urlscan.io logo urlscan.io
SecurityTrails logo

hr.all-for-one.com Open in urlscan Pro
18.238.49.98  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kwp-inside-hr.com/
Effective URL: https://hr.all-for-one.com/
Submission Tags: threatview.io malwar3ninja rule: suspicious named domain automated-submission Search All
Submission: On August 31 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 46 HTTP transactions. The main IP is 18.238.49.98, located in United States and belongs to AMAZON-02, US. The main domain is hr.all-for-one.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 29th 2023. Valid for: a year.
This is the only time hr.all-for-one.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 51.116.114.43 8075 (MICROSOFT...)
17 18.238.49.98 16509 (AMAZON-02)
10 2606:4700:440... 13335 (CLOUDFLAR...)
4 52.157.81.43 8075 (MICROSOFT...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
46 10
1    51.116.114.43 (Frankfurt am Main, Germany)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
kwp-inside-hr.com
17    18.238.49.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-98.jfk52.r.cloudfront.net
hr.all-for-one.com
10    2606:4700:4400::6812:245a (United States)

ASN13335 (CLOUDFLARENET, US)
cookie-cdn.cookiepro.com
4    52.157.81.43 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
cdn.all-for-one.com
1    2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    2606:4700::6810:281c (United States)

ASN13335 (CLOUDFLARENET, US)
fast.fonts.net
3    2607:f8b0:4006:80d::200e (United States)

ASN15169 (GOOGLE, US)
www.youtube-nocookie.com
1    2606:4700::6812:8e77 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsforms.net
1    2606:4700::6813:afbc (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
2    2606:4700::6812:50cc (United States)

ASN13335 (CLOUDFLARENET, US)
forms-na1.hsforms.com
Apex Domain
Subdomains		 Transfer
21 all-for-one.com
hr.all-for-one.com
cdn.all-for-one.com
663 KB
10 cookiepro.com
cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 13568
192 KB
3 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 9382
forms-na1.hsforms.com — Cisco Umbrella Rank: 15115
7 KB
3 youtube-nocookie.com
www.youtube-nocookie.com — Cisco Umbrella Rank: 4316 Failed
1 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 14516
157 KB
1 fonts.net
fast.fonts.net — Cisco Umbrella Rank: 7667
607 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 1019
306 B
1 kwp-inside-hr.com
kwp-inside-hr.com
764 B
46 8
Domain Requested by
17 hr.all-for-one.com hr.all-for-one.com
10 cookie-cdn.cookiepro.com hr.all-for-one.com
cookie-cdn.cookiepro.com
4 cdn.all-for-one.com hr.all-for-one.com
3 www.youtube-nocookie.com hr.all-for-one.com
2 forms-na1.hsforms.com hr.all-for-one.com
1 forms.hsforms.com js.hsforms.net
1 js.hsforms.net hr.all-for-one.com
1 fast.fonts.net hr.all-for-one.com
1 geolocation.onetrust.com cookie-cdn.cookiepro.com
1 kwp-inside-hr.com 1 redirects
46 10
Subject Issuer Validity Valid
*.all-for-one.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-29 -
2024-12-29		 a year crt.sh
cookiepro.com
WE1		 2024-08-15 -
2024-11-13		 3 months crt.sh
geolocation.onetrust.com
WE1		 2024-08-13 -
2024-11-11		 3 months crt.sh
fonts.net
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
hsforms.net
WE1		 2024-08-11 -
2024-11-09		 3 months crt.sh
hsforms.com
WE1		 2024-08-12 -
2024-11-10		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://hr.all-for-one.com/
Frame ID: AB23847304843C8D44ACC6C85DFAAAE3
Requests: 38 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/xyHbXPiN2cM?showinfo=0&modestbranding=1&rel=0&hl=en&autoplay=0&playsinline=1&controls=1&enablejsapi=1
Frame ID: 32B3D2CB85F7439D64AC584501A00581
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/1VWiV3nXafA?showinfo=0&modestbranding=1&rel=0&hl=en&autoplay=0&playsinline=1&controls=1&enablejsapi=1
Frame ID: 6DED9FBA4209B7F4F804144CFC800265
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/t3FKM__2gXU?showinfo=0&modestbranding=1&rel=0&hl=en&autoplay=0&playsinline=1&controls=1&enablejsapi=1
Frame ID: EB6C4EC15BB6348D50DE1C54F4B9ED3C
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/xyHbXPiN2cM?showinfo=0&modestbranding=1&rel=0&hl=en&autoplay=0&playsinline=1&controls=1&enablejsapi=1
Frame ID: 03933F04427C965904C2D7FAED556924
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/1VWiV3nXafA?showinfo=0&modestbranding=1&rel=0&hl=en&autoplay=0&playsinline=1&controls=1&enablejsapi=1
Frame ID: 22241FE7B64974C0D87E64D65703CE27
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/t3FKM__2gXU?showinfo=0&modestbranding=1&rel=0&hl=en&autoplay=0&playsinline=1&controls=1&enablejsapi=1
Frame ID: 92E29B5CC55E6FD10E938AE85D012EA1
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/xyHbXPiN2cM?showinfo=0&modestbranding=1&rel=0&hl=en&autoplay=0&playsinline=1&controls=1&enablejsapi=1
Frame ID: C42FCA11FFA440AC23D574D138E59665
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/1VWiV3nXafA?showinfo=0&modestbranding=1&rel=0&hl=en&autoplay=0&playsinline=1&controls=1&enablejsapi=1
Frame ID: 19256D15BF11B0C038A21B2FA87651C1
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/t3FKM__2gXU?showinfo=0&modestbranding=1&rel=0&hl=en&autoplay=0&playsinline=1&controls=1&enablejsapi=1
Frame ID: BAD08EF9632E5EE4B26F85A2E9E68E8F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Empleox | Employee Experience

Page URL History Show full URLs

  1. http://kwp-inside-hr.com/ HTTP 307
    https://kwp-inside-hr.com/ HTTP 301
    https://hr.all-for-one.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • otSDKStub\.js

