nfcucareers.ttcportals.com Open in urlscan Pro
104.18.30.54 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nfcucareers.ttcportals.com/
Effective URL:
https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
Submission: On July 14 via manual (July 14th 2022, 9:31:17 am UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 60 HTTP transactions. The main IP is 104.18.30.54, located in and belongs to CLOUDFLARENET, US. The main domain is nfcucareers.ttcportals.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 6th 2022. Valid for: a year.

This is the only time nfcucareers.ttcportals.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Navy Federal Credit Union (Government)

Domain & IP information

	IP Address	AS Autonomous System
2 18	104.18.30.54 104.18.30.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.66.121.35 18.66.121.35	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.18.31.54 104.18.31.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	198.145.13.13 198.145.13.13	2044 (DF-PTL01) (DF-PTL01)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.43.14 13.107.43.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
60	16

18 104.18.30.54 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

nfcucareers.ttcportals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.talemetry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.121.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-121-35.fra60.r.cloudfront.net

dhbhdrzi4tiry.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.31.54 (None, )

ASN13335 (CLOUDFLARENET, US)

apply.app.jobvite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.145.13.13 (Sherwood, United States)

ASN2044 (DF-PTL01, US)
PTR: getclicky.com

sitestats.ttcportals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	ttcportals.com 2 redirects nfcucareers.ttcportals.com sitestats.ttcportals.com — Cisco Umbrella Rank: 144044	394 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com maps.gstatic.com	586 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81 maps.googleapis.com — Cisco Umbrella Rank: 361	226 KB
6	google.com www.google.com — Cisco Umbrella Rank: 17	76 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 485 www.linkedin.com — Cisco Umbrella Rank: 534 px4.ads.linkedin.com — Cisco Umbrella Rank: 5743	3 KB
3	jobvite.com apply.app.jobvite.com — Cisco Umbrella Rank: 138406	21 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 819	78 KB
2	cloudfront.net dhbhdrzi4tiry.cloudfront.net	279 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 305	720 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 477	14 KB
1	talemetry.com connect.talemetry.com — Cisco Umbrella Rank: 299163	349 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 914	3 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 695	29 KB
60	13

	Domain	Requested by
17	nfcucareers.ttcportals.com	2 redirects nfcucareers.ttcportals.com
8	www.gstatic.com	www.google.com www.gstatic.com
7	fonts.gstatic.com	fonts.googleapis.com
6	maps.googleapis.com	nfcucareers.ttcportals.com maps.googleapis.com
6	www.google.com	nfcucareers.ttcportals.com www.gstatic.com www.google.com
3	apply.app.jobvite.com	nfcucareers.ttcportals.com
2	maps.gstatic.com	nfcucareers.ttcportals.com
2	px.ads.linkedin.com	2 redirects
2	sitestats.ttcportals.com	nfcucareers.ttcportals.com sitestats.ttcportals.com
2	maxcdn.bootstrapcdn.com	nfcucareers.ttcportals.com maxcdn.bootstrapcdn.com
2	dhbhdrzi4tiry.cloudfront.net	nfcucareers.ttcportals.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	nfcucareers.ttcportals.com
1	px4.ads.linkedin.com	nfcucareers.ttcportals.com
1	www.linkedin.com	1 redirects
1	connect.talemetry.com	nfcucareers.ttcportals.com
1	snap.licdn.com	nfcucareers.ttcportals.com
1	fonts.googleapis.com	nfcucareers.ttcportals.com
1	code.jquery.com	nfcucareers.ttcportals.com
60	19

This site contains links to these domains. Also see Links.

Domain
www.navyfederal.org
careers.navyfederal.org
navyfederal.org

Subject Issuer	Validity	Valid
ttcportals.com Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
apply.app.jobvite.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
win.staticstuff.net Sectigo RSA Domain Validation Secure Server CA	`2022-03-02` - `2022-11-04`	8 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
talemetry.com Cloudflare Inc ECC CA-3	`2022-05-25` - `2023-05-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
Frame ID: 4FA112E99068AFF9137C0EAFB27C0DFE
Requests: 45 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lck9joUAAAAAHfOQOrCAFdnNJAaolU5WkHOlQ6s&co=aHR0cHM6Ly9uZmN1Y2FyZWVycy50dGNwb3J0YWxzLmNvbTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=e9jg29rtqv9b
Frame ID: B4CCB9285170C204A37889ED418633DA
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lck9joUAAAAAHfOQOrCAFdnNJAaolU5WkHOlQ6s
Frame ID: 064D96D7DEB17572EFE84C4A1FE4F0D2
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jobs Search - NFCU Careers

Page URL History Show full URLs

http://nfcucareers.ttcportals.com/ HTTP 301
https://nfcucareers.ttcportals.com/ HTTP 301
https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

60
Requests

98 %
HTTPS

59 %
IPv6

13
Domains

19
Subdomains

16
IPs

4
Countries

2053 kB
Transfer

4329 kB
Size

19
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.navyfederal.org/

Search URL Search Domain Scan URL

URL: https://www.navyfederal.org/about/careers.php
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.navyfederal.org/about/careers/benefits.php
Title: Benefits

Search URL Search Domain Scan URL

URL: https://www.navyfederal.org/about/careers/working-at-navy-federal.php
Title: Working at Navy Federal

Search URL Search Domain Scan URL

URL: https://www.navyfederal.org/about/careers/teams-and-roles.php
Title: Teams & Roles

Search URL Search Domain Scan URL

URL: https://careers.navyfederal.org/psc/hrext/NFCU_APPLICANT_DATA3/HRMS/c/HRS_HRAM_FL.HRS_CG_SEARCH_FL.GBL?FOCUS=Applicant
Title: Check Your Status

