urlscan.io logo urlscan.io
SecurityTrails logo

covidjobs.live Open in urlscan Pro
64.111.106.227  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://covidjobs.live/
Effective URL: https://covidjobs.live/
Submission: On May 14 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 19 HTTP transactions. The main IP is 64.111.106.227, located in Brea, United States and belongs to DREAMHOST-AS, US. The main domain is covidjobs.live.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 9th 2020. Valid for: 3 months.
This is the only time covidjobs.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 64.111.106.227 26347 (DREAMHOST-AS)
3 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 35.190.77.218 15169 (GOOGLE)
5 35.186.216.17 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
19 9
5    64.111.106.227 (Brea, United States)

ASN26347 (DREAMHOST-AS, US)
PTR: ps608042.dreamhost.com
covidjobs.live
3    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    35.190.77.218 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 218.77.190.35.bc.googleusercontent.com
assets.efusercontent.com
5    35.186.216.17 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 17.216.186.35.bc.googleusercontent.com
usercontent.everflowclient.io
1    2606:4700:3035::6812:21d2 (United States)

ASN13335 (CLOUDFLARENET, US)
cookieinfoscript.com
2    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
5 usercontent.everflowclient.io covidjobs.live
5 covidjobs.live 1 redirects covidjobs.live
3 maxcdn.bootstrapcdn.com covidjobs.live
2 fonts.gstatic.com covidjobs.live
2 fonts.googleapis.com covidjobs.live
1 cookieinfoscript.com covidjobs.live
1 assets.efusercontent.com covidjobs.live
1 code.jquery.com covidjobs.live
19 8

This site contains links to these domains. Also see Links.

Domain
www.nonincent.com
cookieinfoscript.com
Subject Issuer Validity Valid
covidjobs.live
Let's Encrypt Authority X3		 2020-04-09 -
2020-07-08		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
assets.efusercontent.com
Go Daddy Secure Certificate Authority - G2		 2020-03-27 -
2021-03-27		 a year crt.sh
*.everflowclient.io
Go Daddy Secure Certificate Authority - G2		 2019-09-14 -
2020-11-13		 a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-11-12 -
2020-10-09		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://covidjobs.live/
Frame ID: D70B8F98A410C573445D875C5F649D6E
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://covidjobs.live/ HTTP 301
    https://covidjobs.live/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

19
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

9
IPs

3
Countries

26077 kB
Transfer

26332 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://covidjobs.live/ HTTP 301
    https://covidjobs.live/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
covidjobs.live/
Redirect Chain
  • http://covidjobs.live/
  • https://covidjobs.live/
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://covidjobs.live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.111.106.227 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps608042.dreamhost.com
Software
Apache /
Resource Hash
08d0836125557e107d042d67f102aadd1db5f61ff6cca1eec8c1cabceb67bc57

Request headers

Host
covidjobs.live
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 14 May 2020 05:21:18 GMT
Server
Apache
Cache-Control
max-age=600
Expires
Thu, 14 May 2020 05:31:18 GMT
Vary
User-Agent,Accept-Encoding
Content-Encoding
gzip
Content-Length
3611
Keep-Alive
timeout=2, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Thu, 14 May 2020 05:21:17 GMT
Server
Apache
Location
https://covidjobs.live/
Cache-Control
max-age=600
Expires
Thu, 14 May 2020 05:31:17 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
192
Keep-Alive
timeout=2, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
bootstrap.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		174 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.css
Requested by
Host: covidjobs.live
URL: https://covidjobs.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
8c1a4c25634d5841924aab1848acc9dcbc3d5672183053c8b71ff2139b65d7c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://covidjobs.live/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 05:21:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:10 GMT
status
200
etag
"1544639650"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
22410
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: covidjobs.live
URL: https://covidjobs.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://covidjobs.live/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 05:21:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
status
200
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
style.css
covidjobs.live/assets/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covidjobs.live/assets/style.css
Requested by
Host: covidjobs.live
URL: https://covidjobs.live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.111.106.227 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps608042.dreamhost.com
Software
Apache /
Resource Hash
db6d0c5ae875ac4c8ec3f6a3977295d3abd261e2fdeb85be055cd2864d61c9a2

