www.hrwest.org Open in urlscan Pro
45.33.77.71 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/HR_Today
Effective URL:
https://www.hrwest.org/Home
Submission: On March 23 via manual (March 23rd 2021, 3:46:59 am UTC) from NL

Summary HTTP 63 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 19 domains to perform 63 HTTP transactions. The main IP is 45.33.77.71, located in Cedar Knolls, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is www.hrwest.org.
TLS certificate: Issued by R3 on February 5th 2021. Valid for: 3 months.

This is the only time www.hrwest.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 15	45.33.77.71 45.33.77.71	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:710... 2a02:26f0:7100:1b5::523	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a04:4e42:1b:... 2a04:4e42:1b::393	54113 (FASTLY) (FASTLY)
3	2a02:26f0:710... 2a02:26f0:7100:1a7::523	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:710... 2a02:26f0:7100:481::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2606:4700:e6:... 2606:4700:e6::ac40:ca1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 2	2620:119:50e3... 2620:119:50e3:101::6cae:b45	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	209.126.105.171 209.126.105.171	30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC)
9	2606:4700:10:... 2606:4700:10::6816:1983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 5	23.218.208.121 23.218.208.121	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	3.248.28.111 3.248.28.111	16509 (AMAZON-02) (AMAZON-02)
1	54.74.23.153 54.74.23.153	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1	54.235.211.105 54.235.211.105	14618 (AMAZON-AES) (AMAZON-AES)
63	23

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 45.33.77.71 (Cedar Knolls, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1023-71.members.linode.com

www.hrwest.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tools.eventpower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:7100:1b5::523 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

res-3.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
res-4.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:1b::393 (United States)

ASN54113 (FASTLY, US)

eventpower-res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:7100:1a7::523 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

res-5.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
res-2.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:481::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e6::ac40:ca1c (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e3:101::6cae:b45 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.126.105.171 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: condor1104.startdedicated.com

devweb.hr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-v.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vsb70.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.218.208.121 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-121.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.28.111 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.23.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-23-153.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.235.211.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-211-105.compute-1.amazonaws.com

nextroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	tawk.to embed.tawk.to static-v.tawk.to va.tawk.to vsb70.tawk.to	123 KB
9	cloudinary.com res-3.cloudinary.com eventpower-res.cloudinary.com res-4.cloudinary.com res-5.cloudinary.com res-2.cloudinary.com	2 MB
8	eventpower.com tools.eventpower.com	333 KB
7	hrwest.org 1 redirects www.hrwest.org	26 KB
6	adroll.com 1 redirects s.adroll.com d.adroll.com	72 KB
6	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	175 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	jsdelivr.net cdn.jsdelivr.net	54 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
2	facebook.com www.facebook.com	405 B
2	gstatic.com fonts.gstatic.com	29 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	92 KB
1	nextroll.com nextroll.com	2 KB
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	hr.com devweb.hr.com	479 B
1	licdn.com snap.licdn.com	2 KB
1	cloudflare.com cdnjs.cloudflare.com	6 KB
1	bit.ly 1 redirects bit.ly	340 B
63	19

	Domain	Requested by
8	tools.eventpower.com	www.hrwest.org tools.eventpower.com
7	www.hrwest.org	1 redirects www.hrwest.org
5	s.adroll.com	1 redirects www.hrwest.org s.adroll.com
5	ka-f.fontawesome.com	kit.fontawesome.com www.hrwest.org
4	fonts.googleapis.com	www.hrwest.org static-v.tawk.to
3	vsb70.tawk.to	static-v.tawk.to
3	cdn.jsdelivr.net	static-v.tawk.to
3	va.tawk.to	static-v.tawk.to
3	eventpower-res.cloudinary.com	www.hrwest.org
2	static-v.tawk.to	embed.tawk.to
2	www.facebook.com	www.hrwest.org
2	px.ads.linkedin.com	1 redirects www.hrwest.org
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.hrwest.org www.google-analytics.com
2	connect.facebook.net	www.hrwest.org connect.facebook.net
2	res-5.cloudinary.com	www.hrwest.org
2	res-4.cloudinary.com	www.hrwest.org
1	nextroll.com
1	d.adroll.com
1	d.adroll.mgr.consensu.org	1 redirects
1	embed.tawk.to	www.hrwest.org
1	devweb.hr.com	www.hrwest.org
1	www.linkedin.com	1 redirects
1	snap.licdn.com	www.hrwest.org
1	res-2.cloudinary.com	www.hrwest.org
1	cdnjs.cloudflare.com	www.hrwest.org
1	res-3.cloudinary.com	www.hrwest.org
1	kit.fontawesome.com	www.hrwest.org
1	bit.ly	1 redirects
63	29

This site contains links to these domains. Also see Links.

Domain
go.pardot.com
www.hr.com
www.kronos.com
nchra.org
twitter.com
www.facebook.com
www.linkedin.com
www.instagram.com
www.eventpower.com

Subject Issuer	Validity	Valid
hrwest.org R3	`2021-02-05` - `2021-05-06`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
eventpower.com R3	`2021-02-07` - `2021-05-08`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2019-12-08` - `2022-01-17`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
devweb.hr.com R3	`2021-03-10` - `2021-06-08`	3 months	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-09` - `2021-04-17`	a month	crt.sh
nextroll.com R3	`2021-03-21` - `2021-06-19`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.hrwest.org/Home
Frame ID: F33714BA88E3F015F732729640E184EF
Requests: 56 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: EC6E93AFAAD526D1DE34642DA621452D
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: C7A3E8FE25C067C33297C7D628528D0C
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: F60756C7A234041426284EBC26DEC70E
Requests: 4 HTTP requests in this frame

Frame: https://static-v.tawk.to/a-v3/images/bubbles/168-r-cr.svg
Frame ID: 8A19F578FB4B809E156CA82EE9A26568
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bit.ly/HR_Today HTTP 301
http://www.hrwest.org/Home HTTP 301
https://www.hrwest.org/Home Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

script /\/\/embed\.tawk\.to/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

63
Requests

100 %
HTTPS

73 %
IPv6

19
Domains

29
Subdomains

23
IPs

3
Countries

3263 kB
Transfer

5063 kB
Size

5
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://go.pardot.com/l/777223/2020-02-24/4bq1cf
Title: See All Sessions

Search URL Search Domain Scan URL

URL: https://www.hr.com/en/webcasts_events/live_events/hr-west-networking-event-in-california_k5wifkkm.html
Title: Learn more here

Search URL Search Domain Scan URL

URL: http://www.kronos.com/peaceofmind

Search URL Search Domain Scan URL

URL: http://nchra.org/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/HRwestConf/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NCHRA

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/next-concept-hr-association/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/HRWestConf/

Search URL Search Domain Scan URL

URL: https://www.eventpower.com/Privacy-Policy-HR-West
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/HR_Today HTTP 301
http://www.hrwest.org/Home HTTP 301
https://www.hrwest.org/Home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=547610&time=1616471202445&url=https%3A%2F%2Fwww.hrwest.org%2FHome HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D547610%26time%3D1616471202445%26url%3Dhttps%253A%252F%252Fwww.hrwest.org%252FHome%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=547610&time=1616471202445&url=https%3A%2F%2Fwww.hrwest.org%2FHome&liSync=true

