recruitingbypaycor.com Open in urlscan Pro
3.229.136.97 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://recruitingbypaycor.com/career/CareerHome.action?clientId=8a7882674f01fe60014f18f8d1520320
Submission Tags: @phishunt_io
Submission: On January 28 via api (January 28th 2022, 4:20:55 am UTC) from DE — Scanned from DE

Summary HTTP 12 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 12 HTTP transactions. The main IP is 3.229.136.97, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is recruitingbypaycor.com. The Cisco Umbrella rank of the primary domain is 106559.

This is the only time recruitingbypaycor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	3.229.136.97 3.229.136.97	14618 (AMAZON-AES) (AMAZON-AES)
3 3	13.227.219.46 13.227.219.46	16509 (AMAZON-02) (AMAZON-02)
3	13.225.214.113 13.225.214.113	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400e:811::200a	15169 (GOOGLE) (GOOGLE)
1	199.232.148.193 199.232.148.193	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400e:810::2003	15169 (GOOGLE) (GOOGLE)
12	5

5 3.229.136.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-136-97.compute-1.amazonaws.com

recruitingbypaycor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.227.219.46 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-46.ams54.r.cloudfront.net

images.newtonsoftware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.214.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-113.ewr50.r.cloudfront.net

images.recruitingbypaycor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:811::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.148.193 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:810::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	recruitingbypaycor.com recruitingbypaycor.com — Cisco Umbrella Rank: 106559 images.recruitingbypaycor.com	332 KB
3	newtonsoftware.com 3 redirects images.newtonsoftware.com	871 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 5174	198 B
12	5

	Domain	Requested by
5	recruitingbypaycor.com	recruitingbypaycor.com
3	images.recruitingbypaycor.com	recruitingbypaycor.com
3	images.newtonsoftware.com	3 redirects
2	fonts.googleapis.com	recruitingbypaycor.com
1	fonts.gstatic.com	fonts.googleapis.com
1	i.imgur.com	recruitingbypaycor.com
12	6

This site contains links to these domains. Also see Links.

Domain
www.paycor.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://recruitingbypaycor.com/career/CareerHome.action?clientId=8a7882674f01fe60014f18f8d1520320
Frame ID: CA261255D8630D37E00756BBA4D288A4
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

West Side Beer Distributing - Careerspoweredbypaycor

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

33 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

378 kB
Transfer

380 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.paycor.com/recruiting-software
Title: svg { fill:#6d6e71; } svg:hover .swoosh { fill:#f37322; } poweredbypaycor

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://images.newtonsoftware.com/assets/css-standalone-hosted/bootstrap.css HTTP 308
https://images.recruitingbypaycor.com/assets/css-standalone-hosted/bootstrap.css

Request Chain 1

https://images.newtonsoftware.com/assets/css-standalone-hosted/main.css HTTP 308
https://images.recruitingbypaycor.com/assets/css-standalone-hosted/main.css

Request Chain 2

https://images.newtonsoftware.com/assets/css-standalone-hosted/animate-custom.css HTTP 308
https://images.recruitingbypaycor.com/assets/css-standalone-hosted/animate-custom.css

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200 Primary Request CareerHome.action Show response
recruitingbypaycor.com/career/ 46 KB
47 KB 329ms
206ms Document
text/html 3.229.136.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://recruitingbypaycor.com/career/CareerHome.action?clientId=8a7882674f01fe60014f18f8d1520320

Protocol

HTTP/1.1

Server

3.229.136.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-136-97.compute-1.amazonaws.com

Software

Resource Hash

d9bd1cec2801611ec1d6f5dfc648fff4b19a2d7201513c523b0aad497b3f4d0b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Cache-control: no-cache="set-cookie"
Content-Language: de-DE
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/html;charset=UTF-8
Date: Fri, 28 Jan 2022 04:20:49 GMT
ETag: 186414344
Expires: 0
P3P: CP="This is not a P3P policy! See https://paycor.com/privacy-policy for more info."
Pragma: no-cache
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
transfer-encoding: chunked
Connection: keep-alive

GET
H2

200

bootstrap.css
images.recruitingbypaycor.com/assets/css-standalone-hosted/
Redirect Chain

https://images.newtonsoftware.com/assets/css-standalone-hosted/bootstrap.css
https://images.recruitingbypaycor.com/assets/css-standalone-hosted/bootstrap.css