Request headers

Referer
https://covidjobs.live/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 14 May 2020 05:21:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Apr 2020 21:22:15 GMT
Server
Apache
ETag
"19b5-5a2e236003bba"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
1841
Expires
Sat, 13 Jun 2020 05:21:18 GMT
jquery-latest.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-latest.min.js
Requested by
Host: covidjobs.live
URL: https://covidjobs.live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer
https://covidjobs.live/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 14 May 2020 05:21:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:08 GMT
Server
nginx
ETag
"54499a48-1762a"
Vary
Accept-Encoding
X-HW
1589433678.dop138.fr8.t,1589433678.cds004.fr8.shn,1589433678.cds004.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33202
jquery.cookie.js
covidjobs.live/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://covidjobs.live/js/jquery.cookie.js
Requested by
Host: covidjobs.live
URL: https://covidjobs.live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.111.106.227 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps608042.dreamhost.com
Software
Apache /
Resource Hash

Request headers

Referer
https://covidjobs.live/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 14 May 2020 05:21:18 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
Content-Length
253
cashfromhome%20logo.PNG
assets.efusercontent.com/265/offers/1130/thumb/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.efusercontent.com/265/offers/1130/thumb/cashfromhome%20logo.PNG
Requested by
Host: covidjobs.live
URL: https://covidjobs.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.77.218 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.77.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ade3f0a36e82339e71cae2032bd01a6744bb40b5363c2d6cab38138b251ae14f

Request headers

Referer
https://covidjobs.live/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 05:21:18 GMT
x-guploader-uploadid
AAANsUky5NErWZcaQt2ihTN4b5RjLRpQ1PbpD4mt9OBCK1St5Cxl8HhMC-PDWjdiJZ9h9fDiaXRMMVrDE4QouTA5hQ
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
12677
last-modified
Mon, 13 Apr 2020 18:49:03 GMT
server
UploadServer
etag
"e55cddeb47732cbf9cfa89055bc542bd"
x-goog-hash
crc32c=0Dtk1A==, md5=5Vzd60dzLL+c+okFW8VCvQ==
x-goog-generation
1586803743862883
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
12677
accept-ranges
bytes
content-type
image/png
expires
Thu, 14 May 2020 06:21:18 GMT
surveyJunkie.jpg
usercontent.everflowclient.io/265/offers/1127/thumb/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usercontent.everflowclient.io/265/offers/1127/thumb/surveyJunkie.jpg
Requested by
Host: covidjobs.live
URL: https://covidjobs.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.216.17 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
17.216.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d0d4a0b59e76a800dfd75f8d776b086847c1868aa03e1c11e3d5c1c68079becb

Request headers

Referer
https://covidjobs.live/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 05:21:18 GMT
x-guploader-uploadid
AAANsUnjsPDY6DIUn5t4s7rpxlCrd7fC5ES9gM9sUd4ru9IVNMF6BVoFwEUyP1Jh7wul8FecNfg1l2yf3UTexuV8isB6LWLGkg
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
11535
last-modified
Tue, 12 Nov 2019 19:16:53 GMT
server
UploadServer
etag
"fa50ab6d2407a0e82cbeb8a7f836b96c"
x-goog-hash
crc32c=kTIeMw==, md5=+lCrbSQHoOgsvrin+Da5bA==
x-goog-generation
1573586213439180
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
11535
accept-ranges
bytes
content-type
image/jpeg
expires
Thu, 14 May 2020 06:21:18 GMT
SUrvey2cash.png
usercontent.everflowclient.io/265/offers/1126/thumb/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usercontent.everflowclient.io/265/offers/1126/thumb/SUrvey2cash.png
Requested by
Host: covidjobs.live
URL: https://covidjobs.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.216.17 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
17.216.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
863ceaf7ba38267d184672aeeccee2fab3471ecc419cf7285a5bd9f8e6e604d6

Request headers

Referer
https://covidjobs.live/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 05:21:18 GMT
x-guploader-uploadid
AAANsUnZmKF7g18LYrgTu6D0AQoRvB7SF_5EqlyD5tKBK_wtn9E6uhkf6QGdLRXc_Na67W3oAgb-dcWI8UqRZ0Ec4AZdIExnZg
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
8463
last-modified
Tue, 12 Nov 2019 20:28:18 GMT
server
UploadServer
etag
"63f5b68dfdb7a80d319af6a6a68cd0e3"
x-goog-hash
crc32c=p4k9zQ==, md5=Y/W2jf23qA0xmvampozQ4w==
x-goog-generation
1573590498212176
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
8463
accept-ranges
bytes
content-type
image/png
expires
Thu, 14 May 2020 06:21:18 GMT
inboxdollars.png
usercontent.everflowclient.io/265/offers/1131/thumb/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usercontent.everflowclient.io/265/offers/1131/thumb/inboxdollars.png
Requested by
Host: covidjobs.live
URL: https://covidjobs.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.216.17 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
17.216.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0c6570f59d70ba8e3eebbee3f0f79bea32649b3e12afc96294baf5a92500088b