Request Chain 46

https://s.adroll.com/j/exp/5X5YYOSAS5BHTOWY6A4ISF/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 48

https://d.adroll.mgr.consensu.org/consent/iabcheck/5X5YYOSAS5BHTOWY6A4ISF?_s=1644fa311494bd00e4f987e922c19478&_b=2 HTTP 302
https://d.adroll.com/consent/check/5X5YYOSAS5BHTOWY6A4ISF/?_s=1644fa311494bd00e4f987e922c19478&_b=2

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set Home Show response
www.hrwest.org/
Redirect Chain

http://bit.ly/HR_Today
http://www.hrwest.org/Home
https://www.hrwest.org/Home

19 KB
7 KB

675ms
484ms

Document
text/html

45.33.77.71
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hrwest.org/Home

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.33.77.71 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1023-71.members.linode.com

Software

Apache / Phusion Passenger 6.0.7

Resource Hash

11124b775fabb0a9539686995706bc14fd629c8888bc4cab89a3c29335ce3949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.hrwest.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: eventpower_tools_session_=ce482629e5d2e5c4b20f76f3479315bd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:46:41 GMT
Server: Apache
Cache-Control: max-age=0, private, must-revalidate
Vary: Accept-Encoding
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
X-Request-Id: 2aa9171c-d698-4b85-a43a-6287efbf809d
X-Frame-Options: SAMEORIGIN
X-Runtime: 0.388191
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: eventpower_tools_session_=ce482629e5d2e5c4b20f76f3479315bd; path=/; expires=Fri, 02 Apr 2021 03:46:41 -0000; HttpOnly
ETag: W/"6d2fa5927310a71f6d78ff0c24bebdef"
Status: 200 OK
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Tue, 23 Mar 2021 03:46:41 GMT
Server: Apache
Cache-Control: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
X-Request-Id: c49841b1-3720-426b-9efc-9aa8ed3f5c5d
X-Runtime: 0.039379
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: eventpower_tools_session_=ce482629e5d2e5c4b20f76f3479315bd; path=/; expires=Fri, 02 Apr 2021 03:46:41 -0000; HttpOnly
Location: https://www.hrwest.org/Home
Status: 301 Moved Permanently
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

GET
H2 200 css
fonts.googleapis.com/ 9 KB
892 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i&display=swap

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5a749caed0ee293e13c4d15b8820a7ee41c2435115f695dd94b0fd2e896017a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 01:49:55 GMT
server: ESF
date: Tue, 23 Mar 2021 03:46:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 03:46:41 GMT

GET
H2 200 02561ddf18.js Show response
kit.fontawesome.com/ 11 KB
4 KB 36ms
35ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/02561ddf18.js

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f87b68b339e9ef1dbbdf7b4cf3890a452208dedc7174b209694bf9bd0068168b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Origin: https://www.hrwest.org
Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:41 GMT
content-encoding: gzip
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status: MISS
strict-transport-security: max-age=31536000; preload
cf-request-id: 08feca2ff100004e6122aff000000001
x-request-id: Fm7b_l06XtT3qQ4DBdwh
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
cf-ray: 6344ac931acc4e61-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H/1.1 200
OK social-share-button-321436baeb200f9c980b90240b40232e3ba980b7b1eea34576cf57189e81b98d.css
tools.eventpower.com/assets/ 4 KB
2 KB 290ms
91ms Stylesheet
text/css 45.33.77.71
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.eventpower.com/assets/social-share-button-321436baeb200f9c980b90240b40232e3ba980b7b1eea34576cf57189e81b98d.css

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.33.77.71 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1023-71.members.linode.com

Software

Apache /

Resource Hash

321436baeb200f9c980b90240b40232e3ba980b7b1eea34576cf57189e81b98d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:46:42 GMT
Content-Encoding: gzip
Last-Modified: Sun, 09 Feb 2020 04:21:34 GMT
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1413
Expires: Wed, 23 Mar 2022 03:46:42 GMT

GET
H/1.1 200
OK site.css
www.hrwest.org/website_tools/ 12 KB
3 KB 407ms
406ms Stylesheet
text/css 45.33.77.71
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hrwest.org/website_tools/site.css?site_id=672

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.33.77.71 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1023-71.members.linode.com

Software

Apache / Phusion Passenger 6.0.7

Resource Hash

72c9edca4ebc5a3375b59f53ceb73b69c626bd63b286a028848d9dc4484c4a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hrwest.org/Home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:46:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger 6.0.7
Transfer-Encoding: chunked
Status: 200 OK
Connection: Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Request-Id: daf7c7f6-b588-4e5f-8b65-4a457c1552cd
X-Runtime: 0.309580
Last-Modified: Thu, 05 Nov 2020 16:17:07 GMT
Server: Apache
ETag: "637cc1c8fb541e6b02c609a1f18bd3f7"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Cache-Control: public
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK page.css
www.hrwest.org/website_tools/ 6 KB
2 KB 545ms
364ms Stylesheet
text/css 45.33.77.71
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hrwest.org/website_tools/page.css?page_id=22608

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.33.77.71 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1023-71.members.linode.com

Software

Apache / Phusion Passenger 6.0.7

Resource Hash

ba22f6b65bf049816f8234e13fbd5b0075f4b0068def4ac44a562474263db427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hrwest.org/Home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:46:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger 6.0.7
Transfer-Encoding: chunked
Status: 200 OK
Connection: Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Request-Id: 960de5c0-e5b6-4179-87e1-75ecb9bf8a96
X-Runtime: 0.257643
Last-Modified: Fri, 19 Feb 2021 17:44:02 GMT
Server: Apache
ETag: "3b2df812361104f0d7e8c4c882c6ef90"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Cache-Control: public
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK application-41a4b177ce9d81e12ecac19b9d558a34fe51d559d85777225cd0c8476211bb30.js Show response
tools.eventpower.com/assets/ 466 KB
141 KB 298ms
100ms Script
application/javascript 45.33.77.71
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.eventpower.com/assets/application-41a4b177ce9d81e12ecac19b9d558a34fe51d559d85777225cd0c8476211bb30.js

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.33.77.71 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1023-71.members.linode.com

Software

Apache /

Resource Hash

41a4b177ce9d81e12ecac19b9d558a34fe51d559d85777225cd0c8476211bb30

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:46:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 15:36:40 GMT
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Wed, 23 Mar 2022 03:46:42 GMT

GET
H/1.1 200
OK spinners-e6bf1d034e29fd18bbde6e0b7ed6bbe13f4adc4325dd8be32a342e67cc4cc039.js Show response
tools.eventpower.com/assets/ 8 KB
3 KB 290ms
92ms Script
application/javascript 45.33.77.71
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.eventpower.com/assets/spinners-e6bf1d034e29fd18bbde6e0b7ed6bbe13f4adc4325dd8be32a342e67cc4cc039.js