120 KB
121 KB

464ms
241ms

Stylesheet
text/css

13.225.214.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.recruitingbypaycor.com/assets/css-standalone-hosted/bootstrap.css
Requested by: Host: recruitingbypaycor.com
URL: http://recruitingbypaycor.com/career/CareerHome.action?clientId=8a7882674f01fe60014f18f8d1520320
Protocol: H2
Server: 13.225.214.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-113.ewr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e84e20ab9da56a4d12f49ee4a7948f40979b1c43e5d28902c62bdb2131ed7187

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://recruitingbypaycor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:23:31 GMT
via: 1.1 c5e0ddd115d9893ade353cf085d11dba.cloudfront.net (CloudFront)
last-modified: Sun, 03 Jan 2021 02:34:58 GMT
server: AmazonS3
age: 21440
etag: "1bd18614c0431ba6076625764f4fc487"
x-cache: Hit from cloudfront
x-amz-version-id: WiTKZaDaOgX3If82UKMcGJL75oU8mipO
x-amz-cf-pop: EWR50-C1
accept-ranges: bytes
content-type: text/css
content-length: 123023
x-amz-cf-id: vU-erwFKdya7T15b3zPPVTeDEwlz6gWNwHg1RV2KRs9NBYqXoty7pQ==

Redirect headers

date: Fri, 28 Jan 2022 04:20:50 GMT
via: 1.1 b61409af370dbf025ffc910b1252c65e.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
content-type: text/html
location: https://images.recruitingbypaycor.com/assets/css-standalone-hosted/bootstrap.css
content-length: 180
x-amz-cf-id: hx_dPVCY_hiKFo6M9i3PDa8Tn_NufKOnsN-l1jCiUML3A2g0QNI-qw==

GET
H2

200

main.css
images.recruitingbypaycor.com/assets/css-standalone-hosted/
Redirect Chain

https://images.newtonsoftware.com/assets/css-standalone-hosted/main.css
https://images.recruitingbypaycor.com/assets/css-standalone-hosted/main.css

15 KB
15 KB

460ms
238ms

Stylesheet
text/css

13.225.214.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.recruitingbypaycor.com/assets/css-standalone-hosted/main.css
Requested by: Host: recruitingbypaycor.com
URL: http://recruitingbypaycor.com/career/CareerHome.action?clientId=8a7882674f01fe60014f18f8d1520320
Protocol: H2
Server: 13.225.214.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-113.ewr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5448b21b3b9d9420f751a01af011bc84573320a716f22c46037762a76e5fad95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://recruitingbypaycor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:23:31 GMT
via: 1.1 c5e0ddd115d9893ade353cf085d11dba.cloudfront.net (CloudFront)
last-modified: Sun, 03 Jan 2021 02:34:58 GMT
server: AmazonS3
age: 21440
etag: "e7fbefa9ac9be2849f6167ef3d577a3e"
x-cache: Hit from cloudfront
x-amz-version-id: 6UbdQ.sPqaVsJheKEctDC4O3tatS5Wzx
x-amz-cf-pop: EWR50-C1
accept-ranges: bytes
content-type: text/css
content-length: 15202
x-amz-cf-id: ZkEEac0qFvQnioddoLTSPaRi0FWtYhpQzrgzl514DZ-XaOWMma7lOw==

Redirect headers

date: Fri, 28 Jan 2022 04:20:50 GMT
via: 1.1 b61409af370dbf025ffc910b1252c65e.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
content-type: text/html
location: https://images.recruitingbypaycor.com/assets/css-standalone-hosted/main.css
content-length: 180
x-amz-cf-id: vHDvQlQUWEJ2ZAToa6077aAlrjDqx1K-Jtp9uL_YtziwuhCS-D1HIA==

GET
H2

200

animate-custom.css
images.recruitingbypaycor.com/assets/css-standalone-hosted/
Redirect Chain

https://images.newtonsoftware.com/assets/css-standalone-hosted/animate-custom.css
https://images.recruitingbypaycor.com/assets/css-standalone-hosted/animate-custom.css