Search URL Search Domain Scan URL

URL: https://www.navyfederal.org/vendors/vendorMain.php?var1=NCUA
Title: Federally Insured by NCUA

Search URL Search Domain Scan URL

URL: https://www.navyfederal.org/pdf/ebrochures/3035_EHL_Poster.pdf
Title: Equal Housing Lender

Search URL Search Domain Scan URL

URL: https://www.navyfederal.org/online-disclosure.php
Title: Web Policy

Search URL Search Domain Scan URL

URL: https://navyfederal.org/privacy/online.php
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.navyfederal.org/privacy/workplace.php
Title: Employee Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.navyfederal.org/browser-requirements.php
Title: Browser Support

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nfcucareers.ttcportals.com/ HTTP 301
https://nfcucareers.ttcportals.com/ HTTP 301
https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=492628&time=1657791071692&url=https%3A%2F%2Fnfcucareers.ttcportals.com%2Fjobs%2Fsearch%3Fns_content%3Dall_jobs HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D492628%26time%3D1657791071692%26url%3Dhttps%253A%252F%252Fnfcucareers.ttcportals.com%252Fjobs%252Fsearch%253Fns_content%253Dall_jobs%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=492628&time=1657791071692&url=https%3A%2F%2Fnfcucareers.ttcportals.com%2Fjobs%2Fsearch%3Fns_content%3Dall_jobs&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=492628&time=1657791071692&url=https%3A%2F%2Fnfcucareers.ttcportals.com%2Fjobs%2Fsearch%3Fns_content%3Dall_jobs&liSync=true&e_ipv6=AQK0ZueFP6vMMgAAAYH8DEhxpjGJA9iQBV8rTnq1zRyGFwjYvL62ulMA4yWrxJUo1NUQ2Vg

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request search Show response
nfcucareers.ttcportals.com/jobs/
Redirect Chain

http://nfcucareers.ttcportals.com/
https://nfcucareers.ttcportals.com/
https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs

96 KB
21 KB

1293ms
1292ms

Document
text/html

104.18.30.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.30.54 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffee6c75e2ef6251434dd4264b3cb7fa1b7904cb9a4e6403e1909dcdc8e94be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 72a93e683c0a8fe6-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 14 Jul 2022 09:31:10 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 07f86260-c219-4b49-8e1d-5bc662fd71fc
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 72a93e652f308fe6-FRA
content-type: text/html; charset=utf-8
date: Thu, 14 Jul 2022 09:31:09 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 51cb8a0e-ac5f-48dc-a0e5-139885b5d8b3
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK foundation.min.css
dhbhdrzi4tiry.cloudfront.net/cdn/sites/ 49 KB
49 KB 131ms
44ms Stylesheet
text/css 18.66.121.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dhbhdrzi4tiry.cloudfront.net/cdn/sites/foundation.min.css
Requested by: Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.121.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-121-35.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08e7d98e767f185bdbdc70bc962d784292f1ba7a6d9230d2cd9a7a841112fa19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 03:12:00 GMT
Via: 1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
Last-Modified: Thu, 19 Nov 2015 20:04:31 GMT
Server: AmazonS3
Age: 22751
ETag: "08f0ca148c519d8f574f3851cb745c5d"
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P2
Accept-Ranges: bytes
Content-Length: 49709
X-Amz-Cf-Id: LsDBlTxBCm3VTg2fQzcw8_zuDC1Z_n-CvCpM-75TV8vWB1jQ9hZadw==

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ 28 KB
7 KB 128ms
50ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

Requested by

Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 11717873
cdn-cachedat: 2021-06-08 21:31:13
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: c8845753cab1a73d54275746c2671fc0
cf-ray: 72a93e70ea3d9b69-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 vendors.2c278b9d310d7979f95a.js Show response
nfcucareers.ttcportals.com/pack/talemetry_careersites/ 670 KB
207 KB 50ms
47ms Script
application/javascript 104.18.30.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nfcucareers.ttcportals.com/pack/talemetry_careersites/vendors.2c278b9d310d7979f95a.js
Requested by: Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7038454a7695e1116932a2b589da0e369773f5432c97c828fa21722cc2f53f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Jun 2022 22:42:31 GMT
server: cloudflare
age: 3750
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 72a93e7078b38fe6-FRA
content-length: 211188
expires: Thu, 14 Jul 2022 13:31:10 GMT

GET
H2 200 runtime~index.43a43581ca4e10dc6e72.js Show response
nfcucareers.ttcportals.com/pack/talemetry_careersites/ 1 KB
797 B 87ms
85ms Script
application/javascript 104.18.30.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nfcucareers.ttcportals.com/pack/talemetry_careersites/runtime~index.43a43581ca4e10dc6e72.js
Requested by: Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c19104d0d950baa7649e3909b0ace0c8cf11abb286b35cf336926f70eff5005

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Jun 2022 22:42:31 GMT
server: cloudflare
age: 3750
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 72a93e7078b58fe6-FRA
content-length: 734
expires: Thu, 14 Jul 2022 13:31:10 GMT

GET
H2 200 index.7300a96b65d99681c517.js Show response
nfcucareers.ttcportals.com/pack/talemetry_careersites/ 48 KB
12 KB 86ms
85ms Script
application/javascript 104.18.30.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nfcucareers.ttcportals.com/pack/talemetry_careersites/index.7300a96b65d99681c517.js
Requested by: Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 419008c0cbc9347bef8128241885e26421e65ce007f27b0dc55efcaae4dcf4a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Jun 2022 22:42:31 GMT
server: cloudflare
age: 3750
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 72a93e7078b68fe6-FRA
content-length: 11819
expires: Thu, 14 Jul 2022 13:31:10 GMT

