urlscan.io logo urlscan.io
SecurityTrails logo

www2.rival-hr.com Open in urlscan Pro
18.208.125.13  Public Scan

Go To Rescan Add Verdict Report
URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1...
Submission: On December 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 22 domains to perform 42 HTTP transactions. The main IP is 18.208.125.13, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www2.rival-hr.com.
TLS certificate: Issued by R3 on November 7th 2023. Valid for: 3 months.
This is the only time www2.rival-hr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 18.208.125.13 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2620:116:800d... 16509 (AMAZON-02)
1 52.85.92.7 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
1 2 52.30.179.44 16509 (AMAZON-02)
1 35.244.174.68 396982 (GOOGLE-CL...)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2600:9000:223... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
42 22
2    18.208.125.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-125-13.compute-1.amazonaws.com
www2.rival-hr.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2600:9000:223d:2200:d:7e9b:1200:93a1 (United States)

ASN16509 (AMAZON-02, US)
storage.pardot.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    52.85.92.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-92-7.ham50.r.cloudfront.net
scripts.demandbase.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    52.30.179.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-179-44.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2600:9000:223c:3000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
px4.ads.linkedin.com — Cisco Umbrella Rank: 6419
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
21 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
407 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
91 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1276
pixel.quantserve.com — Cisco Umbrella Rank: 1011
10 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
185 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
47 KB
2 rival-hr.com
www2.rival-hr.com
26 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6765
455 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
455 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1296
1 KB
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 711
98 B
1 demandbase.com
scripts.demandbase.com — Cisco Umbrella Rank: 10603
16 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 763
15 KB
1 pardot.com
storage.pardot.com — Cisco Umbrella Rank: 10297
17 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 988
6 KB
0 cheshireimpact.com Failed
www.cheshireimpact.com Failed
0 engagio.com Failed
web-analytics.engagio.com Failed
0 snapapp.com Failed
scdn.snapapp.com Failed
0 googleapis.com Failed
fonts.googleapis.com Failed
42 22
Domain Requested by
2 px.ads.linkedin.com 1 redirects snap.licdn.com
2 match.prod.bidr.io 1 redirects www2.rival-hr.com
2 connect.facebook.net www2.rival-hr.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www2.rival-hr.com
www.googletagmanager.com
2 cdnjs.cloudflare.com www2.rival-hr.com
cdnjs.cloudflare.com
2 www2.rival-hr.com www2.rival-hr.com
1 www.facebook.com www2.rival-hr.com
1 pixel.quantserve.com www2.rival-hr.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.google.de www2.rival-hr.com
1 www.google.com www2.rival-hr.com
1 rules.quantcount.com secure.quantserve.com
1 px4.ads.linkedin.com www2.rival-hr.com
1 id.rlcdn.com www2.rival-hr.com
1 region1.google-analytics.com www.googletagmanager.com
1 scripts.demandbase.com www2.rival-hr.com
1 secure.quantserve.com www2.rival-hr.com
1 snap.licdn.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 storage.pardot.com www2.rival-hr.com
1 maxcdn.bootstrapcdn.com www2.rival-hr.com
0 www.cheshireimpact.com Failed www2.rival-hr.com
0 web-analytics.engagio.com Failed www2.rival-hr.com
0 scdn.snapapp.com Failed www2.rival-hr.com
0 fonts.googleapis.com Failed www2.rival-hr.com
42 26

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
www.silkroad.com
Subject Issuer Validity Valid
www2.rival-hr.com
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
storage.pardot.com
Amazon RSA 2048 M02		 2023-09-25 -
2024-10-24		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
tag.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2023-08-23 -
2024-09-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-29 -
2023-12-28		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Frame ID: 1412445C9D2FD244FB88C264D249D289
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SilkRoad Technology, Inc