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.33.77.71 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1023-71.members.linode.com

Software

Apache /

Resource Hash

e6bf1d034e29fd18bbde6e0b7ed6bbe13f4adc4325dd8be32a342e67cc4cc039

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:46:42 GMT
Content-Encoding: gzip
Last-Modified: Sun, 09 Jul 2017 13:32:31 GMT
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2708
Expires: Wed, 23 Mar 2022 03:46:42 GMT

GET
H/1.1 200
OK jquery.lightview-9ff977e604879cf3f125ce005e7a820fde550dd80fdb84e9001d317cc7fcea3d.js Show response
tools.eventpower.com/assets/ 46 KB
21 KB 298ms
97ms Script
application/javascript 45.33.77.71
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.eventpower.com/assets/jquery.lightview-9ff977e604879cf3f125ce005e7a820fde550dd80fdb84e9001d317cc7fcea3d.js

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.33.77.71 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1023-71.members.linode.com

Software

Apache /

Resource Hash

9ff977e604879cf3f125ce005e7a820fde550dd80fdb84e9001d317cc7fcea3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:46:42 GMT
Content-Encoding: gzip
Last-Modified: Sun, 09 Jul 2017 13:32:31 GMT
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 20570
Expires: Wed, 23 Mar 2022 03:46:42 GMT

GET
H/1.1 200
OK jquery.lightview-2018282ca08e0fffc74e8c09479e65f3ad034a376c7eb9b0f6522ac63d44094c.css
tools.eventpower.com/assets/ 15 KB
3 KB 289ms
92ms Stylesheet
text/css 45.33.77.71
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.eventpower.com/assets/jquery.lightview-2018282ca08e0fffc74e8c09479e65f3ad034a376c7eb9b0f6522ac63d44094c.css

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.33.77.71 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1023-71.members.linode.com

Software

Apache /

Resource Hash

2018282ca08e0fffc74e8c09479e65f3ad034a376c7eb9b0f6522ac63d44094c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:46:42 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15 Jan 2017 01:59:09 GMT
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2891
Expires: Wed, 23 Mar 2022 03:46:42 GMT

GET
H/1.1 200
OK 20NCHRA-HRWEST_web_1000_d4fde73a57b2d4785d66a6d9dfb2fecc.png
tools.eventpower.com/paperclip/20NCHRA-HRWEST/banner_Primary_Show_Banner/ 160 KB
161 KB 97ms
94ms Image
image/png 45.33.77.71
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tools.eventpower.com/paperclip/20NCHRA-HRWEST/banner_Primary_Show_Banner/20NCHRA-HRWEST_web_1000_d4fde73a57b2d4785d66a6d9dfb2fecc.png

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.33.77.71 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1023-71.members.linode.com

Software

Apache /

Resource Hash

92c24570ff956696a4f7ae4920326726b2c6eee7e3ecdd7b1b26f22bd53f5ded

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:46:42 GMT
Last-Modified: Fri, 27 Sep 2019 00:27:55 GMT
Server: Apache
ETag: "28184-5937df51a9255"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 164228

GET
H2 200 HR_West_Logo_powered_by_hrdotcom_.png
res-3.cloudinary.com/eventpower/images/v1/web_assets/20nchra-hrwest/snefqocojo5kimbz0b8q/ 55 KB
55 KB 57ms
34ms Image
image/png 2a02:26f0:7100:1b5::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res-3.cloudinary.com/eventpower/images/v1/web_assets/20nchra-hrwest/snefqocojo5kimbz0b8q/HR_West_Logo_powered_by_hrdotcom_.png

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:7100:1b5::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

e6f2ed91a4e9c473d99e032a0adf1707daf3c68148954600ae432e25737eeb16

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:42 GMT
x-content-type-options: nosniff
last-modified: Sat, 25 Jan 2020 02:14:48 GMT
server: Cloudinary
etag: "09c9d4d86328b3467634c41a235455d5"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: akam;dur=28;start=2021-03-23T03:46:42.347Z;desc=miss,rtt;dur=5,cloudinary;dur=78;start=2021-03-21T15:12:42.425Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 55994

GET
H2 200 av7nvgqjen4tohuoeqjd.png
eventpower-res.cloudinary.com/image/upload/c_fit,h_900,w_1920/v1/web_assets/20nchra-hrwest/ 297 KB
297 KB 42ms
12ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eventpower-res.cloudinary.com/image/upload/c_fit,h_900,w_1920/v1/web_assets/20nchra-hrwest/av7nvgqjen4tohuoeqjd.png

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

bf8ff83914756acbba3cf436d89650c458a624cba9298f26535e698ff38e1f91

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:42 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Oct 2019 18:06:57 GMT
server: Cloudinary
etag: "f64c1c11df68a51fce08dc36f0f6d241"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2021-03-23T03:46:42.355Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 303976

GET
H2 200 cffi8jch8mhcqmavpvp1.png
eventpower-res.cloudinary.com/image/upload/c_fit,h_57,w_200/v1/web_assets/20nchra-hrwest/ 4 KB
4 KB 37ms
7ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eventpower-res.cloudinary.com/image/upload/c_fit,h_57,w_200/v1/web_assets/20nchra-hrwest/cffi8jch8mhcqmavpvp1.png

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

e34137d5c29a13d5ab366f3d1f4ccdb72923238fa00e5ae0f936c9c1116bed5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 29 Oct 2019 14:29:20 GMT
server: Cloudinary
etag: "1d0d881275b1f41841ac00fef0f9b2b7"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=1;start=2021-03-23T03:46:42.355Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 4161

GET
H/1.1 200
OK original_jquery.countdown.min.js Show response
tools.eventpower.com/paperclip/web_asset/1851/ 1 KB
1 KB 92ms
92ms Script
application/javascript 45.33.77.71
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.eventpower.com/paperclip/web_asset/1851/original_jquery.countdown.min.js

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.33.77.71 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1023-71.members.linode.com

Software

Apache /

Resource Hash

768c23da86c524bab0d47764f914292d69923cfbaaef39a59a4c3ff0cbfbb9cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:46:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 May 2015 20:07:47 GMT
Server: Apache
ETag: "4ee-5161048030ac0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 636

GET
H2 200 tfuukep815ereykoisga.png
eventpower-res.cloudinary.com/image/upload/c_fit,h_239,w_884/v1/web_assets/20nchra-hrwest/ 31 KB
32 KB 37ms
7ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eventpower-res.cloudinary.com/image/upload/c_fit,h_239,w_884/v1/web_assets/20nchra-hrwest/tfuukep815ereykoisga.png

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

e730e08f968612e7b70fc2f832b04b4ee41570bc2e7aeded1195d596ba9e3989

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:42 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Nov 2019 01:03:39 GMT
server: Cloudinary
etag: "2a604fc7bdf19ff1f21d9392976215a2"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=1;start=2021-03-23T03:46:42.355Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 32103