Page Statistics

46
Requests

87 %
HTTPS

70 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

1019 kB
Transfer

3751 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kwp-inside-hr.com/ HTTP 307
    https://kwp-inside-hr.com/ HTTP 301
    https://hr.all-for-one.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hr.all-for-one.com/
Redirect Chain
  • http://kwp-inside-hr.com/
  • https://kwp-inside-hr.com/
  • https://hr.all-for-one.com/
63 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hr.all-for-one.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-98.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d540a38d55ef87b7b95a728abef825e2f4d19cac9d0a681f919ec7bd0fa8204f
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
content-type
text/html; charset=utf-8
date
Sat, 31 Aug 2024 02:34:50 GMT
etag
W/"f130655d75880b735b2ef1d88da39668"
last-modified
Fri, 30 Aug 2024 14:02:10 GMT
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
no-referrer-when-downgrade
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 6ca3dc9afd6f12cee41f6246e0c4aa8e.cloudfront.net (CloudFront)
x-amz-cf-id
CGrEvW0kRcl3JFDlE9biJGfI13y-Fc22gHxe2EIjYrc9C24QluUs6w==
x-amz-cf-pop
JFK52-P3
x-amz-id-2
anGWXldEZm5gK/pIY0IbVVvhvWpEBE5wZpknCTsGHhBzPhQ46W5Z1LdQOyP40l5TA5pUTu+VYr0=
x-amz-request-id
VVND6ZDHQD3TG4SP
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