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

42
Requests

60 %
HTTPS

76 %
IPv6

22
Domains

26
Subdomains

22
IPs

4
Countries

439 kB
Transfer

1291 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
Request Chain 31
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3190716&time=1703098030494&url=https%3A%2F%2Fwww2.rival-hr.com%2FlistUnsubscribeHeader%2Fu%2F61532%2Fe666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b%2F1221608427 HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3190716&time=1703098030494&url=https%3A%2F%2Fwww2.rival-hr.com%2FlistUnsubscribeHeader%2Fu%2F61532%2Fe666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b%2F1221608427&e_ipv6=AQKuktgRz8-jSwAAAYyIjZpN14TMaLVjYz_qWV2Av1F4JWP-0htVf-_QkqfJUHKnAz3WshE

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1221608427
www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/ 		88 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-125-13.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
2dd19a7c94145c3505fe8c1be2aca2cc889c6cdf3693740f443eef880e97a35d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
17661
Content-Type
text/html; charset=utf-8
Date
Wed, 20 Dec 2023 18:47:09 GMT
Server
PardotServer
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
pragma
no-cache
referrer-policy
no-referrer
vary
Accept-Encoding,User-Agent
x-pardot-rsp
0/0/1
x-robots-tag
nofollow, noindex
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: www2.rival-hr.com
URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:47:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
632, 617, 617
age
1788777
cdn-cachedat
2021-06-08 21:08:57
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
e6a55b08fe5091f45c9e99ce9e9f98c2
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
838a0d5fe8e66acb-FRA
cdn-requestpullsuccess
True
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/3.2.1/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/3.2.1/css/font-awesome.min.css
Requested by
Host: www2.rival-hr.com
URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:47:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
603079
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3555
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-5644"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2gSx2D4hKugX3s2ORz3hTiJKohmP7nryo%2BK910axbCqoFUAEo%2BEa1QINTymhiuwZD9hawU4KgUEfWl1CulniXV8fmaWAnoVaW0omtMU6P70iKYdNJW%2Blz2gFgmamvjdmhF1rGPCZwkb9DCbnzKVJxtq"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
838a0d5feef79b1c-FRA
expires
Mon, 09 Dec 2024 18:47:10 GMT
form.css
www2.rival-hr.com/css/ 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www2.rival-hr.com/css/form.css?ver=2021-09-20
Requested by
Host: www2.rival-hr.com
URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-125-13.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
6dbd1967a8963d2eead020be31031ed12df79148acfea8cb787fa1358d5b4559