GET
H2 200 About_HR_West_Graphic.png
res-4.cloudinary.com/eventpower/images/v1/web_assets/20nchra-hrwest/gmrzhpjzv2lv3ziv0bwk/ 589 KB
591 KB 54ms
31ms Image
image/png 2a02:26f0:7100:1b5::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res-4.cloudinary.com/eventpower/images/v1/web_assets/20nchra-hrwest/gmrzhpjzv2lv3ziv0bwk/About_HR_West_Graphic.png

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:7100:1b5::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

1207e5cda03d2de99c7c9178b95567d68583d89162fa9e8e57ebf309e9fb8c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:42 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 Nov 2019 14:34:36 GMT
server: Cloudinary
etag: "01f4b8955517718552c4e24f90017e48"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: akam;dur=23;start=2021-03-23T03:46:42.348Z;desc=hit-near,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 602829

GET
H2 200 About_HR_West_Graphic_mobile_.png
res-4.cloudinary.com/eventpower/images/v1/web_assets/20nchra-hrwest/eoseqemx3wsguhd0fkpr/ 447 KB
449 KB 70ms
48ms Image
image/png 2a02:26f0:7100:1b5::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res-4.cloudinary.com/eventpower/images/v1/web_assets/20nchra-hrwest/eoseqemx3wsguhd0fkpr/About_HR_West_Graphic_mobile_.png

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:7100:1b5::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

b4f00f7021a18873fc93b5e5b37a61e961840350eda24bb08ecd6e14bf075469

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:42 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 Nov 2019 14:57:03 GMT
server: Cloudinary
etag: "ea0f43215424f0e2d8e26a3692f3b9d4"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: akam;dur=23;start=2021-03-23T03:46:42.351Z;desc=miss,rtt;dur=5,cloudinary;dur=84;start=2021-03-16T08:49:20.175Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 458210

GET
H2 200 Why_Attend_Graphic.png
res-5.cloudinary.com/eventpower/images/v1/web_assets/20nchra-hrwest/dlifeb5c0zbj43gbm2j0/ 488 KB
490 KB 32ms
10ms Image
image/png 2a02:26f0:7100:1a7::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res-5.cloudinary.com/eventpower/images/v1/web_assets/20nchra-hrwest/dlifeb5c0zbj43gbm2j0/Why_Attend_Graphic.png

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:7100:1a7::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

e7065ad74a1ed60d375daa5dbcd0a4b6dd19db35aa7d274c5700f45cb6bd605d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:42 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 Nov 2019 14:34:49 GMT
server: Cloudinary
etag: "aef8a9fd278c3d5823b53b698abf172e"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: akam;dur=5;start=2021-03-23T03:46:42.347Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 500044

GET
H2 200 Why_Attend_Graphic_mobile_.png
res-5.cloudinary.com/eventpower/images/v1/web_assets/20nchra-hrwest/fblxb8imvuzox3isrzvg/ 368 KB
369 KB 29ms
28ms Image
image/png 2a02:26f0:7100:1a7::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res-5.cloudinary.com/eventpower/images/v1/web_assets/20nchra-hrwest/fblxb8imvuzox3isrzvg/Why_Attend_Graphic_mobile_.png

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:7100:1a7::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

a743ac642217076dd55740abc86ca0c904c2dc074ce43adc2ea2292c6ef9917b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:42 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 Nov 2019 14:57:19 GMT
server: Cloudinary
etag: "5a88764842fc24dfe53b86b45e350ca4"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: akam;dur=23;start=2021-03-23T03:46:42.354Z;desc=hit-near,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 376891

GET
H2 200 jquery.bxslider.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bxslider/4.2.15/ 24 KB
6 KB 30ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bxslider/4.2.15/jquery.bxslider.min.js

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c0a53a059ae26965d9ec991b34cd620471a1e863125a67ffae50050aead65df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 18046
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5599
cf-request-id: 08feca322200001756f437a000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e1e-5ebc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g7p2hzRTp5fMG4OX5fq2yKE51GuR6E5MYtiVxw786RUTZcvfMoi%2F7sst5iINTm9hvyLsW9Mi19hhju4c4ucn%2Bicw9azcEWBhb1sw9ZC1QvQDmgq%2FJemYwVXsUWmJahhT5A%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6344ac9698cd1756-FRA
expires: Sun, 13 Mar 2022 03:46:42 GMT

GET
H2 200 NCHRA_Logo_updated_.png
res-2.cloudinary.com/eventpower/images/v1/web_assets/19nchra-tech/nr5ysgj6npqmfmb3yqdk/ 38 KB
39 KB 30ms
28ms Image
image/png 2a02:26f0:7100:1a7::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res-2.cloudinary.com/eventpower/images/v1/web_assets/19nchra-tech/nr5ysgj6npqmfmb3yqdk/NCHRA_Logo_updated_.png

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:7100:1a7::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

e6110256dac20cff9e620efc8eb6c4be2bc90c5361c1b9c77f2ccc69da48f2ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 Jun 2019 13:55:13 GMT
server: Cloudinary
etag: "70c24f1a0dd2267fdfaf061d8bcca2cf"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: akam;dur=20;start=2021-03-23T03:46:42.358Z;desc=miss,rtt;dur=5,cloudinary;dur=59;start=2021-03-22T16:30:08.019Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 39211

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: bFLZCQWk6NWK8kI0zMTS0ERV7r4O/m68+xWm8r/v0q6NTZ4KV982xpH5p7ptsmpXNsd0x5TEefGHICXkySVilw==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Tue, 23 Mar 2021 03:46:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 31ms
6ms Script
application/x-javascript 2a02:26f0:7100:481::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.hrwest.org
URL: https://www.hrwest.org/Home
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:481::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:46:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=10861
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ 59 KB
13 KB 40ms
24ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free.min.css?token=02561ddf18
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/02561ddf18.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:41 GMT
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08feca302600004a918db4f000000001
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"390b4210e10c744c3c597500bcf0b31a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OBPyj27fnKKSAz8S94ZY1GgempCswlcno%2Bovyic1neU4PXe0%2B9NbNQm1pCgS1oeRsp3rs8znZX3nz6wujL1LMTn%2B58fsPd1vNdzsbXuxWJk8u3Spt9Qm4TpOzq73N8oHfQ%3D%3D"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6344ac93798a4a91-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: brlh25biCGiuFbSiAXBerA0GQXqeqSgGILa3pOWCXJ06s2fm7A20hA==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ 26 KB
4 KB 43ms
28ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-shims.min.css?token=02561ddf18
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/02561ddf18.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:41 GMT
via: 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08feca302600004a9195014000000001
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"8a99ce81ec2f89fbca03f2c8cf1a3679"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4M4CflJHMPkwJc2xt0FAfvFdpWPjsgcLXCElRnlDiB4x95k%2BEPwzdZgdM9nW6iZF429Re7c9Jf4IOdtme%2F28TxbxVOMFgDPjSFTgmHzynOUqYxImmIaeydiBxWbc8fnGDw%3D%3D"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6344ac93798b4a91-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 3SXTALeJY8U-tSGYtu_732eoMWoRZ_bRhxtw__w3uHUa9fDShKagGQ==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ 3 KB
1 KB 46ms
31ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-font-face.min.css?token=02561ddf18
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/02561ddf18.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:41 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08feca302700004a916eace000000001
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"22be82a519ceafc43258d8f58a37fcf5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AfhvLg%2BuiMY97t3L3Fh43rxy1ZU7mOn2fZ6mcJhC96sLXA20WuXn6rJ%2FdP5J0UEHl05N%2BYkgw1BZ6b%2BH7X%2BwK%2F1PufyU5xWkxzVzbi60fX0FRFvgdFwlWJepN8HzHS6xhQ%3D%3D"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6344ac93798d4a91-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: TWkKUa-AiO01YXPI4E33tsIYaz4TM4XnbCEV-w2SS46pj-jA8YO6dg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6247
date: Tue, 23 Mar 2021 02:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 23 Mar 2021 04:02:35 GMT