content-length
169
content-security-policy
default-src 'self' *.all-for-one.com *.e-spirit.hosting; frame-ancestors 'self' https://*.e-spirit.hosting; img-src *; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
content-type
text/html
date
Sat, 31 Aug 2024 02:34:48 GMT
location
https://hr.all-for-one.com/
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
no-referrer-when-downgrade
server
nginx/1.23.4
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000
x-content-type-options
nosniff
x-xss-protection
1; mode=block
maincss.css
hr.all-for-one.com/layout/css/ 		1 MB
96 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hr.all-for-one.com/layout/css/maincss.css?r=331961
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-98.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b1f29f1ee018003dea43916356e15689869b5ebba06ffe2b3e6bd543fdc0ecd0
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 14:22:24 GMT
content-encoding
gzip
via
1.1 6ca3dc9afd6f12cee41f6246e0c4aa8e.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
AA2HDJPZ2E3FM191
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256
age
43947
x-cache
Hit from cloudfront
x-amz-id-2
1Y89OgK1aCcS3nRNyYyDeupOH9g6MFsqxOaO2UCiWXeVANmtkJfmuqYAoU07ES8Au+Ikj79KnUQ=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Aug 2024 08:13:47 GMT
server
AmazonS3
etag
W/"6f2101ca3310ba32c2b0589d036806bb"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=2592000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
NBpyc8BoyOzg1xKQR82dVpqanUR8gc6SctULSDOPLin8xvW6Rg6pew==
hyphenopolyjs.js
hr.all-for-one.com/layout/js/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hr.all-for-one.com/layout/js/hyphenopolyjs.js?r=331866
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-98.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c45a5b62aef041ad3a0226f55f98582ab76f1a2e676121dde4efbf37fe542ae4
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 14:22:24 GMT
content-encoding
gzip
via
1.1 6ca3dc9afd6f12cee41f6246e0c4aa8e.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
AA2WSYE2F3E1GQGF
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256
age
43947
x-cache
Hit from cloudfront
x-amz-id-2
MRwvg9Xis9yj5Xz/kMG4e8j+m1mpcvB8HwhViv/umzYRg+DSYWNZoWxKHY5JajxNJcdkdgGqC9k=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Aug 2024 08:13:47 GMT
server
AmazonS3
etag
W/"d539bf5f4da9db9d0e5cf1101def7ac0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
miNefD1ku_-vqAJUJ-TQvM1nHrh9Nm8Wx2tpFPu3S8htzOsiogtYLw==
libjs.js
hr.all-for-one.com/layout/js/ 		243 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hr.all-for-one.com/layout/js/libjs.js?r=331868
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-98.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a95913e2e92269f23d2c81d2c7e34ffd05f32c50a8ee76ba85d689bb55eb5a78
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 14:22:25 GMT
content-encoding
gzip
via
1.1 6ca3dc9afd6f12cee41f6246e0c4aa8e.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
YT5Z4TEYR6ADR428
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256
age
43946
x-cache
Hit from cloudfront
x-amz-id-2
ZsS5evkdw1B0ycJvvfd4Hl9Nw3E9ihWFxjglvDnI+eHXM2ADA6zmGxYSniekzduCCndEfKitCLqcU5aKG4QzCg==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Aug 2024 08:13:46 GMT
server
AmazonS3
etag
W/"d6c98b6e1e018ebce45ca3b1c7ecb49b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
oYhEn4f4qTveQh9kbxmrH4_VLDGMGixt_SMKBKsOyEoLBmI3oolrGg==
appjs.js
hr.all-for-one.com/layout/js/ 		377 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hr.all-for-one.com/layout/js/appjs.js?r=331863
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-98.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e345066e3bc53397cf5a54d20dc79475981e9e35970c435d9ec6e6ba5933d492
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 14:22:25 GMT
content-encoding
gzip
via
1.1 6ca3dc9afd6f12cee41f6246e0c4aa8e.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
YT5V00870QH2NW0F
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256
age
43946
x-cache
Hit from cloudfront
x-amz-id-2
9nVl6gE4IYh2LlsU6eyB8To6jS5wgmWM8KCcpTAk/UVmCS3KKEbmp7Med01mja+/R4vrAQynzQ7mgjbrjm1NBFg+YiiatS+E
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Aug 2024 08:13:46 GMT
server
AmazonS3
etag
W/"cdfb85a07ecfa3458b1f3bc0b16461ce"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
xvJdZKx-4_YvvCR-ru6sgRD8WoKKewXjpprUPmsCJTjolu9QARwfMw==
fonttrackingjs.js
hr.all-for-one.com/layout/js/ 		1014 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hr.all-for-one.com/layout/js/fonttrackingjs.js?r=331865
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-98.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d82fdec068f0bd1fe440dde488733831ed77870bc2b897ee57ae464583ae58b
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 14:22:25 GMT
content-encoding
gzip
via
1.1 6ca3dc9afd6f12cee41f6246e0c4aa8e.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
YT5R6NT5B1XNA6XF
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256
age
43946
x-cache
Hit from cloudfront
x-amz-id-2
Vb+QMFc0smfHDbH48S6WmlVPOc7pDnZd61pdRxh4yXiTLX9YzVga4Wf3lNW7aSkrldjbNuyeCjYWUuXaxq6tuw==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Aug 2024 08:13:46 GMT
server
AmazonS3
etag
W/"19186db779275cc7f54713c4e4b23bf3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
L7wCR2v3laNxstOpIV4w1_PEK2FkVsHTfngNxjH4qM2Pq6zccQINTQ==
browserdeprecationcheckjs.js
hr.all-for-one.com/layout/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hr.all-for-one.com/layout/js/browserdeprecationcheckjs.js?r=331864
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-98.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6d1f34c615ca990bb5424f4759ae85a22c2bb53d4ad4df8c2d499d9feebbf1e
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 14:22:25 GMT
content-encoding
gzip
via
1.1 6ca3dc9afd6f12cee41f6246e0c4aa8e.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
YT5T8TWPATY98FVR
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256
age
43946
x-cache
Hit from cloudfront
x-amz-id-2
4uDT+e7fSvZnn8o4GlDEPrs9fGW/w2SHQA1jVp5+tMeETG+i034We4iETF6QsOvoiH0tl2/nIQs=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Aug 2024 08:13:47 GMT
server
AmazonS3
etag
W/"c3426663d4f564bf960c28eb7e855bbe"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
PKM-8e6cQA-ZnBBgFPLOVsvlr8X48EFzSeWiMBSPZSFfvVpXZ7lYDw==
otSDKStub.js
cookie-cdn.cookiepro.com/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 31 Aug 2024 02:34:49 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
p+39a+/XEcZfNKybQjgXjA==
age
40027
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Thu, 22 Aug 2024 07:43:10 GMT
server
cloudflare
etag
0x8DCC27E11E53409
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
25c0124e-201e-001b-0b03-f515bf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bb99facffc7ac28-YYZ
expires
Sun, 01 Sep 2024 02:34:49 GMT
empleox_employee_experience_rgb.svg
cdn.all-for-one.com/corporate-media/allgemein/logos/logos-gruppe-svg/ 		7 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.all-for-one.com/corporate-media/allgemein/logos/logos-gruppe-svg/empleox_employee_experience_rgb.svg
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.157.81.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
9ccc67aa9589ba0ba7f03b424b996e232198df2ce1348ea5f6c6d7ce005eb9a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 31 Aug 2024 02:34:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
1302826
X-Imgix-Original-Url
/corporate-media/allgemein/logos/logos-gruppe-svg/empleox_employee_experience_rgb.svg
X-Cache
MISS, HIT, HIT
x-imgix-id
654372569c69a724d03532a4c3aeb1bbf814d19f
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
2360
X-Imgix-Cache
MISS
X-Served-By
cache-sjc1000101-SJC, cache-fra-etou8220070-FRA, cache-ams21045-AMS
