urlscan.io logo urlscan.io
SecurityTrails logo

www.123employee.com Open in urlscan Pro
50.116.108.82  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.articles.123employee.com/
Effective URL: http://www.123employee.com/
Submission: On September 29 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 14 domains to perform 25 HTTP transactions. The main IP is 50.116.108.82, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.123employee.com.
This is the only time www.123employee.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    50.116.108.82 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: hgp.hgportalvps2sep21.com
www.articles.123employee.com
www.123employee.com
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
www.googleadservices.com
1    151.101.192.65 (United States)

ASN54113 (FASTLY, US)
tag.marinsm.com
1    34.207.72.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-207-72-187.compute-1.amazonaws.com
my.wickedreports.com
1    13.225.84.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-185.fra2.r.cloudfront.net
d2ieqaiwehnqqp.cloudfront.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    142.250.186.147 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f19.1e100.net
ip.itracker360.com
Domain Requested by
7 www.123employee.com www.123employee.com
3 bat.bing.com www.123employee.com
bat.bing.com
2 www.facebook.com www.123employee.com
2 connect.facebook.net www.123employee.com
connect.facebook.net
2 www.google-analytics.com www.123employee.com
www.google-analytics.com
2 www.googletagmanager.com 1 redirects www.123employee.com
1 ip.itracker360.com d2ieqaiwehnqqp.cloudfront.net
1 www.google.de www.123employee.com
1 www.google.com www.123employee.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 d2ieqaiwehnqqp.cloudfront.net www.googletagmanager.com
1 my.wickedreports.com www.googletagmanager.com
1 tag.marinsm.com www.123employee.com
1 www.googleadservices.com www.googletagmanager.com
1 www.articles.123employee.com 1 redirects
25 15

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-07-06 -
2022-01-06		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.de
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://www.123employee.com/
Frame ID: 6CB979281C040D92E5809262F31960FB
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

123employee.com

Page URL History Show full URLs

  1. https://www.articles.123employee.com/ HTTP 301
    http://www.123employee.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

25
Requests

56 %
HTTPS

57 %
IPv6

14
Domains

15
Subdomains

14
IPs

2
Countries

473 kB
Transfer

1140 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.articles.123employee.com/ HTTP 301
    http://www.123employee.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://www.googletagmanager.com/gtm.js?id=GTM-P6V2VR HTTP 302
  • https://www.googletagmanager.com/gtm.js?id=GTM-P6V2VR
Request Chain 7
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 12
  • http://bat.bing.com/bat.js HTTP 307
  • https://bat.bing.com/bat.js

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.123employee.com/
Redirect Chain
  • https://www.articles.123employee.com/
  • http://www.123employee.com/
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.123employee.com/
Protocol
HTTP/1.1
Server
50.116.108.82 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
hgp.hgportalvps2sep21.com
Software
Apache /
Resource Hash
a8737b044adea58b5ec33a471a85226ca42f073ef5a65abf189093d64474d538

Request headers

Host
www.123employee.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 29 Sep 2021 00:06:51 GMT
Server
Apache
Last-Modified
Sun, 20 Jan 2019 15:45:39 GMT
Accept-Ranges
bytes
Content-Length
3380
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

Date
Wed, 29 Sep 2021 00:06:50 GMT
Server
Apache
Location
http://www.123employee.com
Content-Length
234
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
ModuleStyleSheets.css
www.123employee.com/css/ 		23 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.123employee.com/css/ModuleStyleSheets.css
Requested by
Host: www.123employee.com
URL: http://www.123employee.com/
Protocol
HTTP/1.1
Server
50.116.108.82 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
hgp.hgportalvps2sep21.com
Software
Apache /
Resource Hash
3b870b7b55d760197d46d3cf704703f3acaff4c5f6ab2b4ce457289e147adfe0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.123employee.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.123employee.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 00:06:51 GMT
Last-Modified
Fri, 04 Jul 2014 02:35:20 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
23863
style.css
www.123employee.com/css/ 		38 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.123employee.com/css/style.css
Requested by
Host: www.123employee.com
URL: http://www.123employee.com/
Protocol
HTTP/1.1
Server
50.116.108.82 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
hgp.hgportalvps2sep21.com
Software
Apache /
Resource Hash
ceeaf5ce6354f2a0b7c71bbe9bff4e2c26ff86e60acfa5afce099b04cb66d4f1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.123employee.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.123employee.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 00:06:51 GMT
Last-Modified
Thu, 31 May 2018 09:57:39 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
38753
logo.png
www.123employee.com/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.123employee.com/images/logo.png
Requested by
Host: www.123employee.com
URL: http://www.123employee.com/
Protocol
HTTP/1.1
Server
50.116.108.82 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
hgp.hgportalvps2sep21.com
Software
Apache /
Resource Hash
33628ebb86280c77514a5ca9f8ab99fefe1f3df7b61ae81c22f12fa57816a2cc