8 KB
8 KB

399ms
174ms

Stylesheet
text/css

13.225.214.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.recruitingbypaycor.com/assets/css-standalone-hosted/animate-custom.css
Requested by: Host: recruitingbypaycor.com
URL: http://recruitingbypaycor.com/career/CareerHome.action?clientId=8a7882674f01fe60014f18f8d1520320
Protocol: H2
Server: 13.225.214.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-113.ewr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6131babe57c76b2e8aef8263e47f05f4e960206f590b624e6c8a96aa1bdfafde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://recruitingbypaycor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: C9.lKPlOdsJ_Ha5yeu5Pzdvc9XNKxS_i
via: 1.1 c5e0ddd115d9893ade353cf085d11dba.cloudfront.net (CloudFront)
last-modified: Sun, 03 Jan 2021 02:34:58 GMT
server: AmazonS3
age: 4895
etag: "6a66b643f25fd7a8d172a75a9b01413f"
x-cache: Hit from cloudfront
content-type: text/css
date: Fri, 28 Jan 2022 02:59:15 GMT
x-amz-cf-pop: EWR50-C1
accept-ranges: bytes
content-length: 8033
x-amz-cf-id: BdJJEL1c3ENR_9QYJcA-Q4sQTNulOwbPKPlZjdPVg5rjYmtzmzeB-w==

Redirect headers

date: Fri, 28 Jan 2022 04:20:50 GMT
via: 1.1 b61409af370dbf025ffc910b1252c65e.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
content-type: text/html
location: https://images.recruitingbypaycor.com/assets/css-standalone-hosted/animate-custom.css
content-length: 180
x-amz-cf-id: SzGY1wMw6Kfql70jwledxuI0YmlDYof-jSwQZf_tJKqJrcQUyWGX6Q==

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 53ms
20ms Stylesheet
text/css 2a00:1450:400e:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: recruitingbypaycor.com
URL: http://recruitingbypaycor.com/career/CareerHome.action?clientId=8a7882674f01fe60014f18f8d1520320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:811::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://recruitingbypaycor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 04:17:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 28 Jan 2022 04:20:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jan 2022 04:20:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
645 B 53ms
21ms Stylesheet
text/css 2a00:1450:400e:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,300,700

Requested by

Host: recruitingbypaycor.com
URL: http://recruitingbypaycor.com/career/CareerHome.action?clientId=8a7882674f01fe60014f18f8d1520320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:811::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f6cc5aa1540c938ece1d8796e251a1cb07caf46bea8c3e402ef5bece6edcaa2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://recruitingbypaycor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 03:34:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 28 Jan 2022 04:20:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jan 2022 04:20:49 GMT

GET
H/1.1 200 newton.css
recruitingbypaycor.com/career/css/careerv3/ 2 KB
3 KB 205ms
104ms Stylesheet
text/css 3.229.136.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://recruitingbypaycor.com/career/css/careerv3/newton.css

Requested by

Host: recruitingbypaycor.com
URL: http://recruitingbypaycor.com/career/CareerHome.action?clientId=8a7882674f01fe60014f18f8d1520320

Protocol

HTTP/1.1

Server

3.229.136.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-136-97.compute-1.amazonaws.com

Software

Resource Hash

e1a5ab54abe8be02cff36291de4ba4ffd07e212e63d9703f5297e2dd30431625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://recruitingbypaycor.com/career/CareerHome.action?clientId=8a7882674f01fe60014f18f8d1520320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 04:20:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Jan 2022 20:57:59 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
P3P: CP="This is not a P3P policy! See https://paycor.com/privacy-policy for more info."
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 2387
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200 jquery.min.js Show response
recruitingbypaycor.com/career/node_modules/jquery/dist/ 87 KB
88 KB 205ms
104ms Script
application/javascript 3.229.136.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://recruitingbypaycor.com/career/node_modules/jquery/dist/jquery.min.js

Requested by

Host: recruitingbypaycor.com
URL: http://recruitingbypaycor.com/career/CareerHome.action?clientId=8a7882674f01fe60014f18f8d1520320

Protocol

HTTP/1.1

Server

3.229.136.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-136-97.compute-1.amazonaws.com

Software

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://recruitingbypaycor.com/career/CareerHome.action?clientId=8a7882674f01fe60014f18f8d1520320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 04:20:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Jan 2022 20:57:59 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
P3P: CP="This is not a P3P policy! See https://paycor.com/privacy-policy for more info."
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 89476
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200 sessionStore.js Show response
recruitingbypaycor.com/career/js/careerv3/ 2 KB
3 KB 206ms
104ms Script
application/javascript 3.229.136.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://recruitingbypaycor.com/career/js/careerv3/sessionStore.js

Requested by

Host: recruitingbypaycor.com
URL: http://recruitingbypaycor.com/career/CareerHome.action?clientId=8a7882674f01fe60014f18f8d1520320

Protocol

HTTP/1.1

Server

3.229.136.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-136-97.compute-1.amazonaws.com