last-modified
Tue, 14 Nov 2023 07:29:48 GMT
Server
nginx
X-Imgix-Deployment-Datestamp
Fri Mar 15, 2024 09:13:10 PM UTC
X-Imgix-Shield-Host
shield-1582d413376d81e6552a75052e757bb08a7d2f9d.imgix.net
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Imgix-Normalized-Params
cache-control
public, max-age=31536000
X-Imgix-Original-Host
all-for-one-s3.imgix.net
Vary
Accept-Encoding
X-Imgix-Host-Chain
cache-fra-etou8220025_all-for-one-s3.imgix.net|recv,cache-fra-etou8220070_shield-1582d413376d81e6552a75052e757bb08a7d2f9d.imgix.net|miss,cache-sjc1000101_shield-1582d413376d81e6552a75052e757bb08a7d2f9d.imgix.net|recv,cache-sjc1000101_all-for-one-s3.imgix.net|reset
X-Imgix-Deployment-Timestamp
1710537190
X-Imgix-Deployment-Hash
1419
Accept-Ranges
bytes
Timing-Allow-Origin
*
empleox_employee_experience_invertiert.svg
cdn.all-for-one.com/corporate-media/allgemein/logos/logos-gruppe-svg/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.all-for-one.com/corporate-media/allgemein/logos/logos-gruppe-svg/empleox_employee_experience_invertiert.svg
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.157.81.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
0fa7428582c52a58227cdb17b3b6c91b583b123e0d9abd1136db99d2a2d1ea92
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 31 Aug 2024 02:34:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
1542592
X-Imgix-Original-Url
/corporate-media/allgemein/logos/logos-gruppe-svg/empleox_employee_experience_invertiert.svg
X-Cache
HIT, HIT, HIT
x-imgix-id
73f233bbc7a9453ba4b4cb7902a4b1518546de1e
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
2226
X-Imgix-Cache
HIT
X-Served-By
cache-sjc1000133-SJC, cache-fra-eddf8230135-FRA, cache-ams2100092-AMS
last-modified
Thu, 18 Jan 2024 07:44:07 GMT
Server
nginx
X-Imgix-Deployment-Datestamp
Mon Mar 11, 2024 05:58:30 PM UTC
X-Imgix-Shield-Host
shield-1582d413376d81e6552a75052e757bb08a7d2f9d.imgix.net
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Imgix-Normalized-Params
cache-control
public, max-age=31536000
X-Imgix-Original-Host
all-for-one-s3.imgix.net
Vary
Accept-Encoding
X-Imgix-Host-Chain
cache-fra-eddf8230083_all-for-one-s3.imgix.net|recv,cache-fra-eddf8230135_shield-1582d413376d81e6552a75052e757bb08a7d2f9d.imgix.net|miss,cache-sjc1000133_shield-1582d413376d81e6552a75052e757bb08a7d2f9d.imgix.net|recv,cache-sjc1000133_all-for-one-s3.imgix.net|reset
X-Imgix-Deployment-Timestamp
1710179910
X-Imgix-Deployment-Hash
1414
Accept-Ranges
bytes
Timing-Allow-Origin
*
one-hxm-header-fs-de-160424.png
cdn.all-for-one.com/corporate-media/themen_und_impulse_marketunits/hr-employee-experience/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.all-for-one.com/corporate-media/themen_und_impulse_marketunits/hr-employee-experience/one-hxm-header-fs-de-160424.png?usage=cms&fm=webp&auto=compress&cs=tinysrgb&width=1920&height=1080&fit=crop&r=2535164804
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.157.81.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
60b1f8a915c76a7972a6dad3cf23d5137027fe6468e1da123c33b80a57688b07
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 31 Aug 2024 02:34:50 GMT
X-Content-Type-Options
nosniff
Age
446226
X-Cache
MISS, MISS, HIT
x-imgix-id
41f2fbc935272bc1b4773185df8d3e8a3684151c
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
51978
X-Served-By
cache-chi-klot8100034-CHI, cache-fra-eddf8230090-FRA, cache-ams2100085-AMS
last-modified
Sun, 25 Aug 2024 22:37:43 GMT
Server
nginx
Content-Type
image/webp
Access-Control-Allow-Origin
*
cache-control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
2021-jul-roehm-uk-wei-at-dscf5318-de-110123.jpg
cdn.all-for-one.com/corporate-media/themen_und_impulse_marketunits/hr-employee-experience/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.all-for-one.com/corporate-media/themen_und_impulse_marketunits/hr-employee-experience/2021-jul-roehm-uk-wei-at-dscf5318-de-110123.jpg?usage=cms&fm=webp&auto=compress&cs=tinysrgb&width=1920&height=1080&fit=crop&r=3107678913
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.157.81.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
46f7fe8d25b776410e6b757ea592e19546e5682acc87ffa78566ccba51dc3edd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 31 Aug 2024 02:34:50 GMT
X-Content-Type-Options
nosniff
Age
846797
X-Cache
MISS, MISS, HIT
x-imgix-id
41eb8d89ae9853916f45c44f645c926a0eb4bd96
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
52992
X-Served-By
cache-chi-klot8100044-CHI, cache-fra-etou8220100-FRA, cache-ams21080-AMS
last-modified
Wed, 21 Aug 2024 07:21:32 GMT
Server
nginx
Content-Type
image/webp
Access-Control-Allow-Origin
*
cache-control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
de.wasm
hr.all-for-one.com/js/hyphenopoly/patterns/ 		91 KB
93 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hr.all-for-one.com/js/hyphenopoly/patterns/de.wasm
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/layout/js/hyphenopolyjs.js?r=331866
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-98.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92ef19c909115b5fb026e7940bf97523a2659396c479cd6273f182812d66ac28
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 02:34:51 GMT
via
1.1 6ca3dc9afd6f12cee41f6246e0c4aa8e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
YT5X0NJD43FZJ2FG
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
93620
x-amz-id-2
huOBmJHPSycOs4sFnRss+/xtqjNqBjtJTbt1zQEEf0IhkVpHnMUxS96n3u8HZ4hxPTHt8hflrJ0=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 30 Aug 2024 14:02:23 GMT
server
AmazonS3
etag
"c5cae72ecf73b5f1dbbdf9a02fe32ea9"
vary
Accept-Encoding
content-type
application/octet-stream
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
x-amz-cf-id
6wAkXDHCeNg9TNnMrC_AIMkJZrJQGNdjWWDzZ5OnKYAHJPedapnxdw==
Hyphenopoly.js
hr.all-for-one.com/js/hyphenopoly/ 		10 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hr.all-for-one.com/js/hyphenopoly/Hyphenopoly.js
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/layout/js/hyphenopolyjs.js?r=331866
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-98.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d4c0be20292c7671f1142e4ef994fbbb794b2453b35d7b7975a03a67aef983a9
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 14:22:25 GMT
content-encoding
gzip
via
1.1 6ca3dc9afd6f12cee41f6246e0c4aa8e.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
YT5S0FB2V3XEBX2R
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256
age
43946
x-cache
Hit from cloudfront
x-amz-id-2
b1oz4wNH7/5/o7/u8qeZN2rvuQ4ieQ6NWr1mfx+FSqpk08pXXCGm4vTPYaieXft7pCFgcPRh5h9/cLocT5bpWA==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 30 Aug 2024 14:02:22 GMT
server
AmazonS3
etag
W/"361ed142f35215dd6a08325337ef5535"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
2Q6irGxpdkcX59oVdlzWaBBv-anyCdGfzKwMLUygYe5QpgnaRjJB8g==
7d2c68c9-d7ab-45e6-8c68-df2cec98b25c.json
cookie-cdn.cookiepro.com/consent/7d2c68c9-d7ab-45e6-8c68-df2cec98b25c/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/7d2c68c9-d7ab-45e6-8c68-df2cec98b25c/7d2c68c9-d7ab-45e6-8c68-df2cec98b25c.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3620c140f813bf61bcb263c422ab0071420e3b5a26e09b85c7992f9ceef989f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 31 Aug 2024 02:34:50 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
JYTxrp4hFmDKlpfS5tNfug==
content-length
1541
x-ms-lease-status
unlocked
last-modified
Mon, 19 Aug 2024 06:49:55 GMT
server
cloudflare
etag
0x8DCC01B224F9E56
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d613bdab-001e-006e-7206-f27e93000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bb99fb08ef5ac31-YYZ
truncated
/ 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28954299124d1a9377b2414d5ed0103c668c93c0fca7c2939c9977ba3d764a01