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.123employee.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.123employee.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 00:06:51 GMT
Last-Modified
Fri, 04 Jul 2014 02:32:53 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
12493
1spacer.png
www.123employee.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.123employee.com/images/1spacer.png
Requested by
Host: www.123employee.com
URL: http://www.123employee.com/
Protocol
HTTP/1.1
Server
50.116.108.82 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
hgp.hgportalvps2sep21.com
Software
Apache /
Resource Hash
ae12cd0ce50f9c505d476f9536b32bfe5aa45d9f0a5f2075a2e04374585c13e3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.123employee.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.123employee.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 00:06:51 GMT
Last-Modified
Fri, 04 Jul 2014 02:32:44 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2803
gtm.js
www.googletagmanager.com/
Redirect Chain
  • http://www.googletagmanager.com/gtm.js?id=GTM-P6V2VR
  • https://www.googletagmanager.com/gtm.js?id=GTM-P6V2VR
115 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P6V2VR
Requested by
Host: www.123employee.com
URL: http://www.123employee.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a84f286bd551347260b4b570d50c8d40b6ccb82cdda8006d6c0fe0e30e258358
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 00:06:52 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44392
x-xss-protection
0
expires
Wed, 29 Sep 2021 00:06:52 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtm.js?id=GTM-P6V2VR
Date
Wed, 29 Sep 2021 00:06:51 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
Google Tag Manager
Content-Length
250
X-XSS-Protection
0
Content-Type
text/html; charset=UTF-8
welcome.jpg
www.123employee.com/images/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.123employee.com/images/welcome.jpg
Requested by
Host: www.123employee.com
URL: http://www.123employee.com/
Protocol
HTTP/1.1
Server
50.116.108.82 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
hgp.hgportalvps2sep21.com
Software
Apache /
Resource Hash
dcc5bbc643292a6b0b52dd29d6a6d79716a9bc762218cf58f5464e6f929629ad

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.123employee.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.123employee.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 00:06:51 GMT
Last-Modified
Fri, 04 Jul 2014 02:33:37 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
65193
myriadpro-light.woff
www.123employee.com/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www.123employee.com/fonts/myriadpro-light.woff
Requested by
Host: www.123employee.com
URL: http://www.123employee.com/css/style.css
Protocol
HTTP/1.1
Server
50.116.108.82 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
hgp.hgportalvps2sep21.com
Software
Apache /
Resource Hash
eea3ead3e9a10973b32261ef9be1682a0f0e69ee0cbd513c5f3a7eb9221a6733