GET
H2 200 apply.js Show response
apply.app.jobvite.com/assets/app/ 30 KB
9 KB 187ms
72ms Script
application/javascript 104.18.31.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apply.app.jobvite.com/assets/app/apply.js

Requested by

Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.54 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fc1beff59dbaf7a22ee92a7480830488ffaf2bd7f8a1a579e5e0a93b4fb341e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 28 Jun 2022 22:27:44 GMT
server: cloudflare
age: 3268
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
cf-ray: 72a93e762b9ebbaf-FRA
content-length: 9379
expires: Thu, 14 Jul 2022 13:31:11 GMT

GET
H2 200 manifest-5c74d3440ddd6b56bd97086d330260ffd24c5700d669021350315eaaa1595e6d.css
nfcucareers.ttcportals.com/assets/site/v3/ 40 KB
7 KB 47ms
46ms Stylesheet
text/css 104.18.30.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nfcucareers.ttcportals.com/assets/site/v3/manifest-5c74d3440ddd6b56bd97086d330260ffd24c5700d669021350315eaaa1595e6d.css
Requested by: Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c74d3440ddd6b56bd97086d330260ffd24c5700d669021350315eaaa1595e6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Jun 2022 22:28:51 GMT
server: cloudflare
age: 3749
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 72a93e70f98a8fe6-FRA
content-length: 6859
expires: Thu, 14 Jul 2022 13:31:10 GMT

GET
H2 200 theme.css
nfcucareers.ttcportals.com/stylesheets/ 20 KB
5 KB 547ms
546ms Stylesheet
text/css 104.18.30.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nfcucareers.ttcportals.com/stylesheets/theme.css

Requested by

Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.30.54 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a4b1763eca26b0006312c8c109961b5ad1264f0b904bfda24ddcf3ea1908bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 7d5a03b0-b212-47e6-8785-46d784c197ee
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3a4b1763eca26b0006312c8c109961b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
content-type: text/css; charset=utf-8
cache-control: no-cache, no-store
cf-ray: 72a93e70f98b8fe6-FRA
expires: 0

GET
H2 200 manifest-d600848d960e1eb8c0acea7ee6c11d8028e4ea2a2846b16d23e4340b6709d3e5.js Show response
nfcucareers.ttcportals.com/assets/site/v3/ 318 KB
104 KB 58ms
57ms Script
application/javascript 104.18.30.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nfcucareers.ttcportals.com/assets/site/v3/manifest-d600848d960e1eb8c0acea7ee6c11d8028e4ea2a2846b16d23e4340b6709d3e5.js
Requested by: Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d600848d960e1eb8c0acea7ee6c11d8028e4ea2a2846b16d23e4340b6709d3e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Jun 2022 22:28:51 GMT
server: cloudflare
age: 3749
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 72a93e70f98c8fe6-FRA
content-length: 105870
expires: Thu, 14 Jul 2022 13:31:10 GMT

GET
H2 200 theme.js Show response
nfcucareers.ttcportals.com/javascripts/ 5 KB
2 KB 433ms
432ms Script
text/javascript 104.18.30.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nfcucareers.ttcportals.com/javascripts/theme.js

Requested by

Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.30.54 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5878201badc9b39a3d01a605a6677320b1dc2b64e71b0ff0cfc5d181ee45dc68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: fe28c358-8003-4ebf-9566-8fb942c102a4
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"5878201badc9b39a3d01a605a6677320"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store
cf-ray: 72a93e70f98d8fe6-FRA
expires: 0

GET
H2 200 talemetry.jobsearch.1.2.js Show response
nfcucareers.ttcportals.com/system/production/assets/99420/original/ 13 KB
3 KB 57ms
56ms Script
application/javascript 104.18.30.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nfcucareers.ttcportals.com/system/production/assets/99420/original/talemetry.jobsearch.1.2.js?s=e39a802368deab06
Requested by: Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c348a504a60bbc4b15dbf6539e2cf16b747155bc80673032be662165a392e5fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Dec 2017 17:11:59 GMT
server: cloudflare
age: 3750
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 72a93e70f98e8fe6-FRA
expires: Thu, 14 Jul 2022 13:31:10 GMT

GET
H2 200 navy-federal-credit-union-logo-veterans.svg
nfcucareers.ttcportals.com/system/production/assets/201915/original/ 14 KB
4 KB 524ms
522ms Image
image/svg+xml 104.18.30.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nfcucareers.ttcportals.com/system/production/assets/201915/original/navy-federal-credit-union-logo-veterans.svg
Requested by: Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e61885795bef0424ce14da1e390294ffc83412698083f65bc2969ed6181c5b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:12 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 20 Dec 2019 08:29:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 72a93e7578e38fe6-FRA
expires: Thu, 14 Jul 2022 13:31:11 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
965 B 130ms
47ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bb619ed51448a1da3305a765bd0f03477bca62295de9603b7c4f707f86b48101

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 552
x-xss-protection: 1; mode=block
expires: Thu, 14 Jul 2022 09:31:11 GMT

GET
H2 200 footer-logo.png
nfcucareers.ttcportals.com/system/production/assets/204211/original/ 16 KB
16 KB 461ms
460ms Image
image/png 104.18.30.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nfcucareers.ttcportals.com/system/production/assets/204211/original/footer-logo.png
Requested by: Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b290dfdb498eedc047336ab3cc5052e118a1c9ada6b9450dc26a4a157bee3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:12 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Jan 2020 07:49:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 72a93e7578e68fe6-FRA
content-length: 16084
expires: Thu, 14 Jul 2022 13:31:12 GMT

