
19e3f2de5e2677f5712942fffef071c4e74de799a487766c455825660ccc7bfd
1e883e2f7756a89ffc5c6762792b18e8f3e92316c7e2e1fd92f487a9acfabf53
21f72ffc3eab6e22fd417abc94887d08fb6a96d3d6abfc44d6cc85d870edafc4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
33d5527817a2f0d84c85b9f2641cbe848077e7dd706587ac873dd4e5b0df8d78
36d655313c51c3540e79a4ed3bff5be86110779b4e25043a6e78150a58cdbc66
4da1afd9dc099912b94c2fe3c6fff2e5594300cf62d32ab0162e89254de31b04
5465a67a49fc1351c2d3b4ee2dd725e35be27e371f79c9daf127f130c7ca22d6
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c61b87a4b7f9e3dcaa3db0e9ae4918e3e61bd68b00011359caa6af1cf2ffd97
678398425ec646e4d3f1378cba7328847db7e93798d0d477e06f651fa24608f5
6959406d76b52ff3052db98848c930f59ef82f4c37041bf78931e04004423bda
6ecded4594c3178c253093a6479089cc7fdfbaee37a02a30dcc570fde5cc1121
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7d34c33833ae740c5b0692aed47656db6518d96f01413699926cd995c7db56b5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8834ddce6c2616d408815291510e0cdb40f167096470453cb1f507dd10f3874a
91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b
98aae6d1514239712814ac66e2578e42bbd5d97ab9b407ff9008b1368a59f787
99bab4b1541e206ab32cf8350e893eb7d1cb8d0edf36bd6ddc1066354cef2747
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3f2b8b4f35e3ac89735724f660e345274378e92d3d1c1f2695c04a0460fab3c
b4548eccf7450a074d4050887f41468c77ba03c754a773d1461b8dad9660cdb2
bb403edbc77f73231ba7715d6779238813d949f2ffbcf3bee693c5dc18b6df43
bbd355cfed2a43227d5ad4ac8f93a6fa0693f13d40ba8a64c2758e1a71a85bef
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
dbdad96049b5e322792b4f1f9d556bcf9d079f1af521622af1805de7de64a920
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edb9075ec8a58502757d719892916f710802dffdc586a0456e5fe1c687481d3f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31b7549a183ed866bab4dd9fbf91a4f1b3f29531e1a7fdd7c671e817e26154e
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f9752edec2c899387503153d1551723b43fde48b8461a5d712b150880d40da9a
fa885fba9fb53c1597d3d1eb5a9f1116b7de29863fc21eb05f3203089004cf43
fe8bb148b9d586ad83e21ba642a895bc2b4032fcb68010de583529eaf787ae12
fedaafb89cfc6e2066b2fcbfe7a3966730850b35ce64aa2efdfed8a62a63af7c

employers.wirkn.com Open in urlscan Pro 3.225.156.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

95 %HTTPS

76 %IPv6

26 Domains

37 Subdomains

31 IPs

6 Countries

1308 kBTransfer

4353 kBSize

21 Cookies

0 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

employers.wirkn.com Open in urlscan Pro
3.225.156.74 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

95 %
HTTPS

76 %
IPv6

26
Domains

37
Subdomains

31
IPs

6
Countries

1308 kB
Transfer

4353 kB
Size

21
Cookies

63 HTTP transactions
0 data transactions