Request headers

Referer
https://covidjobs.live/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 05:21:18 GMT
x-guploader-uploadid
AAANsUlxw7pscnWFP7bVMC4aKJnsiEtPzOTy9sRScxAjOPaLt2jAN4xQSowNQ6k19hyvDvD9zIXOtFIG5zn_ZpLh07I
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
14238
last-modified
Tue, 12 Nov 2019 19:13:02 GMT
server
UploadServer
etag
"962c7cf90e981ce827b8da4a716768f3"
x-goog-hash
crc32c=B59DqQ==, md5=lix8+Q6YHOgnuNpKcWdo8w==
x-goog-generation
1573585982347085
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
14238
accept-ranges
bytes
content-type
image/png
expires
Thu, 14 May 2020 06:21:18 GMT
PineCone.png
usercontent.everflowclient.io/265/offers/1132/thumb/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usercontent.everflowclient.io/265/offers/1132/thumb/PineCone.png
Requested by
Host: covidjobs.live
URL: https://covidjobs.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.216.17 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
17.216.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0fcf621837944541c2e95be97a8652ecd1f1ca7f50ef7bed6533cd6103b44b92

Request headers

Referer
https://covidjobs.live/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 05:21:18 GMT
x-guploader-uploadid
AAANsUklLr-ecbJaTxwuRc3X7pz_O1gBL72qBfyeXjGQoCSd1_ipjAiBdnQEDnKhoxZ4UtnZdsrG0b0I5ibrn34wvrQmHRwW6A
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
8979
last-modified
Tue, 12 Nov 2019 19:13:35 GMT
server
UploadServer
etag
"88bc7911d4346a9803e8f0142aec0646"
x-goog-hash
crc32c=A2F8sg==, md5=iLx5EdQ0apgD6PAUKuwGRg==
x-goog-generation
1573586015592020
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
8979
accept-ranges
bytes
content-type
image/png
expires
Thu, 14 May 2020 06:21:18 GMT
LifePoints.svg
usercontent.everflowclient.io/265/offers/1128/thumb/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usercontent.everflowclient.io/265/offers/1128/thumb/LifePoints.svg
Requested by
Host: covidjobs.live
URL: https://covidjobs.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.216.17 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
17.216.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a7fc68bf77c92fffe4d97037df4f4fa84e02f14fc8fb7a57de6fa96713d902dd

Request headers

Referer
https://covidjobs.live/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 05:21:18 GMT
x-guploader-uploadid
AAANsUk8F49SIY0WyROPVKFLWWt6WWhMUHIXUaanJwQfN9iYZ5xNQnS-FLH76Tdatdronyt-eYmsD2VxPLTIMUUfaLj7R-fY4Q
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
13706
last-modified
Tue, 12 Nov 2019 19:17:45 GMT
server
UploadServer
etag
"f7f12df1388ac611d2234813ceb90eed"
x-goog-hash
crc32c=/9X4Sw==, md5=9/Et8TiKxhHSI0gTzrkO7Q==
x-goog-generation
1573586265732966
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
13706
accept-ranges
bytes
content-type
image/svg+xml
expires
Thu, 14 May 2020 06:21:18 GMT
cookieinfo.min.js
cookieinfoscript.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookieinfoscript.com/js/cookieinfo.min.js
Requested by
Host: covidjobs.live
URL: https://covidjobs.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:21d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3de7488ac6723f0788c9a774701fa787e513a6b03ea875b6ea5c3ae5e2b426b