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
quotesvg.svg
hr.all-for-one.com/layout/img/ 		568 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hr.all-for-one.com/layout/img/quotesvg.svg?timestamp=1715182418317
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/layout/css/maincss.css?r=331961
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-98.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d9287c036a8bd0759d32d69b335c7c3e974fc56a5cc01a25a64f82049ac7464
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hr.all-for-one.com/layout/css/maincss.css?r=331961
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 14:22:25 GMT
via
1.1 6ca3dc9afd6f12cee41f6246e0c4aa8e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
YT5RT0775PP9E6ND
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256
age
43945
x-cache
Hit from cloudfront
content-length
568
x-amz-id-2
sIeNB43K+/vWm61jGhYtuf3eQ5oBBM6Ig+iPDPQFYxSgzjTE41velZW77vd1Mo6fRNph4gBUwwtcpehlHS/DLQ==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Aug 2024 08:13:44 GMT
server
AmazonS3
etag
"ef8164a504f4c722182ef938e5acc826"
content-type
image/svg+xml
cache-control
max-age=2592000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
x-amz-cf-id
0yswLrCjxyBUmFwpiayd_k9FSmF3cPHAhT8z8ZriEA3yNkY5LNiSRA==
b52iconfontwoff2.woff2
hr.all-for-one.com/layout/fnt/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hr.all-for-one.com/layout/fnt/b52iconfontwoff2.woff2?timestamp=1715182418288
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/layout/css/maincss.css?r=331961
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-98.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5bde2f2e1385f2f964324b8f62ef358ea9a533f18dc7aa42a6d53fc85295ab7
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hr.all-for-one.com/layout/css/maincss.css?r=331961
Origin
https://hr.all-for-one.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 14:22:26 GMT
via
1.1 6ca3dc9afd6f12cee41f6246e0c4aa8e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
0N092RNAWVYHCNJR
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256
age
43945
x-cache
Hit from cloudfront
content-length
4912
x-amz-id-2
Qk6NFq+NPmg9t6q4ipkhq4JTEfMyQiHrmXCPBoXIU2Ps4tEMxbQZTqz8ewfCPFplWQ42ANVBAT7haslalRmlpgDf3jNNJ9F+foVtAoB8rm4=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Aug 2024 08:13:46 GMT
server
AmazonS3
etag
"ad1bcf5d7bab258799925440db6c571a"
content-type
font/woff
cache-control
max-age=2592000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
x-amz-cf-id
gBITlAcmdX1sT1dH8uc6cR5qKeKw090Is4IR0uel_A5c4qZgQX7k5Q==
avenirmediumwoff2.woff2
hr.all-for-one.com/layout/fnt/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hr.all-for-one.com/layout/fnt/avenirmediumwoff2.woff2?timestamp=1715182418264
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/layout/css/maincss.css?r=331961
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-98.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84f75130597e9fba045653f364091f28720c8410a0c61d14e9a803c2a1b1e2b9
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hr.all-for-one.com/layout/css/maincss.css?r=331961
Origin
https://hr.all-for-one.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 14:22:26 GMT
via
1.1 6ca3dc9afd6f12cee41f6246e0c4aa8e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
0N012G71JQ1KVZP6
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256
age
43945
x-cache
Hit from cloudfront
content-length
26636
x-amz-id-2
O9s5m6Je4I5WvDVFThlXlz1DbuDut+58CeXGw7rAlfknoQuNrjrHX0J8YzRcqcujs8WTIGM2evZXvbvLP+oOnQ==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Aug 2024 08:13:46 GMT
server
AmazonS3
etag
"d8519ef53c3ab2298c910b759606aa84"
content-type
font/woff
cache-control
max-age=2592000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
x-amz-cf-id
cIT34aQCm78j7LsTX0BztjHWFbBD9u3bL3NVXyrV1zZzugMnG5sRqA==
avenirblackwoff2.woff2
hr.all-for-one.com/layout/fnt/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hr.all-for-one.com/layout/fnt/avenirblackwoff2.woff2?timestamp=1715182418270
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/layout/css/maincss.css?r=331961
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-98.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13e9c0d07bc2464b8f2dbb2b723b2a6e7e6a769491e3c68dca766b61e3cb972b
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hr.all-for-one.com/layout/css/maincss.css?r=331961
Origin
https://hr.all-for-one.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 14:22:26 GMT
via
1.1 6ca3dc9afd6f12cee41f6246e0c4aa8e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
0N051XJEBNPZYF99
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256
age
43945
x-cache
Hit from cloudfront
content-length
24232
x-amz-id-2
DFzyK4ixWYqgBb37VbIBsk+xXP9khHr7ZHUCqBmsXYxldRcx7c/ns3RMOckgcdHsQCmgGv+zcB8=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Aug 2024 08:13:45 GMT
server
AmazonS3
etag
"9d601baa0eba092b43ed97567a7f2562"
content-type
font/woff
cache-control
max-age=2592000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
x-amz-cf-id
CktsFfBBFLtPowG2HunYpWPMNADZiCllkr4XHkgd_59eEnN9IIDKUg==
avenirlightwoff2.woff2
hr.all-for-one.com/layout/fnt/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hr.all-for-one.com/layout/fnt/avenirlightwoff2.woff2?timestamp=1715182418259
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/layout/css/maincss.css?r=331961
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-98.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f0df435bfdc31c4ae406019c9d872754028b5ecb2125dc9322890f42af1a308
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hr.all-for-one.com/layout/css/maincss.css?r=331961
Origin
https://hr.all-for-one.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 14:22:26 GMT
via
1.1 6ca3dc9afd6f12cee41f6246e0c4aa8e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
0N03KHT354JRQM72
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256
age
43945
x-cache
Hit from cloudfront
content-length
24560
x-amz-id-2
BW2jp7yZeZ/236D3QoVg4wHaPvzBfn1uDFDxSDnJtV4oZqFi8ARZk3f0kKZ57ZOvdWIuSackSPU=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Aug 2024 08:13:45 GMT
server
AmazonS3
etag
"73b063eff2271c7bccf0b9f7b1d6c584"
content-type
font/woff
cache-control
max-age=2592000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
x-amz-cf-id
PQAgBpC65pGKbnzp2QvOHXiLyII-AE-d5xcERP1Va0wsbPZcPpkhag==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		67 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66707b7434e14fc523f2fc692e4a190958a02598dd3d9c45ec0f65f90091727b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 02:34:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8bb99fb499d436f9-YYZ
access-control-allow-headers
Content-Type
1.css
fast.fonts.net/lt/ 		0
607 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.fonts.net/lt/1.css?apiType=css&c=1455b350-6389-4219-80c4-d7a65dd85137&fontids=1475498,1475534,1475558
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-meta-mtime
1361983047
date
Sat, 31 Aug 2024 02:34:51 GMT
x-amz-version-id
null
cf-cache-status
HIT
x-amz-request-id
AKXKPGVKM4VD7Z2Z
age
903791
x-amz-replication-status
COMPLETED
content-length
0
x-amz-id-2
CIH25bQ8oOUaCeuQiv908YIV/FbExFSfZJ+kaSK48V0zZTLfUH6DEo+To6GLRWXv5BVxmKT0ci5ae3G0emXZ9cpAhkjyEo1G
last-modified
Tue, 23 Mar 2021 12:59:56 GMT
server
cloudflare
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=1
accept-ranges
bytes
cf-ray
8bb99fb4a9abac6c-YYZ
expires
Sat, 31 Aug 2024 02:34:52 GMT
prismathreewoff2.woff2
hr.all-for-one.com/layout/fnt/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hr.all-for-one.com/layout/fnt/prismathreewoff2.woff2?timestamp=1715182418276
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/layout/css/maincss.css?r=331961
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-98.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bbcf3086d91a55dcadab44633685e141ea3fc9561b1e7cb2087fc952cd2f49bb