GET
H2 200 img_ncua_footer.png
nfcucareers.ttcportals.com/system/production/assets/41626/original/ 1 KB
2 KB 408ms
407ms Image
image/png 104.18.30.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nfcucareers.ttcportals.com/system/production/assets/41626/original/img_ncua_footer.png
Requested by: Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ff9b28588dada8fe32dc2be43191e383e427b86ac2d74e7623fc55dfe2127a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:11 GMT
cf-cache-status: MISS
last-modified: Tue, 12 May 2015 18:51:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 72a93e7578e98fe6-FRA
content-length: 1462
expires: Thu, 14 Jul 2022 13:31:11 GMT

GET
H2 200 100864469.js Show response
sitestats.ttcportals.com/ 15 KB
5 KB 549ms
173ms Script
text/javascript 198.145.13.13
DF-PTL01

General

Check archive.org

Show headers Download Go to

Full URL: https://sitestats.ttcportals.com/100864469.js
Requested by: Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.145.13.13 Sherwood, United States, ASN2044 (DF-PTL01, US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: 7d355289542a33f4e6bf843c88980fe9e97bae24a58d6272a99d83dc98e9477d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:11 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 21 Jul 2022 09:31:11 GMT
cache-control: max-age=604800
x-proxy-cache: EXPIRED

GET
H2 200 direct_apply.js Show response
apply.app.jobvite.com/assets/ 38 KB
11 KB 214ms
76ms Script
application/javascript 104.18.31.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apply.app.jobvite.com/assets/direct_apply.js?verison=2.4

Requested by

Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.54 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd17ab6fbf578f14f0139fb0e07742183aa03197ed7fd3eeb4e7003a03f28dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 28 Jun 2022 22:38:15 GMT
server: cloudflare
age: 3268
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
cf-ray: 72a93e762b9bbbaf-FRA
content-length: 11385
expires: Thu, 14 Jul 2022 13:31:11 GMT

GET
H2 200 jquery-2.1.4.min.js Show response
code.jquery.com/ 82 KB
29 KB 263ms
164ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.1.4.min.js
Requested by: Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:11 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14979"
vary: Accept-Encoding
x-hw: 1657791071.dop225.fr8.t,1657791071.cds098.fr8.hn,1657791071.cds244.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29519

GET
H/1.1 200
OK foundation.js Show response
dhbhdrzi4tiry.cloudfront.net/cdn/sites/ 230 KB
230 KB 42ms
40ms Script
application/x-javascript 18.66.121.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dhbhdrzi4tiry.cloudfront.net/cdn/sites/foundation.js
Requested by: Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.121.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-121-35.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95584f79f7f9453c4e27a91c0d0100d02589f68478bd5d8369d06adb096a2a84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 05:31:57 GMT
Via: 1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
Last-Modified: Thu, 19 Nov 2015 20:04:29 GMT
Server: AmazonS3
Age: 14447
ETag: "e8edd9bfac79d3935ea72f7e9ffd1961"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P2
Accept-Ranges: bytes
Content-Length: 235230
X-Amz-Cf-Id: riLqR6EBSM7NN5pa_cgR4JRjaxWqyU74mGBl-5wB4uaduCgLuF-DVA==

GET
H2 200 theme-extension.js Show response
nfcucareers.ttcportals.com/system/production/assets/113624/original/ 6 KB
2 KB 58ms
56ms Script
application/javascript 104.18.30.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nfcucareers.ttcportals.com/system/production/assets/113624/original/theme-extension.js?s=e39a802368deab06
Requested by: Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 785ce7736d430089f7297ca1a4c07b253dfd049a08e4f8cf2c0bb1c4f8a79a8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 May 2018 20:46:31 GMT
server: cloudflare
age: 3749
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 72a93e7578df8fe6-FRA
expires: Thu, 14 Jul 2022 13:31:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 21 KB
2 KB 136ms
47ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:300|Source+Sans+Pro:300,300i,400,400i,600,600i,700,700i&display=swap

Requested by

Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/stylesheets/theme.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dda1e23577758d91734fe21258a8417adacd3397d423410591ad342918f420c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 09:31:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 14 Jul 2022 09:31:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jul 2022 09:31:11 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 116ms
37ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 09:31:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=72096
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 img_home_breadcrumb.gif
nfcucareers.ttcportals.com/system/production/assets/42214/original/ 1 KB
1 KB 1038ms
1036ms Image
image/gif 104.18.30.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nfcucareers.ttcportals.com/system/production/assets/42214/original/img_home_breadcrumb.gif
Requested by: Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/stylesheets/theme.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 774e970c30f6a2eba368f3e98fbece9606c3997c0ef2587147580b63770bf664

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/stylesheets/theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:12 GMT
cf-cache-status: MISS
last-modified: Tue, 26 May 2015 15:14:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 72a93e7578ec8fe6-FRA
content-length: 1203
expires: Thu, 14 Jul 2022 13:31:12 GMT

GET
H2 200 37595-circles-hero-2.jpg
connect.talemetry.com/system/production/assets/204217/original/ 348 KB
349 KB 175ms
51ms Image
image/jpeg 104.18.30.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect.talemetry.com/system/production/assets/204217/original/37595-circles-hero-2.jpg
Requested by: Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/stylesheets/theme.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.30.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af2dc6eecc4fd5c12f88f3bc1c29e161d0e3bcaf2a3d8fe45305e06f66534f49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:11 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Jan 2020 17:21:31 GMT
server: cloudflare
age: 4628
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
cf-bgj: h2pri
accept-ranges: bytes
cf-ray: 72a93e763daa90bb-FRA
content-length: 356380
expires: Thu, 14 Jul 2022 13:31:11 GMT