GET
H/1.1 200
OK original_caret.png
www.hrwest.org/paperclip/web_asset/1649/ 1001 B
1 KB 93ms
90ms Image
image/png 45.33.77.71
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hrwest.org/paperclip/web_asset/1649/original_caret.png
Requested by: Host: www.hrwest.org
URL: https://www.hrwest.org/website_tools/site.css?site_id=672
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.77.71 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1023-71.members.linode.com
Software: Apache /
Resource Hash: 3cd0c27a31c44ab390a74856ac8d9eb86ff5e448e2c75843e4ccbf3a0885fa57

Request headers

Referer: https://www.hrwest.org/website_tools/site.css?site_id=672
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:46:42 GMT
Last-Modified: Tue, 17 Mar 2015 02:09:35 GMT
Server: Apache
ETag: "3e9-511727545b5c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1001

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.hrwest.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 02:04:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 438153
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Fri, 18 Mar 2022 02:04:09 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 55ms
39ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.hrwest.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:15:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 34270
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:15:32 GMT

GET
H2 200 747170565434233 Show response
connect.facebook.net/signals/config/ 240 KB
69 KB 234ms
233ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/747170565434233?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1ce257f6f75db41e48bcc9c21ae9cedce20c102f2b998db0eb3e3f8c1043bc5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Xs6es7TZrguPyJK5j5LN09YFTc/RUlw4gMTxnQW23K89qmLNbR/Bbk/9S4H8WEIheiNCjRDJxZ2kK2PfM+UXcQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 23 Mar 2021 03:46:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=547610&time=1616471202445&url=https%3A%2F%2Fwww.hrwest.org%2FHome
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D547610%26time%3D1616471202445%26url%3Dhttps%253A%252F%252Fwww.hrwest.org%252FHome...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=547610&time=1616471202445&url=https%3A%2F%2Fwww.hrwest.org%2FHome&liSync=true

0
80 B

171ms
170ms

Image
application/javascript

2620:119:50e3:101::6cae:b45
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=547610&time=1616471202445&url=https%3A%2F%2Fwww.hrwest.org%2FHome&liSync=true
Requested by: Host: www.hrwest.org
URL: https://www.hrwest.org/Home
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e3:101::6cae:b45 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:43 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-eda6
content-type: application/javascript
content-length: 0
x-li-uuid: zKsVr/7bbhZQzQtLDisAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: ui46p/7bbhaQ6PCM5CoAAA==
pragma: no-cache
x-li-pop: afd-prod-lva1
x-msedge-ref: Ref A: 645008E5F78F4D31B9E11C65E8869114 Ref B: FRAEDGE1108 Ref C: 2021-03-23T03:46:43Z
date: Tue, 23 Mar 2021 03:46:42 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=547610&time=1616471202445&url=https%3A%2F%2Fwww.hrwest.org%2FHome&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
126 B 13ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1066108479&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hrwest.org%2FHome&ul=en-us&de=UTF-8&dt=HR%20West%202020&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1720837396&gjid=454948228&cid=2134308502.1616471202&tid=UA-126289305-1&_gid=1600476032.1616471202&_r=1&_slc=1&z=2018558562

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 03:46:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hrwest.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.3/webfonts/ 75 KB
76 KB 21ms
20ms Font
font/woff2 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/webfonts/free-fa-brands-400.woff2
Requested by: Host: www.hrwest.org
URL: https://www.hrwest.org/Home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ccf1652fc1d765e8baae449dfe64d9a4c826da326c03085eb8603a17a7e175d

Request headers

Origin: https://www.hrwest.org
Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:42 GMT
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76732
cf-request-id: 08feca32a900004a916401e000000001
last-modified: Wed, 17 Mar 2021 02:28:17 GMT
server: cloudflare
etag: "f226ebb9ea1cc388279081a65b6a7bb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QhaoNt1jvD0OlWTetuWenizwYy32sGJqJfUMqe8gsUxyHIW76T%2BdmzIFy7qIeZLPXJ%2Bl5RfYF4I5nEzh3IXEWx3jCXL3KnRGGrvFdevv9ds5QarfoHoXKdTezxRUPJF8ag%3D%3D"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6344ac977daf4a91-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: u84tt7_dRoHSFQztulAl_xT2eeAz3ajKz6YLNm2U5dLzowB_5qm-9A==

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.3/webfonts/ 76 KB
77 KB 13ms
13ms Font
font/woff2 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/webfonts/free-fa-solid-900.woff2
Requested by: Host: www.hrwest.org
URL: https://www.hrwest.org/Home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 065eb3954b9ea8584f535ede5b5c563383c3b40e4e0344f75a02c4bf3200314b

Request headers

Origin: https://www.hrwest.org
Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:42 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78212
cf-request-id: 08feca32a900004a91b6259000000001
last-modified: Wed, 17 Mar 2021 02:28:18 GMT
server: cloudflare
etag: "4e463cfb29c596ba3bb8b0c2469914e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=crfxpUFOvvxzV%2FxU%2FoPpt8fPiKLWsRlPq3FmxRsjnlS8oLz502fhtvsREZ83mRoKMCJS1sn9lyV%2FinHVxynB9LKjUhpVuq8UqmGIFgoG52%2BJ1%2Ba4VmCHnzO%2FPFrSIVMfJw%3D%3D"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6344ac977db04a91-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 3aSv1i0ugNM7qZN8XA72dq-Zthht7OyyqkhSD5XVBc7-zzIPGJSHvw==

GET
H/1.1 200
OK pixel.gif
devweb.hr.com/console/track/ 43 B
479 B 633ms
127ms Image
image/gif 209.126.105.171
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://devweb.hr.com/console/track/pixel.gif?url=https%3A%2F%2Fwww.hrwest.org%2FHome

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.126.105.171 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

condor1104.startdedicated.com

Software

nginx + Phusion Passenger 6.0.4 / Express, Phusion Passenger 6.0.4

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:46:43 GMT
Server: nginx + Phusion Passenger 6.0.4
X-Powered-By: Express, Phusion Passenger 6.0.4
Strict-Transport-Security: max-age=15768000
Content-Type: image/gif
Status: 200 OK
Cache-Control: public, max-age=0
Connection: keep-alive
Content-Length: 43