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 18:47:10 GMT
content-encoding
gzip
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
last-modified
Mon, 11 Dec 2023 05:21:54 GMT
Server
PardotServer
etag
"7be2-gzip"
vary
Accept-Encoding,User-Agent
Content-Type
text/css
cache-control
max-age=63072000
Connection
keep-alive
accept-ranges
bytes
Content-Length
7660
expires
Fri, 19 Dec 2025 18:47:10 GMT
SilkRoadLogo.png
storage.pardot.com/61532/1248/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.pardot.com/61532/1248/SilkRoadLogo.png
Requested by
Host: www2.rival-hr.com
URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2200:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90f9a5d069493a37d5d49f4a8cd25bd2ba1c2437961a9365c0f2c0e8e11b0c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:26:56 GMT
x-amz-version-id
null
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2016 14:32:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
1215
etag
"ea8f08dfc873c006e0dccb7b7409df80"
x-cache
Hit from cloudfront
content-type
image/png; charset=binary
accept-ranges
bytes
content-length
17210
x-amz-cf-id
Sygc1mz0CkVIpBNrWEtSUZ-zrqk5CbFICe1jc3BLjnbfLhOQC-dIkQ==
gtm.js
www.googletagmanager.com/ 		254 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TPPJR6
Requested by
Host: www2.rival-hr.com
URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9900f58fb736909ade797204cc0f87979683d444dc7c4fe6a8137e26196c5551
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:47:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90808
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Dec 2023 18:47:10 GMT
css
fonts.googleapis.com/ 		0
0
avada_style.css
storage.pardot.com/61532/478/ 		0
0
avada_font_awesome.css
storage.pardot.com/61532/482/ 		0
0
avada_font_awesome.css
storage.pardot.com/61532/482/ 		0
0
avada_animations.css
storage.pardot.com/61532/484/ 		0
0
media.css
storage.pardot.com/61532/490/ 		0
0
jquery.js
storage.pardot.com/61532/492/ 		0
0
jquery_migrate.min.js
storage.pardot.com/61532/494/ 		0
0
css
fonts.googleapis.com/ 		0
0
modernizr.js
storage.pardot.com/61532/498/ 		0
0
main.js
storage.pardot.com/61532/500/ 		0
0
widget.js
scdn.snapapp.com/widget/ 		0
0
ei.js
web-analytics.engagio.com/js/ 		0
0
icomoon.woff
www.cheshireimpact.com/wp-content/themes/Avada/fonts/icomoon/ 		0
0
icomoon.ttf
www.cheshireimpact.com/wp-content/themes/Avada/fonts/icomoon/ 		0
0
fontawesome-webfont.woff
cdnjs.cloudflare.com/ajax/libs/font-awesome/3.2.1/font/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/3.2.1/font/fontawesome-webfont.woff?v=3.2.1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/3.2.1/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97aa2b34732c852c83a87a12c82d2231892fb82470f53271cdd612587b12bb22
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/3.2.1/css/font-awesome.min.css
Origin
https://www2.rival-hr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:47:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1956331
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
43576
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-aa34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUhdTSKtueys7F50%2BtaE85u0PWNzuiFQQbNAtvYzV%2FP9Ex%2F%2BN8nBh7IqfXmZb298vedin9SugcRNCG%2B%2FmbVNj28gzcq4DPlpFeRSeXkePYEIa8KDV9M74eroSey2JbGLcWmixO8E8XAxB4GKE%2BsYzUia"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
838a0d609b053804-FRA
expires
Mon, 09 Dec 2024 18:47:10 GMT
js
www.googletagmanager.com/gtag/ 		294 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2FPZDBC6PX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPPJR6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
afe0cafa6e1530b7558789f81a90aeca6b46141ae524875e952df7e7146aa684
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:47:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97797
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 20 Dec 2023 18:47:10 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPPJR6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 20 Dec 2023 17:48:14 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3536
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 20 Dec 2023 19:48:14 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1068388636/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1068388636/?random=1703098030364&cv=11&fst=1703098030364&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6954383&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww2.rival-hr.com%2FlistUnsubscribeHeader%2Fu%2F61532%2Fe666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b%2F1221608427&hn=www.googleadservices.com&frm=0&tiba=SilkRoad%20Technology%2C%20Inc&auid=354982807.1703098030&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPPJR6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c258ad68bc66fd00f78ab59936f8088e75f34412c932a7fbe1c3b0ce861716ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 18:47:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1353
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPPJR6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:47:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Dec 2023 13:09:33 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=83592
accept-ranges
bytes
content-length
15541
aquant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/aquant.js?a=p-SvxZbAEeAwKy8
Requested by
Host: www2.rival-hr.com
URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:47:10 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 27 Dec 2023 18:47:10 GMT
5deb1c31.min.js
scripts.demandbase.com/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.demandbase.com/5deb1c31.min.js
Requested by
Host: www2.rival-hr.com
URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.92.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-92-7.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1d04ae993d82b24a8a81ccf873d00965ccb3c65615fb9751ca7c713203b92b7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
qKoS1OcJTMUGf8a20veXuKnBDjdFqEzz
content-encoding
gzip
via
1.1 3bfd04a794dcee9eaf362ae07e8fbe20.cloudfront.net (CloudFront)
date
Wed, 20 Dec 2023 18:46:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
HAM50-C1
age
3239
x-cache
Hit from cloudfront
last-modified
Tue, 08 Dec 2020 00:28:42 GMT
server
AmazonS3
etag
W/"ea78c9c3b1bcb11a2d987ab66d928f83"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id
wN9FTIrUY9tGYnJHotyAKrA5dzHxn8D_6uHpn7EDdwc38MqRX6sX9A==
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www2.rival-hr.com
URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 20 Dec 2023 18:47:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
CmAaJt2XYRaVvVFvqo0+fTY2tH95Ymfrb+oAbrLAmGkNwF1TmW350Q1zzibCCifuGFYpKv0wSXjo/GImfxPoRg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2FPZDBC6PX&gtm=45je3bt0v9116669866z86954383&_p=1703098029978&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2142047799.1703098030&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703098030&sct=1&seg=0&dl=https%3A%2F%2Fwww2.rival-hr.com%2FlistUnsubscribeHeader%2Fu%2F61532%2Fe666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b%2F1221608427&dt=SilkRoad%20Technology%2C%20Inc&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1126
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2FPZDBC6PX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 18:47:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www2.rival-hr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
demandbase
match.prod.bidr.io/cookie-sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/demandbase
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
27 B
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
Requested by
Host: www2.rival-hr.com
URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Protocol
HTTP/1.1
Server
52.30.179.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-179-44.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
0c3cea978a84b6745af467e270fefbe0436fabfb700cdf2d546f034753e20990
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 18:47:10 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
27
content-type
text/plain