GET
H2 200 list-bullet-orange.svg
nfcucareers.ttcportals.com/system/production/assets/209238/original/ 192 B
262 B 407ms
406ms Image
image/svg+xml 104.18.30.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nfcucareers.ttcportals.com/system/production/assets/209238/original/list-bullet-orange.svg
Requested by: Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/stylesheets/theme.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 397a3e42eaed04fd0ca36dd40bb087b7ee5a44cc0e6b3479445702af21aedbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/stylesheets/theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:11 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 27 Feb 2020 22:43:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 72a93e7578ee8fe6-FRA
expires: Thu, 14 Jul 2022 13:31:11 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 167ms
83ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:300|Source+Sans+Pro:300,300i,400,400i,600,600i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nfcucareers.ttcportals.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 175529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jul 2023 08:45:42 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 131ms
47ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:300|Source+Sans+Pro:300,300i,400,400i,600,600i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nfcucareers.ttcportals.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 50689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 19:26:22 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 122ms
38ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:300|Source+Sans+Pro:300,300i,400,400i,600,600i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nfcucareers.ttcportals.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 50689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 19:26:22 GMT

GET
H2 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 12 KB
12 KB 158ms
74ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:300|Source+Sans+Pro:300,300i,400,400i,600,600i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nfcucareers.ttcportals.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 20:15:44 GMT
x-content-type-options: nosniff
age: 47727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12580
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:19:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 20:15:44 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 366 KB
145 KB 119ms
37ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nfcucareers.ttcportals.com/
Origin: https://nfcucareers.ttcportals.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 09:03:54 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/ 70 KB
71 KB 95ms
56ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Origin: https://nfcucareers.ttcportals.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 755
age: 4629
cdn-proxyver: 1.02
cdn-cachedat: 03/16/2022 19:53:26
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71896
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e3976a6125324eb4e9f3cc9a4b6d59d4
accept-ranges: bytes
cf-ray: 72a93e75fdfa9c00-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=492628&time=1657791071692&url=https%3A%2F%2Fnfcucareers.ttcportals.com%2Fjobs%2Fsearch%3Fns_content%3Dall_jobs
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D492628%26time%3D1657791071692%26url%3Dhttps%253A%252F%252Fnfcucareers.ttcportals....
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=492628&time=1657791071692&url=https%3A%2F%2Fnfcucareers.ttcportals.com%2Fjobs%2Fsearch%3Fns_content%3Dall_jobs&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=492628&time=1657791071692&url=https%3A%2F%2Fnfcucareers.ttcportals.com%2Fjobs%2Fsearch%3Fns_content%3Dall_jobs&liSync=true&e_ipv6=AQK0ZueFP6vMMgA...

0
264 B

331ms
233ms

Image
application/javascript

13.107.43.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=492628&time=1657791071692&url=https%3A%2F%2Fnfcucareers.ttcportals.com%2Fjobs%2Fsearch%3Fns_content%3Dall_jobs&liSync=true&e_ipv6=AQK0ZueFP6vMMgAAAYH8DEhxpjGJA9iQBV8rTnq1zRyGFwjYvL62ulMA4yWrxJUo1NUQ2Vg
Requested by: Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
Protocol: H2
Server: 13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:12 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6B060475DE3544909D9A1A6E6E24565D Ref B: VIEEDGE3118 Ref C: 2022-07-14T09:31:12Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXjwI//3Lne643WJ3pnfg==
x-li-fabric: prod-lor1

Redirect headers

date: Thu, 14 Jul 2022 09:31:11 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 2CB7A2A4D0B3490596BB244E595C21B5 Ref B: FRAEDGE1306 Ref C: 2022-07-14T09:31:12Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=492628&time=1657791071692&url=https%3A%2F%2Fnfcucareers.ttcportals.com%2Fjobs%2Fsearch%3Fns_content%3Dall_jobs&liSync=true&e_ipv6=AQK0ZueFP6vMMgAAAYH8DEhxpjGJA9iQBV8rTnq1zRyGFwjYvL62ulMA4yWrxJUo1NUQ2Vg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXjwI/6zAkM6UXGo/5vDg==

GET
H2 200 direct_apply_strategy_version Show response
apply.app.jobvite.com/navyfederal/workflow/2352/ 222 B
572 B 469ms
469ms Script
text/javascript 104.18.31.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apply.app.jobvite.com/navyfederal/workflow/2352/direct_apply_strategy_version?callback=jQuery17209872894871628066_1657791071569&format=json&_=1657791071994

Requested by

Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/assets/site/v3/manifest-d600848d960e1eb8c0acea7ee6c11d8028e4ea2a2846b16d23e4340b6709d3e5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.54 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c32e16801406e67f1d2ceb9f51cb90b3020403b26696baa160a0449027510ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 30fe1fea-d671-4884-afdb-6be9c40f4fe1
x-runtime: 0.027904
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1c32e16801406e67f1d2ceb9f51cb90b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-download-options: noopen
content-type: text/javascript; charset=utf-8
pragma: no-cache
cache-control: no-cache, no-store
cf-ray: 72a93e781ea3bbaf-FRA
expires: 0

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 167 KB
55 KB 176ms
69ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?libraries=places&v=3.23&channel=&key=AIzaSyCE2-CmcVIZAQ_CtE_PD1WDoPDWw8V45Mw&sensor=false&callback=csns.maps.script.map_loaded_callback

Requested by

Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/assets/site/v3/manifest-d600848d960e1eb8c0acea7ee6c11d8028e4ea2a2846b16d23e4340b6709d3e5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

f1e558086901b780f131d3a27cdea2b7a8f27993a27c166e27508eeea7709638

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:12 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=22
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55967
x-xss-protection: 0
expires: Thu, 14 Jul 2022 10:01:12 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame B4CC 43 KB
22 KB 138ms
60ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lck9joUAAAAAHfOQOrCAFdnNJAaolU5WkHOlQ6s&co=aHR0cHM6Ly9uZmN1Y2FyZWVycy50dGNwb3J0YWxzLmNvbTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=e9jg29rtqv9b