GET
H2 200 default Show response
embed.tawk.to/5e46f73ba89cda5a188609ea/ 11 KB
4 KB 33ms
16ms Script
application/x-javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5e46f73ba89cda5a188609ea/default

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

628f8314fda3f97ab2a658ee25901eb1dc06359d67b43e10f94f3994383aa029

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.hrwest.org
Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3553
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08feca32ce00002bf2b0239000000001
server: cloudflare
etag: W/"stable-v3-709-en"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400, s-maxage=3600
cf-ray: 6344ac97bd9d2bf2-FRA

GET
H/1.1 404
Not Found blank-b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b.gif
tools.eventpower.com//tools.eventpower.com/assets/lightview/ 2 KB
2 KB 112ms
112ms Image
image/gif 45.33.77.71
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tools.eventpower.com//tools.eventpower.com/assets/lightview/blank-b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b.gif

Requested by

Host: tools.eventpower.com
URL: https://tools.eventpower.com/assets/jquery.lightview-2018282ca08e0fffc74e8c09479e65f3ad034a376c7eb9b0f6522ac63d44094c.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.33.77.71 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1023-71.members.linode.com

Software

Apache / Phusion Passenger 6.0.7

Resource Hash

03c8667f2279328f78f3600751e23bc393098ccb00adf51ccf6d5fd6fb2ec482

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tools.eventpower.com/assets/jquery.lightview-2018282ca08e0fffc74e8c09479e65f3ad034a376c7eb9b0f6522ac63d44094c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:46:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger 6.0.7
Transfer-Encoding: chunked
Status: 404 Not Found
Connection: Keep-Alive
Vary: Accept-Encoding
Access-Control-Request-Method: *
X-Request-Id: a07626d1-4872-45f1-bdb6-20d7e9ea84b4
X-Runtime: 0.018815
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Server: Apache
x-frame-options: ALLOWALL
Strict-Transport-Security: max-age=63072000; includeSubDomains
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK original_bx_loader.gif
www.hrwest.org/paperclip/web_asset/2951/ 8 KB
9 KB 90ms
90ms Image
image/gif 45.33.77.71
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hrwest.org/paperclip/web_asset/2951/original_bx_loader.gif
Requested by: Host: www.hrwest.org
URL: https://www.hrwest.org/website_tools/site.css?site_id=672
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.77.71 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1023-71.members.linode.com
Software: Apache /
Resource Hash: 6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Request headers

Referer: https://www.hrwest.org/website_tools/site.css?site_id=672
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:46:42 GMT
Last-Modified: Tue, 08 Dec 2015 18:08:11 GMT
Server: Apache
ETag: "2185-52666db570fc3"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 8581

GET
H/1.1 200
OK original_controls.png
www.hrwest.org/paperclip/web_asset/2941/ 3 KB
3 KB 94ms
94ms Image
image/png 45.33.77.71
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hrwest.org/paperclip/web_asset/2941/original_controls.png
Requested by: Host: www.hrwest.org
URL: https://www.hrwest.org/website_tools/site.css?site_id=672
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.77.71 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1023-71.members.linode.com
Software: Apache /
Resource Hash: 257206c4fd6bcee36927eb0ef2ba087b5dfc6c9a18df7f8553878bf847616226

Request headers

Referer: https://www.hrwest.org/website_tools/site.css?site_id=672
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:46:42 GMT
Last-Modified: Tue, 08 Dec 2015 18:07:59 GMT
Server: Apache
ETag: "af6-52666da912909"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2806

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=747170565434233&ev=PageView&dl=https%3A%2F%2Fwww.hrwest.org%2FHome&rl=&if=false&ts=1616471202687&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1616471202686.733737922&it=1616471202429&coo=false&rqm=GET

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 23 Mar 2021 03:46:42 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
5ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=747170565434233&ev=Microdata&dl=https%3A%2F%2Fwww.hrwest.org%2FHome&rl=&if=false&ts=1616471203191&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22HR%20West%202020%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22HR%20West%20Conference%20%7C%20March%209-11%2C%202020%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fres-3.cloudinary.com%2Feventpower%2Fimages%2Fv1%2Fweb_assets%2F20nchra-hrwest%2Fxhxckxdwm9vf9rgqoyln%2FSocial_Media_Graphic.png%22%2C%22og%3Adescription%22%3A%22The%20HR%20West%20Conference%20shapes%20the%20future%20of%20HR%20together%20with%20the%20HR%20community.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.hrwest.org%2F%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1616471202686.733737922&it=1616471202429&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.hrwest.org
URL: https://www.hrwest.org/Home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 23 Mar 2021 03:46:43 GMT

GET
H2 200 app.js Show response
static-v.tawk.to/709/ 503 KB
111 KB 30ms
29ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-v.tawk.to/709/app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5e46f73ba89cda5a188609ea/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a64587179f88ce099e304e1aba99e844db374d0b49c6db9fcdb79f18fa72c889

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.hrwest.org
Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 29381
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08feca35d700002bf2c5aa0000000001
last-modified: Fri, 15 Jan 2021 22:41:20 GMT
server: cloudflare
etag: W/"d4160b3dd3f8809cdee87d79588bd521"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6344ac9c88cc2bf2-FRA

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 2 KB
1 KB 14ms
12ms XHR
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5e46f73ba89cda5a188609ea&widgetId=default

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a919b2b7bd853b669e274da63d779eab046f40d85abeff1a0456174ae3cf2811

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3553
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08feca361300002bf220b20000000001
x-served-by: visitor-application-preemptive-hwpz
server: cloudflare
etag: W/"1-2-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400, s-maxage=14400
cf-ray: 6344ac9ce9122bf2-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 41 KB
13 KB 95ms
46ms Script
text/javascript 23.218.208.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.hrwest.org
URL: https://www.hrwest.org/Home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-121.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3af3107c28f09b96f740aa5adeaccb35c0b2c68e5ec96302c908e12abdf29307

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1oocf1uJYNAGnrYAAtPutY1Fw5gtF4.O
Content-Encoding: gzip
ETag: "c02d58b39195634517b05a7b6b5218ec"
x-amz-request-id: QVP18K4H4XA1QT8X
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12915
x-amz-id-2: uQFHz8Es+qLmZidqpIreG3cUDGdeKqtZTTkemqz+7IFbceEXdw118a1NTX46R94s5tLmAcHPZn8=
Last-Modified: Wed, 17 Mar 2021 19:48:00 GMT
Server: AmazonS3
Date: Tue, 23 Mar 2021 03:46:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

POST
H2 200 1616471203350 Show response
va.tawk.to/register/ 1 KB
2 KB 211ms
196ms XHR
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/register/1616471203350

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00debb60e5f2a727502b6d6205c6d559cf03038fd675f351ea9019132c4fcb02

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Mar 2021 03:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08feca362800002ba178b6a000000001
x-served-by: visitor-application-preemptive-hwpz
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.hrwest.org
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 6344ac9d0ef02ba1-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/5X5YYOSAS5BHTOWY6A4ISF/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