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hr.all-for-one.com/layout/css/maincss.css?r=331961
Origin
https://hr.all-for-one.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 14:22:27 GMT
via
1.1 6ca3dc9afd6f12cee41f6246e0c4aa8e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
B0T05Z6PVVCXD2Y0
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256
age
43945
x-cache
Hit from cloudfront
content-length
23774
x-amz-id-2
DxNJApsYPGCTvg6NWGByQtKfmvQOXrHSyJrrtcYG4ubg4f0+ZA7ivNLchHi7rQ8aa9TjjnO4ikQ=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Aug 2024 08:13:46 GMT
server
AmazonS3
etag
"6cb392097134535aff42ecbde01d4721"
content-type
font/woff
cache-control
max-age=2592000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
x-amz-cf-id
Xj-Fo4VJcNM3_NRuFTGH6GL4gDV1Ecm_ra8PRT6cCnu0IZ8vKxJpFg==
prismafivewoff2.woff2
hr.all-for-one.com/layout/fnt/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hr.all-for-one.com/layout/fnt/prismafivewoff2.woff2?timestamp=1715182418282
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/layout/css/maincss.css?r=331961
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-98.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cccd0168b8045f702a0466d1371fd19ba19f669fb3b8c387d34691e7acfa9838
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hr.all-for-one.com/layout/css/maincss.css?r=331961
Origin
https://hr.all-for-one.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 14:22:27 GMT
via
1.1 6ca3dc9afd6f12cee41f6246e0c4aa8e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
B0TF0A476PS0EF9P
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256
age
43944
x-cache
Hit from cloudfront
content-length
29611
x-amz-id-2
ozmKfPOwGnSuQ0Bv7crDwjWR9fFxs8IaabPhB8+JtR9B6jgMHd+p5RxhftgSZQfDmLdMdF2F6/0NCRjkvFdCVQ==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Aug 2024 08:13:46 GMT
server
AmazonS3
etag
"132c404b9b75cc44560ff1f1612d23a0"
content-type
font/woff
cache-control
max-age=2592000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
x-amz-cf-id
SDri6p2Lz_kyAD-Mr0oQZm265-AboRhChjC3mnkrNFLG4h2-COsevg==
xyHbXPiN2cM
www.youtube-nocookie.com/embed/ Frame 32B3 		0
0
1VWiV3nXafA
www.youtube-nocookie.com/embed/ Frame 6DED 		0
0
t3FKM__2gXU
www.youtube-nocookie.com/embed/ Frame EB6C 		0
0
xyHbXPiN2cM
www.youtube-nocookie.com/embed/ Frame 0393 		0
0
1VWiV3nXafA
www.youtube-nocookie.com/embed/ Frame 2224 		0
0
t3FKM__2gXU
www.youtube-nocookie.com/embed/ Frame 92E2 		0
0
xyHbXPiN2cM
www.youtube-nocookie.com/embed/ Frame C42F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/xyHbXPiN2cM?showinfo=0&modestbranding=1&rel=0&hl=en&autoplay=0&playsinline=1&controls=1&enablejsapi=1
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/layout/js/libjs.js?r=331868
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hr.all-for-one.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sat, 31 Aug 2024 02:34:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
1VWiV3nXafA
www.youtube-nocookie.com/embed/ Frame 1925 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/1VWiV3nXafA?showinfo=0&modestbranding=1&rel=0&hl=en&autoplay=0&playsinline=1&controls=1&enablejsapi=1
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/layout/js/libjs.js?r=331868
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hr.all-for-one.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sat, 31 Aug 2024 02:34:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
t3FKM__2gXU
www.youtube-nocookie.com/embed/ Frame BAD0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/t3FKM__2gXU?showinfo=0&modestbranding=1&rel=0&hl=en&autoplay=0&playsinline=1&controls=1&enablejsapi=1
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/layout/js/libjs.js?r=331868
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hr.all-for-one.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sat, 31 Aug 2024 02:34:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
v2.js
js.hsforms.net/forms/ 		483 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsforms.net/forms/v2.js?_=1725071690611
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/layout/js/libjs.js?r=331868
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:8e77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd13cd20ff525b2385438959354509dab540bbf8e387c99dc5bd75e58479cb11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5966/bundles/project-v2.js&cfRay=8bb99fb4a97caa9d-IAD
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"1180d1c3be17e755c336650bfb6846cc"
vary
accept-encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.5966/bundles/project-v2.js
date
Sat, 31 Aug 2024 02:34:51 GMT
via
1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-version-id
4JX8INDs29t6exl5mR8sQg.XV564Lheg
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
5b5dffa3-66b4-4d6d-b7c3-3a8bca7f7bb9
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
8
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
5b5dffa3-66b4-4d6d-b7c3-3a8bca7f7bb9
last-modified
Fri, 30 Aug 2024 09:44:45 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gYi9%2FX7aIjP7g5ffFcbJWDiHw9t68m1tn0nBUNVg5gjkRGNJUat0xvU3AyB1EDq70rU2axeYQD1Ao1xaoLnCtKl1rmnj1%2FWW6eNveZC44LvYj0YGpHGcNzwwln2z8iv3wz8ItwJSVAv%2BQDfr"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-5f4dcb8bc8-ggr2j
cf-ray
8bb99fb4a97caa9d-YYZ
x-amz-cf-id
ui1fjupmqKh8sdyVJ_nUCSIdOXDnrha2Bs7cdKxEgc7XPDUhAoFAOg==
otBannerSdk.js
cookie-cdn.cookiepro.com/scripttemplates/202407.1.0/ 		451 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202407.1.0/otBannerSdk.js
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51c8dc48fb49d5df075bf32d6655815cce9440a80bef0458f72a5bb85fa96d4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 31 Aug 2024 02:34:51 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
OB5ZPaM1F+xqSvW4fnjknQ==
age
63383
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
112090
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jul 2024 14:51:32 GMT
server
cloudflare
etag
0x8DCA2821EAB7FC3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7c367120-a01e-003a-1ae3-d431c4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bb99fb53fd5ac28-YYZ
expires
Sun, 01 Sep 2024 02:34:51 GMT
de.json
cookie-cdn.cookiepro.com/consent/7d2c68c9-d7ab-45e6-8c68-df2cec98b25c/018e5088-c475-770a-aaf9-8eba16e3b098/ 		72 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/7d2c68c9-d7ab-45e6-8c68-df2cec98b25c/018e5088-c475-770a-aaf9-8eba16e3b098/de.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202407.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b59530ebc386192d998fca954c26a32485283cd4f92da5a124f23bd35d3f57f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 31 Aug 2024 02:34:51 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
Aj9cAc89yCK9bKENz7npgg==
content-length
17290
x-ms-lease-status
unlocked
last-modified
Mon, 19 Aug 2024 06:49:57 GMT
server
cloudflare
etag
0x8DCC01B23B8203F
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
798b6cdd-801e-0012-2606-f2506c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bb99fb69c15ac31-YYZ
json
forms.hsforms.com/embed/v3/form/2998488/9b666a72-fe0d-4761-af32-778f57fe70fe/ 		15 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hsforms.com/embed/v3/form/2998488/9b666a72-fe0d-4761-af32-778f57fe70fe/json?hs_static_app=forms-embed&hs_static_app_version=1.5966&X-HubSpot-Static-App-Info=forms-embed-1.5966
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js?_=1725071690611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:afbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27d99626b18480e702937bd50b946449c4477948a0d89bfe90bcfa590196a1b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-origin-hublet
na1
date
Sat, 31 Aug 2024 02:34:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
15a96f2e-63d4-4d31-bbff-f03575d9fa43
x-envoy-upstream-service-time
43
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
15a96f2e-63d4-4d31-bbff-f03575d9fa43
server
cloudflare