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1e47b880de7de735a853cf17f323c8170b4be05d0efe698522fbc0beeb9f6561

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VUR6nCqZhWOW8Ld80nQqdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nfcucareers.ttcportals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22927
content-security-policy: script-src 'report-sample' 'nonce-VUR6nCqZhWOW8Ld80nQqdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 09:31:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 in.php Show response
sitestats.ttcportals.com/ 133 B
356 B 179ms
179ms Script
text/javascript 198.145.13.13
DF-PTL01

General

Check archive.org

Show headers Download Go to

Full URL: https://sitestats.ttcportals.com/in.php?site_id=100864469&type=pageview&href=%2Fjobs%2Fsearch%3Fns_content%3Dall_jobs&title=Jobs%20Search%20-%20NFCU%20Careers&res=1600x1200&lang=en-US&tz=Etc%2FUnknown&tc=&ck=1&mime=js&x=0.959322652727834
Requested by: Host: sitestats.ttcportals.com
URL: https://sitestats.ttcportals.com/100864469.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.145.13.13 Sherwood, United States, ASN2044 (DF-PTL01, US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: 2e5ee252edcf6f675dccd4589d07d8c39fdbc534b143f99fea2ee9562abfa54b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 127ms
49ms XHR
application/json 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://nfcucareers.ttcportals.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/49/9/intl/de_ALL/ 245 KB
67 KB 158ms
82ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/49/9/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&v=3.23&channel=&key=AIzaSyCE2-CmcVIZAQ_CtE_PD1WDoPDWw8V45Mw&sensor=false&callback=csns.maps.script.map_loaded_callback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb893541ce2c2ad9d3f10bf907da5ad098b226ef9d4738e5cb174064f1b10c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 18:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69024
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:59:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 18:17:52 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/49/9/intl/de_ALL/ 155 KB
57 KB 143ms
68ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/49/9/intl/de_ALL/util.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dab7c9fa5f067ea81be4c24efd6dc2f9d505b2f0f7b9977b602394ad52089c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 18:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58610
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:59:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 18:17:52 GMT

GET
H3 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/49/9/intl/de_ALL/ 90 KB
27 KB 113ms
38ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/49/9/intl/de_ALL/controls.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccbcfc2def1e2de8fdd1df89bfbee0be01acf6aa3961c4314cf213853f325ecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 18:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27510
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:59:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 18:17:52 GMT

GET
H3 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/49/9/intl/de_ALL/ 46 KB
17 KB 129ms
54ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/49/9/intl/de_ALL/places_impl.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54040840600e9cce337c2678b5db58a62f57d7b00a92281a5028fd0140d91ce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 18:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17644
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:59:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 18:17:52 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame B4CC 51 KB
24 KB 112ms
37ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lck9joUAAAAAHfOQOrCAFdnNJAaolU5WkHOlQ6s&co=aHR0cHM6Ly9uZmN1Y2FyZWVycy50dGNwb3J0YWxzLmNvbTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=e9jg29rtqv9b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 08:39:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 08:39:02 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame B4CC 366 KB
145 KB 130ms
55ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 09:03:54 GMT

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 155ms
46ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Requested by

Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:12 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1616
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Thu, 14 Jul 2022 09:31:12 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
4 KB 153ms
45ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Requested by

Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:12 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3351
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Thu, 14 Jul 2022 09:31:12 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame B4CC 102 B
132 B 46ms
45ms Other
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lck9joUAAAAAHfOQOrCAFdnNJAaolU5WkHOlQ6s&co=aHR0cHM6Ly9uZmN1Y2FyZWVycy50dGNwb3J0YWxzLmNvbTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=e9jg29rtqv9b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 1; mode=block
expires: Thu, 14 Jul 2022 09:31:12 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 064D 7 KB
1 KB 48ms
48ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lck9joUAAAAAHfOQOrCAFdnNJAaolU5WkHOlQ6s

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b2c633600d3fe205f173caffe7469c028c6e98651b5ed1f8b6ca154cabb9ce83

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e8vcYhn1xyldmwt-6Q1NOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nfcucareers.ttcportals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1110
content-security-policy: script-src 'report-sample' 'nonce-e8vcYhn1xyldmwt-6Q1NOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 09:31:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 064D 51 KB
24 KB 37ms
37ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lck9joUAAAAAHfOQOrCAFdnNJAaolU5WkHOlQ6s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 08:39:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 08:39:02 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 064D 366 KB
145 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lck9joUAAAAAHfOQOrCAFdnNJAaolU5WkHOlQ6s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 09:03:54 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 064D 38 KB
23 KB 75ms
75ms XHR
application/json 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Lck9joUAAAAAHfOQOrCAFdnNJAaolU5WkHOlQ6s

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8807b45ab7e188c9ed051ad8038905dff40d7ccb7a1af2c9f145429abca5b3b1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lck9joUAAAAAHfOQOrCAFdnNJAaolU5WkHOlQ6s
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 14 Jul 2022 09:31:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23315
x-xss-protection: 1; mode=block
expires: Thu, 14 Jul 2022 09:31:12 GMT

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 122ms
40ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: nfcucareers.ttcportals.com
URL: https://nfcucareers.ttcportals.com/jobs/search?ns_content=all_jobs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: W2S5A87EG1C89ADE
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: c9P6myFxLLD3IyZ4P2Q59GznMAh/LL0NtRLP/qzmj57pyyLc8LBRAjUQIZZNiJ5WMagYxPOHvUs=
x-served-by: cache-hhn4058-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1657791073.913170,VS0,VE0
date: Thu, 14 Jul 2022 09:31:12 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 15566