23ms
23ms

Script
application/javascript

23.218.208.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-121.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8C_4p5S6NLuKOM2fXKpm7asomxwPn3IL
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: A6E4D842C4F3666B
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: 1Pslf+Y9QwUHIZmwUo95w2CKA8MTrgZpbGBRFLUwAevxRDJ3euWTGuAJ2AJ78njOjdUd48ZsKSg=
Last-Modified: Tue, 19 Jan 2021 16:25:36 GMT
Server: AmazonS3
Date: Tue, 23 Mar 2021 03:46:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Tue, 23 Mar 2021 03:46:43 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/5X5YYOSAS5BHTOWY6A4ISF/2BETTGHWMJFWVJYCSX7R22/ 4 KB
2 KB 70ms
26ms Script
text/javascript 23.218.208.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/5X5YYOSAS5BHTOWY6A4ISF/2BETTGHWMJFWVJYCSX7R22/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-121.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: PdilE9qEx_b6sGufrmGqaFureZa3gfSt
Content-Encoding: gzip
ETag: "33ed216ef4569e95a97e55fb39d91d38"
x-amz-request-id: HX34YGSTMQ8HRYD0
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1800
x-amz-id-2: +42ZlQREAa1miDwASL/BIug8jvldwXSx6dchvxnZZVyEgt72/Wx1sjuETipS8yE/LS6meqBF/Xo=
Last-Modified: Mon, 22 Mar 2021 16:46:37 GMT
Server: AmazonS3
Date: Tue, 23 Mar 2021 03:46:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/5X5YYOSAS5BHTOWY6A4ISF/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/5X5YYOSAS5BHTOWY6A4ISF?_s=1644fa311494bd00e4f987e922c19478&_b=2
https://d.adroll.com/consent/check/5X5YYOSAS5BHTOWY6A4ISF/?_s=1644fa311494bd00e4f987e922c19478&_b=2

385 B
478 B

108ms
36ms

Script
application/javascript

54.74.23.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/5X5YYOSAS5BHTOWY6A4ISF/?_s=1644fa311494bd00e4f987e922c19478&_b=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.23.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-23-153.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 0f61df4537a404351064f88e7df5626a7b21e6e641bace4ea7786055ed74a147

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:43 GMT
server: nginx/1.18.0
content-length: 385
content-type: application/javascript

Redirect headers

location: https://d.adroll.com/consent/check/5X5YYOSAS5BHTOWY6A4ISF/?_s=1644fa311494bd00e4f987e922c19478&_b=2
date: Tue, 23 Mar 2021 03:46:43 GMT
server: nginx/1.18.0
content-length: 105

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame EC6E 7 KB
643 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4b20c06a20b7c958a8ebc8d7dd6766a94be7adfb473f4f68e2217b08620fda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 03:39:45 GMT
server: ESF
date: Tue, 23 Mar 2021 03:46:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 03:46:43 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame C7A3 7 KB
597 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4b20c06a20b7c958a8ebc8d7dd6766a94be7adfb473f4f68e2217b08620fda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 03:41:19 GMT
server: ESF
date: Tue, 23 Mar 2021 03:46:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 03:46:43 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame F607 7 KB
597 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4b20c06a20b7c958a8ebc8d7dd6766a94be7adfb473f4f68e2217b08620fda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 01:47:06 GMT
server: ESF
date: Tue, 23 Mar 2021 03:46:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 03:46:43 GMT

GET
H2 200 emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame F607 192 B
512 B 22ms
6ms Stylesheet
text/css 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3559654
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 152
etag: W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
x-served-by: cache-fra19153-FRA, cache-hhn4025-HHN
date: Tue, 23 Mar 2021 03:46:43 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame F607 295 KB
53 KB 22ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3559655
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 53889
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
x-served-by: cache-fra19161-FRA, cache-hhn4025-HHN
date: Tue, 23 Mar 2021 03:46:43 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
vsb70.tawk.to/s/ 101 B
227 B 668ms
659ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsb70.tawk.to/s/?k=605964a3eb6b714e1b7c03a2&u=ODiGbsEPpUcEy%2Bv5wW%2F3wLDmIEBmlKC3qowME84OBwdHtm2qzj6cyS6qsYqyL8J9&uv=2&a=5e46f73ba89cda5a188609ea&cver=0&pop=false&jv=709&asver=142&ust=false&EIO=3&transport=polling&__t=NXTCHyQ

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

069faa17d7a0a03b28efb4453b9b367ce86b7ab849cbe683b6947c0c9e4db03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:44 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://www.hrwest.org
access-control-allow-credentials: true
cf-ray: 6344ac9eaffb2ba1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 101
cf-request-id: 08feca372500002ba178b72000000001

GET
H2 200 168-r-cr.svg
static-v.tawk.to/a-v3/images/bubbles/ Frame 8A19 22 KB
6 KB 13ms
13ms Image
image/svg+xml 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-v.tawk.to/a-v3/images/bubbles/168-r-cr.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e86e8012c22c2c694094eb82ba35afefb2957b018771c4dc0d3c7ab97038984b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2075169
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08feca371e00002ba17c357000000001
last-modified: Fri, 15 Jan 2021 12:12:39 GMT
server: cloudflare
etag: W/"4b11a33d04b54c144c07642203b82276"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6344ac9e9ff62ba1-FRA

GET
H2 200 26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame F607 413 B
546 B 10ms
7ms Image
image/png 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 3559653
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 413
etag: W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
x-served-by: cache-fra19122-FRA, cache-hhn4025-HHN
date: Tue, 23 Mar 2021 03:46:43 GMT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 397 KB
55 KB 29ms
28ms Script
application/javascript 23.218.208.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-121.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bf40c262b047615208bc2d84984e7854b8a2ec9801f1c6e99c0b79a9f32380b5

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 7sDcLvGKTPrh8xIq2f5DynXc_Mi9vQVX
Content-Encoding: gzip
ETag: "1f2c64002f8e1b6eb56c304c2e892afb"
x-amz-request-id: 9C0A466D5B644741
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 55575
x-amz-id-2: RKvpIdckCIUfU1lGu4A9Vc4434+rKFeY6PhXnAc0s4O7wCj+IxmfMnCnJnqRhSwxJEODB4ztDYM=
Last-Modified: Mon, 07 Dec 2020 23:59:35 GMT
Server: AmazonS3
Date: Tue, 23 Mar 2021 03:46:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK favicon-32x32.png
nextroll.com/ 2 KB
2 KB 321ms
106ms Image
image/png 54.235.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nextroll.com/favicon-32x32.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-211-105.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:46:44 GMT
Via: 1.1 vegur
Last-Modified: Thu, 18 Mar 2021 18:08:30 GMT
Server: Apache
Etag: "64f-5bdd37c9d8380"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1615

GET
H2 200 / Show response
vsb70.tawk.to/s/ 77 B
266 B 659ms
659ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c9d3257d2e69bc8e10d10024ff4492616ca6471d8f8be585dc7ab4733b2343b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:44 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://www.hrwest.org
access-control-allow-credentials: true
cf-ray: 6344aca2cb172ba1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77
cf-request-id: 08feca39bc00002ba14788f000000001