Software

Resource Hash

9cddf26ff8efd195412f3eae81511834341ce21680e4bf7b0c2930d543b08ebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://recruitingbypaycor.com/career/CareerHome.action?clientId=8a7882674f01fe60014f18f8d1520320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 04:20:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Jan 2022 20:57:59 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
P3P: CP="This is not a P3P policy! See https://paycor.com/privacy-policy for more info."
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 2038
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200 URI.min.js Show response
recruitingbypaycor.com/career/node_modules/urijs/src/ 46 KB
47 KB 207ms
105ms Script
application/javascript 3.229.136.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://recruitingbypaycor.com/career/node_modules/urijs/src/URI.min.js

Requested by

Host: recruitingbypaycor.com
URL: http://recruitingbypaycor.com/career/CareerHome.action?clientId=8a7882674f01fe60014f18f8d1520320

Protocol

HTTP/1.1

Server

3.229.136.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-136-97.compute-1.amazonaws.com

Software

Resource Hash

5ee6701883196e347f24ddf1662020c854cc106131ec32f64ddafd6acb7d16ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://recruitingbypaycor.com/career/CareerHome.action?clientId=8a7882674f01fe60014f18f8d1520320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 04:20:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Jan 2022 20:57:59 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
P3P: CP="This is not a P3P policy! See https://paycor.com/privacy-policy for more info."
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 47248
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H2 403 munAAaI.jpg
i.imgur.com/ 0
198 B 59ms
14ms Image
text/plain 199.232.148.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/munAAaI.jpg

Requested by

Host: recruitingbypaycor.com
URL: http://recruitingbypaycor.com/career/CareerHome.action?clientId=8a7882674f01fe60014f18f8d1520320

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.148.193 Amsterdam, Netherlands, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://recruitingbypaycor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 04:20:50 GMT
server: cat factory 1.0
x-timer: S1643343651.869321,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
x-cache-hits: 0
x-cache: MISS
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-ams12752-AMS

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 46ms
15ms Font
font/woff2 2a00:1450:400e:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://recruitingbypaycor.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 17:01:22 GMT
x-content-type-options: nosniff
age: 299968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 24 Jan 2023 17:01:22 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
recruitingbypaycor.com/career	1969-12-31 23:59:59	Name: JSESSIONID Value: FD8E32F688311962D328D7CC4468260B
recruitingbypaycor.com/career	1969-12-31 23:59:59	Name: BNI_new_persistence Value: CH3chenp14NrcHfP4XJTuEmwI3LEBp8iSwQo2Ld91A_EdFbgf0xeA9qgV0ii3O57kkcIMhfPTkebLTzwnZC7gQ==
recruitingbypaycor.com/	1970-01-20 00:29:07	Name: AWSELB Value: F97B315D144C6522145699018A52F4A14824D78C603A69AEFCD24010C733C57A974F48AEC081970723EA6B7D48F9D5E24033BC21FA6155D57F3442516CBC80F88F904399F2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://i.imgur.com/munAAaI.jpg Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
images.newtonsoftware.com
images.recruitingbypaycor.com
recruitingbypaycor.com
13.225.214.113
13.227.219.46
199.232.148.193
2a00:1450:400e:810::2003
2a00:1450:400e:811::200a
3.229.136.97
4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615
5448b21b3b9d9420f751a01af011bc84573320a716f22c46037762a76e5fad95
5ee6701883196e347f24ddf1662020c854cc106131ec32f64ddafd6acb7d16ce
6131babe57c76b2e8aef8263e47f05f4e960206f590b624e6c8a96aa1bdfafde
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
9cddf26ff8efd195412f3eae81511834341ce21680e4bf7b0c2930d543b08ebf
d9bd1cec2801611ec1d6f5dfc648fff4b19a2d7201513c523b0aad497b3f4d0b
e1a5ab54abe8be02cff36291de4ba4ffd07e212e63d9703f5297e2dd30431625
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e84e20ab9da56a4d12f49ee4a7948f40979b1c43e5d28902c62bdb2131ed7187
f6cc5aa1540c938ece1d8796e251a1cb07caf46bea8c3e402ef5bece6edcaa2f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

recruitingbypaycor.com Open in urlscan Pro 3.229.136.97 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

33 %HTTPS

33 %IPv6

5 Domains

6 Subdomains

5 IPs

3 Countries

378 kBTransfer

380 kBSize

3 Cookies

1 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

3 Cookies

1 Console Messages

Security Headers

Indicators

recruitingbypaycor.com Open in urlscan Pro
3.229.136.97 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

33 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

378 kB
Transfer

380 kB
Size

3
Cookies

12 HTTP transactions
0 data transactions