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 064D 600 B
624 B 37ms
37ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 09:45:36 GMT
x-content-type-options: nosniff
age: 85536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 20 Jul 2022 09:45:36 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 064D 530 B
554 B 38ms
37ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 21:24:07 GMT
x-content-type-options: nosniff
age: 216425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Mon, 18 Jul 2022 21:24:07 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 064D 665 B
689 B 39ms
38ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 18:58:22 GMT
x-content-type-options: nosniff
age: 52370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 20 Jul 2022 18:58:22 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 064D 15 KB
15 KB 115ms
37ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 145471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 12 Jul 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 064D 15 KB
15 KB 137ms
60ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 21:19:14 GMT
x-content-type-options: nosniff
age: 216718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 11 Jul 2023 21:19:14 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 064D 15 KB
15 KB 117ms
39ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 08:48:37 GMT
x-content-type-options: nosniff
age: 175355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jul 2023 08:48:37 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 064D 28 KB
28 KB 48ms
48ms Image
image/jpeg 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06ANYolqvMnJ1mLdfX3cAc5CXqMopemnxieGPQdJZUb0A8cgi5zhoJ59qZiuSIU6BtRC-tp6wC5OsGAjzJrJDnkwyAv_AF6yy6_UWIV9XrOJo6cEl0E-17sBH2C4G4TKRZhnzadMLMS0LjTA6IS9LMQDmg6p0YY2d117PRAY4Se8FH7Erh3gJFfXabl3Zza_K4WYUKRqh0vbAo6fwrlwi4DBa5svw6CZAqUQ&k=6Lck9joUAAAAAHfOQOrCAFdnNJAaolU5WkHOlQ6s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e237896d893654f6d308f30e7740c3594c541be005f1440272077f093f7128c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lck9joUAAAAAHfOQOrCAFdnNJAaolU5WkHOlQ6s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 09:31:12 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29057
x-xss-protection: 1; mode=block
expires: Thu, 14 Jul 2022 09:31:12 GMT

GET
H/1.1 200
OK 5911de361c Show response
bam.nr-data.net/1/ 49 B
720 B 275ms
189ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/5911de361c?a=3392915&v=1216.487a282&to=IlsLQktaXltTRhtARwNYDFVmRltDUxteX1ASGxZTWEdRXw%3D%3D&rst=4418&ck=1&ref=https://nfcucareers.ttcportals.com/jobs/search&ap=1042&be=2276&fe=4289&dc=3462&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1657791068523,%22n%22:0,%22f%22:937,%22dn%22:937,%22dne%22:937,%22c%22:937,%22ce%22:937,%22rq%22:938,%22rp%22:2230,%22rpe%22:2337,%22dl%22:2242,%22di%22:3459,%22ds%22:3463,%22de%22:3486,%22dc%22:4289,%22l%22:4289,%22le%22:4292%7D,%22navigation%22:%7B%7D%7D&fp=3102&fcp=3102&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfcucareers.ttcportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 09:31:13 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 72a93e7e8a319bf2-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Navy Federal Credit Union (Government)

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 08:49:03	Name: _GRECAPTCHA Value: 09ALiR6T-YqEnDlQlV66_uSz4XuOmD7utR0Ru0fPDYSO0OXAbDM6gPS2NVy8eEI-YNmxGfvkCON9BxX1Mg5AcUfos
nfcucareers.ttcportals.com/	1970-01-20 13:15:27	Name: tsid Value: x_312ef14e-bc6c-41a8-a2fc-5c97c4fb58c7
nfcucareers.ttcportals.com/	1970-01-20 04:31:17	Name: referral_source_id_recent Value: 0
nfcucareers.ttcportals.com/	1969-12-31 23:59:59	Name: tid Value: x_45dbf0e6-7938-429c-be2b-f7caff058d13
nfcucareers.ttcportals.com/	1970-01-20 04:31:17	Name: jobs_search_type Value: google
nfcucareers.ttcportals.com/	1969-12-31 23:59:59	Name: g_parent_event_id Value: 77138513-8280-40d2-abe0-aee5bb7a2632
nfcucareers.ttcportals.com/	1969-12-31 23:59:59	Name: g_event_id Value: 6b5e9bdc-8c03-4adc-8214-3d39a052bedb
nfcucareers.ttcportals.com/	1969-12-31 23:59:59	Name: g_request_id Value: a5b48157-48a1-4bdd-bf56-3ca1be8d35cb%3AAPAb7ISMIa0Iqm6GM1muf99MxAOpns8MKA%3D%3D
nfcucareers.ttcportals.com/	1969-12-31 23:59:59	Name: ns_lcache Value:
.linkedin.com/	1970-01-20 05:13:03	Name: UserMatchHistory Value: AQLAIC62mdkUYQAAAYH8DEaadT-HslojZn0ENG4t8w-Yx_qi7u5VsKz30411E2eSnbPzOgJflk3Q1g
.linkedin.com/	1970-01-20 05:13:03	Name: AnalyticsSyncHistory Value: AQILY7M0dTjxrQAAAYH8DEaaAQg52HHyIxfXCgDyS1TDSudoevpAX_KXz2UbaGTXp58nDl8Q8mZjXVxuA90iSw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 22:01:44	Name: bcookie Value: "v=2&5af128e8-d8c9-4ca6-87cd-29396b44c696"
.linkedin.com/	1970-01-20 04:31:17	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=2699:u=1:x=1:i=1657791071:t=1657877471:v=2:sig=AQGZWjbMac2rovIQqSS7WAufLR2CVcxK"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 22:01:44	Name: bscookie Value: "v=1&202207140931129c297540-add5-4562-8036-735a7181498aAQGCmBTrFAZ_e0IIzTgJ7pGmQDVl6alo"
.linkedin.com/	1970-01-20 21:58:49	Name: li_gc Value: MTswOzE2NTc3OTEwNzI7MjswMjHEXwXB7AN51j9RfFnxYZL2lT4y5DqvIeiTy3Q7MbwgDg==
.nfcucareers.ttcportals.com/	1970-01-20 13:15:27	Name: _jsuid Value: 2304793421
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: aa994d4f6da6c807