Redirect headers

location
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
Date
Wed, 20 Dec 2023 18:47:10 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
464526.gif
id.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/464526.gif
Requested by
Host: www2.rival-hr.com
URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:47:10 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3190716&time=1703098030494&url=https%3A%2F%2Fwww2.rival-hr.com%2FlistUnsubscribeHeader%2Fu%2F61532%2Fe666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3190716&time=1703098030494&url=https%3A%2F%2Fwww2.rival-hr.com%2FlistUnsubscribeHeader%2Fu%2F61532%2Fe666c69df2eda2a5af7050d8276aeed6883e1ee9bd41...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3190716&time=1703098030494&url=https%3A%2F%2Fwww2.rival-hr.com%2FlistUnsubscribeHeader%2Fu%2F61532%2Fe666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b%2F1221608427&e_ipv6=AQKuktgRz8-jSwAAAYyIjZpN14TMaLVjYz_qWV2Av1F4JWP-0htVf-_QkqfJUHKnAz3WshE
Requested by
Host: www2.rival-hr.com
URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:47:10 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 8BD105D0AD51477C9826129E97B8EEB8 Ref B: DUS30EDGE0407 Ref C: 2023-12-20T18:47:10Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYM9Wkm5sG0tUAW2/A3/Q==

Redirect headers

date
Wed, 20 Dec 2023 18:47:09 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: AAB7F9E273FD4CDBBBEB0E7C4F7DB63F Ref B: FRAEDGE1522 Ref C: 2023-12-20T18:47:10Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3190716&time=1703098030494&url=https%3A%2F%2Fwww2.rival-hr.com%2FlistUnsubscribeHeader%2Fu%2F61532%2Fe666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b%2F1221608427&e_ipv6=AQKuktgRz8-jSwAAAYyIjZpN14TMaLVjYz_qWV2Av1F4JWP-0htVf-_QkqfJUHKnAz3WshE
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYM9Wkiofb+mgoMocqjbA==
collect
www.google-analytics.com/j/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=845892054&t=pageview&_s=1&dl=https%3A%2F%2Fwww2.rival-hr.com%2FlistUnsubscribeHeader%2Fu%2F61532%2Fe666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b%2F1221608427&ul=en-us&de=UTF-8&dt=SilkRoad%20Technology%2C%20Inc&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAACAAI~&jid=838617675&gjid=749920094&cid=2142047799.1703098030&tid=UA-193487-2&_gid=739050898.1703098031&_r=1&_slc=1&gtm=45He3bt0n71TPPJR6v6954383&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1621134057
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 18:47:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www2.rival-hr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-SvxZbAEeAwKy8.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-SvxZbAEeAwKy8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/aquant.js?a=p-SvxZbAEeAwKy8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b97853fddea4ca22cd01a43a21ea95640eac3357a0bd90de1342b14744f03074