vary
origin
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://hr.all-for-one.com
x-evy-trace-virtual-host
all
access-control-expose-headers
X-Origin-Hublet
access-control-max-age
180
access-control-allow-credentials
false
cache-control
max-age=0, no-cache, no-store
x-robots-tag
none
access-control-allow-headers
*
cf-ray
8bb99fb808183870-YYZ
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-ls98c
otCenterRounded.json
cookie-cdn.cookiepro.com/scripttemplates/202407.1.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202407.1.0/assets/otCenterRounded.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202407.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64aff3262c56fa48ad38b8d9d4d674a6ee3759d1ce4cb52c66865e3fc2c16d2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 31 Aug 2024 02:34:51 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
hIXkjmZJ+gUHyB29EOjWcg==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2597
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jul 2024 14:51:22 GMT
server
cloudflare
etag
0x8DCA282188D311D
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
2d3e6acf-f01e-006a-5506-f2f394000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bb99fb84d55ac31-YYZ
expires
Sun, 01 Sep 2024 02:34:51 GMT
otPcCenter.json
cookie-cdn.cookiepro.com/scripttemplates/202407.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202407.1.0/assets/v2/otPcCenter.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202407.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 31 Aug 2024 02:34:51 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
5c9cLQBQ5NMMvDEvN8aWeQ==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12723
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jul 2024 14:51:23 GMT
server
cloudflare
etag
0x8DCA282199037AF
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
2f4ce8fd-501e-0001-5706-f27460000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bb99fb84d57ac31-YYZ
expires
Sun, 01 Sep 2024 02:34:51 GMT
otCommonStyles.css
cookie-cdn.cookiepro.com/scripttemplates/202407.1.0/assets/ 		24 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202407.1.0/assets/otCommonStyles.css
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202407.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 31 Aug 2024 02:34:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
HyPJ72TNHxdfOI82cqKVqA==
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jul 2024 14:51:42 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
202d8167-a01e-0058-4c06-f2f3e3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
8bb99fb84d58ac31-YYZ
expires
Sun, 01 Sep 2024 02:34:51 GMT
counters.gif
forms-na1.hsforms.com/embed/v3/ 		35 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:50cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 02:34:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
6f2cace0-a6b1-40c2-b180-5b5126a4a41b
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
6f2cace0-a6b1-40c2-b180-5b5126a4a41b
server
cloudflare
vary
origin
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-5cwth
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
8bb99fba8a61ac88-YYZ
counters.gif
forms-na1.hsforms.com/embed/v3/ 		35 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:50cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 02:34:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
7bf35988-0354-408e-953d-154fcc9f0124
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
7bf35988-0354-408e-953d-154fcc9f0124
server
cloudflare
vary
origin
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-s8lk2
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
8bb99fba7a5fac88-YYZ
ot_guard_logo.svg
cookie-cdn.cookiepro.com/logos/static/ 		497 B
468 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/logos/static/ot_guard_logo.svg
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202407.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 31 Aug 2024 02:34:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status
unlocked
last-modified
Thu, 22 Aug 2024 07:43:12 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
78083796-501e-0063-0222-f5b647000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
8bb99fba1ec6ac31-YYZ
expires
Sun, 01 Sep 2024 02:34:51 GMT
cookiepro_logo.png
cookie-cdn.cookiepro.com/logos/static/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookie-cdn.cookiepro.com/logos/static/cookiepro_logo.png
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7a4433b13c8343bcdd960799292dbf550667e323682ed710f44b7a81cdbce09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 31 Aug 2024 02:34:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
content-md5
IipuN9Einq/0wIZw6VIt/g==
age
16868
cf-polished
origSize=36419
content-length
33302
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Thu, 22 Aug 2024 07:43:13 GMT
server
cloudflare
etag
0x8DCC27E14109FE1
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
a4aca7e1-f01e-0055-5add-f43b37000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bb99fba4c7dac28-YYZ
expires
Sun, 01 Sep 2024 02:34:51 GMT
poweredBy_cp_logo.svg
cookie-cdn.cookiepro.com/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookie-cdn.cookiepro.com/logos/static/poweredBy_cp_logo.svg
Requested by
Host: hr.all-for-one.com
URL: https://hr.all-for-one.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 31 Aug 2024 02:34:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
uInNdQwuuw8s7lYl3cE7eQ==
age
36022
x-ms-lease-status
unlocked
last-modified
Thu, 22 Aug 2024 07:43:12 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
fbfaa515-d01e-006d-42a8-f49ff7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
8bb99fba5c92ac28-YYZ
expires
Sun, 01 Sep 2024 02:34:51 GMT
favicon.ico
hr.all-for-one.com/layout/favicon/ 		15 KB
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hr.all-for-one.com/layout/favicon/favicon.ico?r=331949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-98.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb9d8ad512789ff79443716ecbacb8fd49fc3f66e03afe80240b03034ab4fc5d
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hr.all-for-one.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:10:09 GMT
via
1.1 6ca3dc9afd6f12cee41f6246e0c4aa8e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
PFJ0APY5NM37DF8P
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256
age
5085
x-cache
Hit from cloudfront
content-length
15086
x-amz-id-2
TqD0CpRm0sOsOZjkpjUREd8bbaMIZILZePblBHMPsZaJe12mXZ63jTYFk2O/RYzi8rBe4hTt020=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Aug 2024 08:13:44 GMT
server
AmazonS3
etag
"3fd6ca7ef421dd1ff5e0754190e492d0"
content-type
image/ico
cache-control
max-age=2592000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
x-amz-cf-id
okEhey-TX8TQyJpNGnGlzFRYKetRfbEn6M4VplL1T4_WXcCPiNKnyw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.youtube-nocookie.com
URL
https://www.youtube-nocookie.com/embed/xyHbXPiN2cM?showinfo=0&modestbranding=1&rel=0&hl=en&autoplay=0&playsinline=1&controls=1&enablejsapi=1
Domain
www.youtube-nocookie.com
URL
https://www.youtube-nocookie.com/embed/1VWiV3nXafA?showinfo=0&modestbranding=1&rel=0&hl=en&autoplay=0&playsinline=1&controls=1&enablejsapi=1
Domain
www.youtube-nocookie.com
URL
https://www.youtube-nocookie.com/embed/t3FKM__2gXU?showinfo=0&modestbranding=1&rel=0&hl=en&autoplay=0&playsinline=1&controls=1&enablejsapi=1
Domain
www.youtube-nocookie.com
URL
https://www.youtube-nocookie.com/embed/xyHbXPiN2cM?showinfo=0&modestbranding=1&rel=0&hl=en&autoplay=0&playsinline=1&controls=1&enablejsapi=1
Domain
www.youtube-nocookie.com
URL
https://www.youtube-nocookie.com/embed/1VWiV3nXafA?showinfo=0&modestbranding=1&rel=0&hl=en&autoplay=0&playsinline=1&controls=1&enablejsapi=1
Domain
www.youtube-nocookie.com
URL
https://www.youtube-nocookie.com/embed/t3FKM__2gXU?showinfo=0&modestbranding=1&rel=0&hl=en&autoplay=0&playsinline=1&controls=1&enablejsapi=1