POST
H2 200 v3 Show response
va.tawk.to/log-performance/ 5 B
165 B 172ms
172ms XHR
text/html 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Mar 2021 03:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08feca3c5000002ba188256000000001
x-served-by: visitor-application-preemptive-cpnx
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.hrwest.org
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 6344aca6eda42ba1-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H2 200 / Show response
vsb70.tawk.to/s/ 4 B
89 B 677ms
677ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrwest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://www.hrwest.org
access-control-allow-credentials: true
cf-ray: 6344aca6eda62ba1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4
cf-request-id: 08feca3c5100002ba153b66000000001

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hrwest.org/	1970-01-19 17:01:11	Name: _gat Value: 1
.hrwest.org/	1970-01-19 17:02:37	Name: _gid Value: GA1.2.1600476032.1616471202
.hrwest.org/	1970-01-20 10:32:23	Name: _ga Value: GA1.2.2134308502.1616471202
.hrwest.org/	1970-01-19 19:10:47	Name: _fbp Value: fb.1.1616471202686.733737922
www.hrwest.org/	1970-01-19 17:15:35	Name: eventpower_tools_session_ Value: ce482629e5d2e5c4b20f76f3479315bd

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
devweb.hr.com
embed.tawk.to
eventpower-res.cloudinary.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
nextroll.com
px.ads.linkedin.com
res-2.cloudinary.com
res-3.cloudinary.com
res-4.cloudinary.com
res-5.cloudinary.com
s.adroll.com
snap.licdn.com
static-v.tawk.to
tools.eventpower.com
va.tawk.to
vsb70.tawk.to
www.facebook.com
www.google-analytics.com
www.hrwest.org
www.linkedin.com
209.126.105.171
23.218.208.121
2606:4700:10::6816:1983
2606:4700::6810:135e
2606:4700::6812:1734
2606:4700:e6::ac40:ca1c
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::200e
2a00:1450:4001:829::200a
2a02:26f0:7100:1a7::523
2a02:26f0:7100:1b5::523
2a02:26f0:7100:481::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::393
2a04:4e42:1b::621
3.248.28.111
45.33.77.71
54.235.211.105
54.74.23.153
67.199.248.10
00debb60e5f2a727502b6d6205c6d559cf03038fd675f351ea9019132c4fcb02
03c8667f2279328f78f3600751e23bc393098ccb00adf51ccf6d5fd6fb2ec482
065eb3954b9ea8584f535ede5b5c563383c3b40e4e0344f75a02c4bf3200314b
069faa17d7a0a03b28efb4453b9b367ce86b7ab849cbe683b6947c0c9e4db03e
0c9d3257d2e69bc8e10d10024ff4492616ca6471d8f8be585dc7ab4733b2343b
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f61df4537a404351064f88e7df5626a7b21e6e641bace4ea7786055ed74a147
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11124b775fabb0a9539686995706bc14fd629c8888bc4cab89a3c29335ce3949
1207e5cda03d2de99c7c9178b95567d68583d89162fa9e8e57ebf309e9fb8c6e
1ccf1652fc1d765e8baae449dfe64d9a4c826da326c03085eb8603a17a7e175d
2018282ca08e0fffc74e8c09479e65f3ad034a376c7eb9b0f6522ac63d44094c
257206c4fd6bcee36927eb0ef2ba087b5dfc6c9a18df7f8553878bf847616226
321436baeb200f9c980b90240b40232e3ba980b7b1eea34576cf57189e81b98d
362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af
3af3107c28f09b96f740aa5adeaccb35c0b2c68e5ec96302c908e12abdf29307
3cd0c27a31c44ab390a74856ac8d9eb86ff5e448e2c75843e4ccbf3a0885fa57
41a4b177ce9d81e12ecac19b9d558a34fe51d559d85777225cd0c8476211bb30
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
628f8314fda3f97ab2a658ee25901eb1dc06359d67b43e10f94f3994383aa029
6c0a53a059ae26965d9ec991b34cd620471a1e863125a67ffae50050aead65df
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
72c9edca4ebc5a3375b59f53ceb73b69c626bd63b286a028848d9dc4484c4a02
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
768c23da86c524bab0d47764f914292d69923cfbaaef39a59a4c3ff0cbfbb9cf
92c24570ff956696a4f7ae4920326726b2c6eee7e3ecdd7b1b26f22bd53f5ded
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
9ff977e604879cf3f125ce005e7a820fde550dd80fdb84e9001d317cc7fcea3d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a64587179f88ce099e304e1aba99e844db374d0b49c6db9fcdb79f18fa72c889
a743ac642217076dd55740abc86ca0c904c2dc074ce43adc2ea2292c6ef9917b
a919b2b7bd853b669e274da63d779eab046f40d85abeff1a0456174ae3cf2811
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
b4f00f7021a18873fc93b5e5b37a61e961840350eda24bb08ecd6e14bf075469
ba22f6b65bf049816f8234e13fbd5b0075f4b0068def4ac44a562474263db427
bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bf40c262b047615208bc2d84984e7854b8a2ec9801f1c6e99c0b79a9f32380b5
bf8ff83914756acbba3cf436d89650c458a624cba9298f26535e698ff38e1f91
c1ce257f6f75db41e48bcc9c21ae9cedce20c102f2b998db0eb3e3f8c1043bc5
c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929
e34137d5c29a13d5ab366f3d1f4ccdb72923238fa00e5ae0f936c9c1116bed5c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b20c06a20b7c958a8ebc8d7dd6766a94be7adfb473f4f68e2217b08620fda4
e5a749caed0ee293e13c4d15b8820a7ee41c2435115f695dd94b0fd2e896017a
e6110256dac20cff9e620efc8eb6c4be2bc90c5361c1b9c77f2ccc69da48f2ac
e6bf1d034e29fd18bbde6e0b7ed6bbe13f4adc4325dd8be32a342e67cc4cc039
e6f2ed91a4e9c473d99e032a0adf1707daf3c68148954600ae432e25737eeb16
e7065ad74a1ed60d375daa5dbcd0a4b6dd19db35aa7d274c5700f45cb6bd605d
e730e08f968612e7b70fc2f832b04b4ee41570bc2e7aeded1195d596ba9e3989
e86e8012c22c2c694094eb82ba35afefb2957b018771c4dc0d3c7ab97038984b
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f87b68b339e9ef1dbbdf7b4cf3890a452208dedc7174b209694bf9bd0068168b

www.hrwest.org Open in urlscan Pro 45.33.77.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

100 %HTTPS

73 %IPv6

19 Domains

29 Subdomains

23 IPs

3 Countries

3263 kBTransfer

5063 kBSize

5 Cookies

9 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hrwest.org Open in urlscan Pro
45.33.77.71 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

100 %
HTTPS

73 %
IPv6

19
Domains

29
Subdomains

23
IPs

3
Countries

3263 kB
Transfer

5063 kB
Size

5
Cookies

63 HTTP transactions
0 data transactions