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 17:53:12 GMT
content-encoding
gzip
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
3239
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Fri, 14 Oct 2022 00:03:36 GMT
server
AmazonS3
etag
W/"905eb5994a2d11fe9b3fd2f822779c86"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
1aKgOetL4p1cTE4fX49EOURqGpuP3VBelJW85WZeWtqVizng6sXnwQ==
/
www.google.com/pagead/1p-user-list/1068388636/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1068388636/?random=1703098030364&cv=11&fst=1703095200000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6954383&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww2.rival-hr.com%2FlistUnsubscribeHeader%2Fu%2F61532%2Fe666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b%2F1221608427&frm=0&tiba=SilkRoad%20Technology%2C%20Inc&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_PVTORlEtJg_IGCG4aviY_yhaFcGDgA&random=3387990751&rmt_tld=0&ipr=y
Requested by
Host: www2.rival-hr.com
URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 18:47:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1068388636/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1068388636/?random=1703098030364&cv=11&fst=1703095200000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6954383&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww2.rival-hr.com%2FlistUnsubscribeHeader%2Fu%2F61532%2Fe666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b%2F1221608427&frm=0&tiba=SilkRoad%20Technology%2C%20Inc&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_PVTORlEtJg_IGCG4aviY_yhaFcGDgA&random=3387990751&rmt_tld=1&ipr=y
Requested by
Host: www2.rival-hr.com
URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 18:47:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-193487-2&cid=2142047799.1703098030&jid=838617675&gjid=749920094&_gid=739050898.1703098031&_u=YADAAAAAAAAAACAAI~&z=132924981
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 20 Dec 2023 18:47:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www2.rival-hr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
857489862614168
connect.facebook.net/signals/config/ 		139 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/857489862614168?v=2.9.138&r=stable&domain=www2.rival-hr.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
87d5794eb19997829ddeb28ce4fed0fd2ee90b90ff0f68a159267b4aeb3d8f2d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 20 Dec 2023 18:47:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
Z/okNlru4UVrjoHa1hsoiNqtvUcMJ40czyrkIiAMtu+NUfMx2LYdVGhRLU3XOgldimfPBAlteECcxwdrxSnEvw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel;r=866031833;labels=_fp.event.Default;rf=0;a=p-SvxZbAEeAwKy8;url=https%3A%2F%2Fwww2.rival-hr.com%2FlistUnsubscribeHeader%2Fu%2F61532%2Fe666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=866031833;labels=_fp.event.Default;rf=0;a=p-SvxZbAEeAwKy8;url=https%3A%2F%2Fwww2.rival-hr.com%2FlistUnsubscribeHeader%2Fu%2F61532%2Fe666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b%2F1221608427;uht=2;fpan=1;fpa=P0-890736286-1703098030522;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=rival-hr.com;dst=1;et=1703098030644;tzo=-60;ogl=;ses=47e356ce-365a-43b4-9a76-fc037625ded2;mdl=
Requested by
Host: www2.rival-hr.com
URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 18:47:10 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=857489862614168&ev=PageView&dl=https%3A%2F%2Fwww2.rival-hr.com%2FlistUnsubscribeHeader%2Fu%2F61532%2Fe666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b%2F1221608427&rl=&if=false&ts=1703098030788&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703098030786.1503152500&cs_est=true&ler=empty&it=1703098030588&coo=false&rqm=GET
Requested by
Host: www2.rival-hr.com
URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 20 Dec 2023 18:47:10 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
px.ads.linkedin.com/wa/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Dec 2023 18:47:10 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 7FF8600A63D64B3C9EA1EF4275D5B6D1 Ref B: FRAEDGE1522 Ref C: 2023-12-20T18:47:11Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://www2.rival-hr.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYM9WkptxWWGnLHLt+IDg==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext
Domain
storage.pardot.com
URL
http://storage.pardot.com/61532/478/avada_style.css?ver=3.6.2
Domain
storage.pardot.com
URL
http://storage.pardot.com/61532/482/avada_font_awesome.css?ver=3.6.2
Domain
storage.pardot.com
URL
http://storage.pardot.com/61532/482/avada_font_awesome.css?ver=3.6.2
Domain
storage.pardot.com
URL
http://storage.pardot.com/61532/484/avada_animations.css?ver=3.6.2
Domain
storage.pardot.com
URL
http://storage.pardot.com/61532/490/media.css
Domain
storage.pardot.com
URL
http://storage.pardot.com/61532/492/jquery.js
Domain
storage.pardot.com
URL
http://storage.pardot.com/61532/494/jquery_migrate.min.js
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Open+Sans:300italic,600italic,700italic,800italic,400,300,800,700,600
Domain
storage.pardot.com
URL
http://storage.pardot.com/61532/498/modernizr.js
Domain
storage.pardot.com
URL
http://storage.pardot.com/61532/500/main.js
Domain
scdn.snapapp.com
URL
https://scdn.snapapp.com/widget/widget.js
Domain
web-analytics.engagio.com
URL
https://web-analytics.engagio.com/js/ei.js
Domain
www.cheshireimpact.com
URL
http://www.cheshireimpact.com/wp-content/themes/Avada/fonts/icomoon/icomoon.woff
Domain
www.cheshireimpact.com
URL
http://www.cheshireimpact.com/wp-content/themes/Avada/fonts/icomoon/icomoon.ttf