Request headers

Referer
https://covidjobs.live/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 05:21:18 GMT
content-encoding
br
cf-cache-status
HIT
age
3456
x-amz-meta-cb-modifiedtime
Mon, 26 Feb 2018 13:13:26 GMT
status
200
x-amz-request-id
C1DA7EC65213A5D6
x-amz-id-2
z1GbZ92bxyjlcqJc2dxApeF6ldEnI9ckDpxC70EFrZaSEoya+aO39hluU/ANNCB4GNTLZSP6vzE=
last-modified
Thu, 30 Apr 2020 10:19:01 GMT
server
cloudflare
etag
W/"994ae1f7835fb9fa109c9177bf3a04a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2678400
cf-request-id
02b33a52170000323cc2941200000001
cf-ray
59322cc9bf3e323c-FRA
css
fonts.googleapis.com/ 		2 KB
660 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: covidjobs.live
URL: https://covidjobs.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d63b9ae0f8cccb888886d453950046c6925e5bb4e2a9096d5ad1d2f14d573a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://covidjobs.live/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 May 2020 05:21:18 GMT
server
ESF
date
Thu, 14 May 2020 05:21:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 May 2020 05:21:18 GMT
css
fonts.googleapis.com/ 		2 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald
Requested by
Host: covidjobs.live
URL: https://covidjobs.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
77b0d8b4601f48b0e3f43d4e28bea877cf5f7d7e5c51eb5a27f74daceda50c9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://covidjobs.live/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 May 2020 05:21:18 GMT
server
ESF
date
Thu, 14 May 2020 05:21:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 May 2020 05:21:18 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: covidjobs.live
URL: https://covidjobs.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://covidjobs.live

Response headers

date
Thu, 14 May 2020 05:21:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
status
200
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
77171
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v31/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v31/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff
Requested by
Host: covidjobs.live
URL: https://covidjobs.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b810957ff3f3c7c207fbb3b24a0c9370f2b23bc94e7acfebceefa0d2976ac99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Oswald
Origin
https://covidjobs.live

Response headers

date
Mon, 11 May 2020 17:33:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 00:19:32 GMT
server
sffe
age
215270
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12672
x-xss-protection
0
expires
Tue, 11 May 2021 17:33:28 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: covidjobs.live
URL: https://covidjobs.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto
Origin
https://covidjobs.live

Response headers

date
Tue, 14 Apr 2020 23:26:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
2526859
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 14 Apr 2021 23:26:59 GMT
city.mp4
covidjobs.live/img/ 		25 MB
25 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://covidjobs.live/img/city.mp4
Requested by
Host: covidjobs.live
URL: https://covidjobs.live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.111.106.227 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps608042.dreamhost.com
Software
Apache /
Resource Hash

Request headers

Referer
https://covidjobs.live/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 14 May 2020 05:21:18 GMT
Last-Modified
Thu, 09 Apr 2020 21:06:35 GMT
Server
Apache
ETag
"193aca8-5a2e1fdf99cf8"
Vary
User-Agent
Content-Type
video/mp4
Content-Range
bytes 0-26455207/26455208
Cache-Control
max-age=172800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=97
Content-Length
26455208
Expires
Sat, 16 May 2020 05:21:18 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| cookieinfo object| cbinstance function| filterSelection function| w3AddClass function| w3RemoveClass object| btnContainer undefined| btns

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.efusercontent.com
code.jquery.com
cookieinfoscript.com
covidjobs.live
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
usercontent.everflowclient.io
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:2b
2606:4700:3035::6812:21d2
2a00:1450:4001:809::2003
2a00:1450:4001:821::200a
35.186.216.17
35.190.77.218
64.111.106.227
08d0836125557e107d042d67f102aadd1db5f61ff6cca1eec8c1cabceb67bc57
0c6570f59d70ba8e3eebbee3f0f79bea32649b3e12afc96294baf5a92500088b
0fcf621837944541c2e95be97a8652ecd1f1ca7f50ef7bed6533cd6103b44b92
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3d63b9ae0f8cccb888886d453950046c6925e5bb4e2a9096d5ad1d2f14d573a6
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6b810957ff3f3c7c207fbb3b24a0c9370f2b23bc94e7acfebceefa0d2976ac99
77b0d8b4601f48b0e3f43d4e28bea877cf5f7d7e5c51eb5a27f74daceda50c9c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
863ceaf7ba38267d184672aeeccee2fab3471ecc419cf7285a5bd9f8e6e604d6
8c1a4c25634d5841924aab1848acc9dcbc3d5672183053c8b71ff2139b65d7c3
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a7fc68bf77c92fffe4d97037df4f4fa84e02f14fc8fb7a57de6fa96713d902dd
ade3f0a36e82339e71cae2032bd01a6744bb40b5363c2d6cab38138b251ae14f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
d0d4a0b59e76a800dfd75f8d776b086847c1868aa03e1c11e3d5c1c68079becb
d3de7488ac6723f0788c9a774701fa787e513a6b03ea875b6ea5c3ae5e2b426b
db6d0c5ae875ac4c8ec3f6a3977295d3abd261e2fdeb85be055cd2864d61c9a2