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apply.app.jobvite.com
bam.nr-data.net
code.jquery.com
connect.talemetry.com
dhbhdrzi4tiry.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
maps.googleapis.com
maps.gstatic.com
maxcdn.bootstrapcdn.com
nfcucareers.ttcportals.com
px.ads.linkedin.com
px4.ads.linkedin.com
sitestats.ttcportals.com
snap.licdn.com
www.google.com
www.gstatic.com
www.linkedin.com
104.18.30.54
104.18.31.54
13.107.43.14
151.101.2.137
162.247.241.14
18.66.121.35
198.145.13.13
2001:4de0:ac18::1:a:3a
2606:4700::6812:bcf
2620:1ec:21::14
2a00:1450:4001:802::200a
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a02:26f0:3500:16::215:149b
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
08e7d98e767f185bdbdc70bc962d784292f1ba7a6d9230d2cd9a7a841112fa19
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1c32e16801406e67f1d2ceb9f51cb90b3020403b26696baa160a0449027510ee
1e47b880de7de735a853cf17f323c8170b4be05d0efe698522fbc0beeb9f6561
2e5ee252edcf6f675dccd4589d07d8c39fdbc534b143f99fea2ee9562abfa54b
2fc1beff59dbaf7a22ee92a7480830488ffaf2bd7f8a1a579e5e0a93b4fb341e
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
397a3e42eaed04fd0ca36dd40bb087b7ee5a44cc0e6b3479445702af21aedbcc
3a4b1763eca26b0006312c8c109961b5ad1264f0b904bfda24ddcf3ea1908bf9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
419008c0cbc9347bef8128241885e26421e65ce007f27b0dc55efcaae4dcf4a7
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
54040840600e9cce337c2678b5db58a62f57d7b00a92281a5028fd0140d91ce9
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5878201badc9b39a3d01a605a6677320b1dc2b64e71b0ff0cfc5d181ee45dc68
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c74d3440ddd6b56bd97086d330260ffd24c5700d669021350315eaaa1595e6d
5e61885795bef0424ce14da1e390294ffc83412698083f65bc2969ed6181c5b0
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
774e970c30f6a2eba368f3e98fbece9606c3997c0ef2587147580b63770bf664
785ce7736d430089f7297ca1a4c07b253dfd049a08e4f8cf2c0bb1c4f8a79a8f
7d355289542a33f4e6bf843c88980fe9e97bae24a58d6272a99d83dc98e9477d
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8807b45ab7e188c9ed051ad8038905dff40d7ccb7a1af2c9f145429abca5b3b1
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8c19104d0d950baa7649e3909b0ace0c8cf11abb286b35cf336926f70eff5005
95584f79f7f9453c4e27a91c0d0100d02589f68478bd5d8369d06adb096a2a84
9b290dfdb498eedc047336ab3cc5052e118a1c9ada6b9450dc26a4a157bee3bc
9ff9b28588dada8fe32dc2be43191e383e427b86ac2d74e7623fc55dfe2127a9
a7038454a7695e1116932a2b589da0e369773f5432c97c828fa21722cc2f53f4
af2dc6eecc4fd5c12f88f3bc1c29e161d0e3bcaf2a3d8fe45305e06f66534f49
b2c633600d3fe205f173caffe7469c028c6e98651b5ed1f8b6ca154cabb9ce83
bb619ed51448a1da3305a765bd0f03477bca62295de9603b7c4f707f86b48101
bb893541ce2c2ad9d3f10bf907da5ad098b226ef9d4738e5cb174064f1b10c13
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c348a504a60bbc4b15dbf6539e2cf16b747155bc80673032be662165a392e5fb
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccbcfc2def1e2de8fdd1df89bfbee0be01acf6aa3961c4314cf213853f325ecd
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d600848d960e1eb8c0acea7ee6c11d8028e4ea2a2846b16d23e4340b6709d3e5
dab7c9fa5f067ea81be4c24efd6dc2f9d505b2f0f7b9977b602394ad52089c1a
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
dda1e23577758d91734fe21258a8417adacd3397d423410591ad342918f420c7
e237896d893654f6d308f30e7740c3594c541be005f1440272077f093f7128c5
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f1e558086901b780f131d3a27cdea2b7a8f27993a27c166e27508eeea7709638
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fd17ab6fbf578f14f0139fb0e07742183aa03197ed7fd3eeb4e7003a03f28dde
ffee6c75e2ef6251434dd4264b3cb7fa1b7904cb9a4e6403e1909dcdc8e94be4

nfcucareers.ttcportals.com Open in urlscan Pro 104.18.30.54 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

98 %HTTPS

59 %IPv6

13 Domains

19 Subdomains

16 IPs

4 Countries

2053 kBTransfer

4329 kBSize

19 Cookies

12 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nfcucareers.ttcportals.com Open in urlscan Pro
104.18.30.54 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

98 %
HTTPS

59 %
IPv6

13
Domains

19
Subdomains

16
IPs

4
Countries

2053 kB
Transfer

4329 kB
Size

19
Cookies

60 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!