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| dataLayer object| doc object| anchors object| anchor object| _eiq object| _engagio_settings object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO string| _linkedin_data_partner_id object| ezt function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal function| __extends object| Demandbase object| __db function| DBSegment function| lintrk boolean| _already_called_lintrk object| gaplugins object| gaData function| quantserve function| __qc object| _qevents object| _qoptions object| ORIBILI

12 Cookies

Domain/Path Name / Value
.rival-hr.com/ Name: _gcl_au
Value: 1.1.354982807.1703098030
.rival-hr.com/ Name: _ga
Value: GA1.1.2142047799.1703098030
.rival-hr.com/ Name: _ga_2FPZDBC6PX
Value: GS1.1.1703098030.1.0.1703098030.0.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.quantserve.com/ Name: mc
Value: 658336ae-a236a-0772f-aa378
.rival-hr.com/ Name: __qca
Value: P0-890736286-1703098030522
.linkedin.com/ Name: bcookie
Value: "v=2&750dd7b0-57fd-4cc8-817d-9d4c92f139b8"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDMwOTgwMzA7MjswMjEGzNcHBF6m/oRSjTXkY0LLW3KYAyt9qacSmJrr4RanoA==
.linkedin.com/ Name: lidc
Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3123:u=1:x=1:i=1703098030:t=1703184430:v=2:sig=AQE_9IA_dS1e5AAYMv55ULbwIVap14nB"
.bidr.io/ Name: bito
Value: AAB6lU7LBm0AABSmY76qUw
.bidr.io/ Name: bitoIsSecure
Value: ok
.rival-hr.com/ Name: _fbp
Value: fb.1.1703098030786.1503152500