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| CONTEXT object| _window$CONTEXT string| _html$getAttribute object| Hyphenopoly function| b52_sendMediaEvent function| OptanonWrapper string| MTUserId object| MTFontIds function| $ function| jQuery function| Mark function| clearImmediate function| setImmediate object| __B52__SESSION_MANAGER object| dataLayer object| otStubData object| hubspot object| HubSpotForms object| hbspt object| hsFormsOnReady object| Optanon object| OneTrust function| gtag string| OnetrustActiveGroups string| OptanonActiveGroups object| _hsq

6 Cookies

Domain/Path Name / Value
.all-for-one.com/ Name: b52-site-meta-info
Value: %7B%22home%22%3A%22https%3A%2F%2Fhr.all-for-one.com%2Fde%2F%22%2C%22name%22%3A%22https%3A%2F%2Fhr.all-for-one.com%22%7D
.fonts.net/ Name: __cf_bm
Value: z3ls5CukV2sxxq52HJEekFNk_UpO9FJmbNiHmo9VdlA-1725071691-1.0.1.1-6aesX.rhXItUhGDysKGYD8iHZs7K38ApxhuBsgrmlR997i9r2sDvjfbhej9eU.F8d8bTOqewRzw.NPKtyqahbA
.hsforms.net/ Name: __cf_bm
Value: xYBztRtzf83L0cdprVhWgL4lxQ1dzT5ivuhg_UpqM30-1725071691-1.0.1.1-RaVjWhEij7LPTBFhlxrP2HEFiLk64zJZQ7U.cYsAtN_Y6HxCYCWcOzJcSesalpzsPPgZVozO1mz8Q1oocEx0YA
.all-for-one.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Fri+Aug+30+2024+19%3A34%3A51+GMT-0700+(Pacific+Daylight+Time)&version=202407.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=c84e0d72-d5dd-4b48-8aac-62ad2bc56b93&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fhr.all-for-one.com%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.hsforms.com/ Name: __cf_bm
Value: TxKOmyvjr9ht6uXYmENsWSu3cZMIjoodwVg9i.ctmM8-1725071691-1.0.1.1-O8XgnGF5ekFv8AcUOrghXe8_xGVuHHUk8SQrzXt9Tp5rFWCP0pL_osmeBkuYENPemGRFZO0A5_TKszLnI98TTQ
.hsforms.com/ Name: _cfuvid
Value: LnniSd88ozbHtnp.h7LQOfNBxz2cDLP4AwLWx950Zhc-1725071691953-0.0.1.1-604800000

1 Console Messages

Source Level URL
Text
other warning URL: https://hr.all-for-one.com/(Line 729)
Message:
Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.all-for-one.com *.e-spirit.hosting *.blue-zone.io *.all-for-one-test.monday.com *.all-for-one.monday.com embedder.app; frame-ancestors 'self' https://*.e-spirit.hosting https://all-for-one-test.monday.com https://all-for-one.monday.com https://embedder.app; media-src 'self' https://cdn.blue-zone.io https://media.blue-zone.io https://cdn.all-for-one.com https://media.all-for-one.com https://open.spotify.com https://itunes.apple.com https://allforonegroup.podcaster.de https://www.brn-ag.de; img-src 'self' data: https:; font-src *; frame-src *; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.all-for-one.com
cookie-cdn.cookiepro.com
fast.fonts.net
forms-na1.hsforms.com
forms.hsforms.com
geolocation.onetrust.com
hr.all-for-one.com
js.hsforms.net
kwp-inside-hr.com
www.youtube-nocookie.com
www.youtube-nocookie.com
18.238.49.98
2606:4700:4400::6812:2089
2606:4700:4400::6812:245a
2606:4700::6810:281c
2606:4700::6812:50cc
2606:4700::6812:8e77
2606:4700::6813:afbc
2607:f8b0:4006:80d::200e
51.116.114.43
52.157.81.43
0fa7428582c52a58227cdb17b3b6c91b583b123e0d9abd1136db99d2a2d1ea92
13e9c0d07bc2464b8f2dbb2b723b2a6e7e6a769491e3c68dca766b61e3cb972b
27d99626b18480e702937bd50b946449c4477948a0d89bfe90bcfa590196a1b7
28954299124d1a9377b2414d5ed0103c668c93c0fca7c2939c9977ba3d764a01
3620c140f813bf61bcb263c422ab0071420e3b5a26e09b85c7992f9ceef989f2
46f7fe8d25b776410e6b757ea592e19546e5682acc87ffa78566ccba51dc3edd
4b59530ebc386192d998fca954c26a32485283cd4f92da5a124f23bd35d3f57f
50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8
51c8dc48fb49d5df075bf32d6655815cce9440a80bef0458f72a5bb85fa96d4f
60b1f8a915c76a7972a6dad3cf23d5137027fe6468e1da123c33b80a57688b07
64aff3262c56fa48ad38b8d9d4d674a6ee3759d1ce4cb52c66865e3fc2c16d2f
66707b7434e14fc523f2fc692e4a190958a02598dd3d9c45ec0f65f90091727b
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
84f75130597e9fba045653f364091f28720c8410a0c61d14e9a803c2a1b1e2b9
8d82fdec068f0bd1fe440dde488733831ed77870bc2b897ee57ae464583ae58b
8d9287c036a8bd0759d32d69b335c7c3e974fc56a5cc01a25a64f82049ac7464
8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447
8f0df435bfdc31c4ae406019c9d872754028b5ecb2125dc9322890f42af1a308
92ef19c909115b5fb026e7940bf97523a2659396c479cd6273f182812d66ac28
9ccc67aa9589ba0ba7f03b424b996e232198df2ce1348ea5f6c6d7ce005eb9a5
a95913e2e92269f23d2c81d2c7e34ffd05f32c50a8ee76ba85d689bb55eb5a78
b1f29f1ee018003dea43916356e15689869b5ebba06ffe2b3e6bd543fdc0ecd0
bbcf3086d91a55dcadab44633685e141ea3fc9561b1e7cb2087fc952cd2f49bb
c45a5b62aef041ad3a0226f55f98582ab76f1a2e676121dde4efbf37fe542ae4
cccd0168b8045f702a0466d1371fd19ba19f669fb3b8c387d34691e7acfa9838
d4c0be20292c7671f1142e4ef994fbbb794b2453b35d7b7975a03a67aef983a9
d540a38d55ef87b7b95a728abef825e2f4d19cac9d0a681f919ec7bd0fa8204f
d6d1f34c615ca990bb5424f4759ae85a22c2bb53d4ad4df8c2d499d9feebbf1e
e345066e3bc53397cf5a54d20dc79475981e9e35970c435d9ec6e6ba5933d492
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5bde2f2e1385f2f964324b8f62ef358ea9a533f18dc7aa42a6d53fc85295ab7
eb9d8ad512789ff79443716ecbacb8fd49fc3f66e03afe80240b03034ab4fc5d
f7a4433b13c8343bcdd960799292dbf550667e323682ed710f44b7a81cdbce09
fd13cd20ff525b2385438959354509dab540bbf8e387c99dc5bd75e58479cb11