21 Console Messages

Source Level URL
Text
security warning URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Message:
Mixed Content: The page at 'https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427' was loaded over HTTPS, but requested an insecure element 'http://storage.pardot.com/61532/1248/SilkRoadLogo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Message:
Mixed Content: The page at 'https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427' was loaded over HTTPS, but requested an insecure element 'http://storage.pardot.com/61532/1248/SilkRoadLogo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427(Line 25)
Message:
Mixed Content: The page at 'https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427(Line 30)
Message:
Mixed Content: The page at 'https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427' was loaded over HTTPS, but requested an insecure stylesheet 'http://storage.pardot.com/61532/478/avada_style.css?ver=3.6.2'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427(Line 34)
Message:
Mixed Content: The page at 'https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427' was loaded over HTTPS, but requested an insecure stylesheet 'http://storage.pardot.com/61532/482/avada_font_awesome.css?ver=3.6.2'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427(Line 35)
Message:
Mixed Content: The page at 'https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427' was loaded over HTTPS, but requested an insecure stylesheet 'http://storage.pardot.com/61532/482/avada_font_awesome.css?ver=3.6.2'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427(Line 36)
Message:
Mixed Content: The page at 'https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427' was loaded over HTTPS, but requested an insecure stylesheet 'http://storage.pardot.com/61532/484/avada_animations.css?ver=3.6.2'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427(Line 43)
Message:
Mixed Content: The page at 'https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427' was loaded over HTTPS, but requested an insecure stylesheet 'http://storage.pardot.com/61532/490/media.css'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Message:
Mixed Content: The page at 'https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427' was loaded over HTTPS, but requested an insecure script 'http://storage.pardot.com/61532/492/jquery.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Message:
Mixed Content: The page at 'https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427' was loaded over HTTPS, but requested an insecure script 'http://storage.pardot.com/61532/494/jquery_migrate.min.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427(Line 1624)
Message:
Mixed Content: The page at 'https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans:300italic,600italic,700italic,800italic,400,300,800,700,600'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427(Line 1801)
Message:
Mixed Content: The page at 'https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427' was loaded over HTTPS, but requested an insecure element 'http://storage.pardot.com/61532/1248/SilkRoadLogo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427(Line 1801)
Message:
Mixed Content: The page at 'https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427' was loaded over HTTPS, but requested an insecure element 'http://storage.pardot.com/61532/1248/SilkRoadLogo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Message:
Mixed Content: The page at 'https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427' was loaded over HTTPS, but requested an insecure script 'http://storage.pardot.com/61532/498/modernizr.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427
Message:
Mixed Content: The page at 'https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427' was loaded over HTTPS, but requested an insecure script 'http://storage.pardot.com/61532/500/main.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427(Line 1861)
Message:
Mixed Content: The page at 'https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427' was loaded over HTTPS, but requested an insecure font 'http://www.cheshireimpact.com/wp-content/themes/Avada/fonts/icomoon/icomoon.woff'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427(Line 1861)
Message:
Mixed Content: The page at 'https://www2.rival-hr.com/listUnsubscribeHeader/u/61532/e666c69df2eda2a5af7050d8276aeed6883e1ee9bd41e8df64592f755a76464b/1221608427' was loaded over HTTPS, but requested an insecure font 'http://www.cheshireimpact.com/wp-content/themes/Avada/fonts/icomoon/icomoon.ttf'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://web-analytics.engagio.com/js/ei.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://scdn.snapapp.com/widget/widget.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://id.rlcdn.com/464526.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
googleads.g.doubleclick.net
id.rlcdn.com
match.prod.bidr.io
maxcdn.bootstrapcdn.com
pixel.quantserve.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
rules.quantcount.com
scdn.snapapp.com
scripts.demandbase.com
secure.quantserve.com
snap.licdn.com
stats.g.doubleclick.net
storage.pardot.com
web-analytics.engagio.com
www.cheshireimpact.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www2.rival-hr.com
fonts.googleapis.com
scdn.snapapp.com
storage.pardot.com
web-analytics.engagio.com
www.cheshireimpact.com
13.107.42.14
18.208.125.13
2001:4860:4802:34::36
2600:9000:223c:3000:6:44e3:f8c0:93a1
2600:9000:223d:2200:d:7e9b:1200:93a1
2606:4700::6811:180e
2606:4700::6812:acf
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:400c:c00::9d
2a02:26f0:480:f::213:7edd
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
35.244.174.68
52.30.179.44
52.85.92.7
0c3cea978a84b6745af467e270fefbe0436fabfb700cdf2d546f034753e20990
2dd19a7c94145c3505fe8c1be2aca2cc889c6cdf3693740f443eef880e97a35d
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dbd1967a8963d2eead020be31031ed12df79148acfea8cb787fa1358d5b4559
87d5794eb19997829ddeb28ce4fed0fd2ee90b90ff0f68a159267b4aeb3d8f2d
90f9a5d069493a37d5d49f4a8cd25bd2ba1c2437961a9365c0f2c0e8e11b0c4d
97aa2b34732c852c83a87a12c82d2231892fb82470f53271cdd612587b12bb22
9900f58fb736909ade797204cc0f87979683d444dc7c4fe6a8137e26196c5551
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1d04ae993d82b24a8a81ccf873d00965ccb3c65615fb9751ca7c713203b92b7
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0cafa6e1530b7558789f81a90aeca6b46141ae524875e952df7e7146aa684
b97853fddea4ca22cd01a43a21ea95640eac3357a0bd90de1342b14744f03074
c258ad68bc66fd00f78ab59936f8088e75f34412c932a7fbe1c3b0ce861716ec
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6