Request headers

Pragma
no-cache
Origin
http://www.123employee.com
Accept-Encoding
gzip, deflate
Host
www.123employee.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
http://www.123employee.com/css/style.css
Connection
keep-alive
Referer
http://www.123employee.com/css/style.css
Origin
http://www.123employee.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 00:06:52 GMT
Last-Modified
Fri, 04 Jul 2014 02:36:04 GMT
Server
Apache
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
44388
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.123employee.com
URL: http://www.123employee.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4795
date
Tue, 28 Sep 2021 22:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 29 Sep 2021 00:46:57 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-P6V2VR
Protocol
HTTP/1.1
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
3b843d8505c200af17cdbf0a534faf3a5e6d41e67068387787984470ea717c97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 29 Sep 2021 00:06:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
14207842493151788310
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
14160
X-XSS-Protection
0
Expires
Wed, 29 Sep 2021 00:06:52 GMT
5233610d05288dad66000029.js
tag.marinsm.com/serve/ 		124 B
530 B 		Script
General
Check archive.org
Download Go to
Full URL
http://tag.marinsm.com/serve/5233610d05288dad66000029.js
Requested by
Host: www.123employee.com
URL: http://www.123employee.com/
Protocol
HTTP/1.1
Server
151.101.192.65 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
40cb29c6823e44efb83a3f11ea4d5f63f6ba7d029afa2058205dbecfa7d9ca30
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 00:06:52 GMT
Via
1.1 vegur, 1.1 varnish
X-Content-Type-Options
nosniff
Age
0
X-Cache
MISS
Connection
keep-alive
Content-Encoding
gzip
Content-Length
110
X-Served-By
cache-cdg20728-CDG
Server
Cowboy
X-Timer
S1632874012.134346,VS0,VE164
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=1800
Accept-Ranges
bytes
X-Cache-Hits
0
trackfu.js
my.wickedreports.com/ui/track/Employee/ 		0
314 B 		Script
General
Check archive.org
Download Go to
Full URL
http://my.wickedreports.com/ui/track/Employee/trackfu.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-P6V2VR
Protocol
HTTP/1.1
Server
34.207.72.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-207-72-187.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 00:06:52 GMT
Last-Modified
Tue, 23 Oct 2018 08:54:34 GMT
Server
nginx
ETag
"5bcee1ca-0"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Expires
Thu, 31 Dec 2037 23:55:55 GMT
ta175151d253deeb5db168454fb7fa6d6.js
d2ieqaiwehnqqp.cloudfront.net/ 		129 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2ieqaiwehnqqp.cloudfront.net/ta175151d253deeb5db168454fb7fa6d6.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-P6V2VR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-185.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2546b3a40143c3ed1ef01a45f6d358040920ac6d5d5d50623df95b81a44bd03f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 00:06:17 GMT
content-encoding
gzip
last-modified
Mon, 25 May 2020 22:37:48 GMT
server
AmazonS3
age
36
etag
W/"2614c27b2a34ec6e918f1afb7f5f4946"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
text/javascript
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
42jiZgJLbHq0Yy5JQt33M188qRz4h_p3nre7IiUpPpsF_up8E-TjWw==
bat.js
bat.bing.com/
Redirect Chain
  • http://bat.bing.com/bat.js
  • https://bat.bing.com/bat.js
34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.123employee.com
URL: http://www.123employee.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
25691b4cadbc6312d4968d44601681557ab0c8dc4cef73a82ff00171ba2bad31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 00:06:51 GMT
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 19:22:40 GMT
x-msedge-ref
Ref A: 7A301103F8D94691A82271B61549E49F Ref B: FRAEDGE1312 Ref C: 2021-09-29T00:06:52Z
etag
"080879d5b3d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
9985

Redirect headers

Location
https://bat.bing.com/bat.js
Non-Authoritative-Reason
HSTS
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.123employee.com
URL: http://www.123employee.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
XOTVOVXiTQ4LqB8dpLYSgqT57f1fyd48WjxESBUirJrv3fp3evLec8nWSxvkFgkpx9tWSjyTOcvrJSGgMQREcQ==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Wed, 29 Sep 2021 00:06:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964030899/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964030899/?random=1632874012098&cv=9&fst=1632874012098&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9r0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fwww.123employee.com%2F&tiba=123employee.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab2bdb2de2cc05f0ded67ad25c4bf8dcf20cdd171379f7c64d2dfde6e3f3171e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 00:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1002
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1553797641566180
connect.facebook.net/signals/config/ 		490 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1553797641566180?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
025be2e6eb465673d92e9dd5ffae6fc18107fbabc63e92b7f80c581025b4a170
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
AXbgNI/0VO0VNQPEU14w4bBbKXEudg8AotnYEmOj7m+RrkfB45Typ4Q8N3IEXWMp6UhdKBaju+qe06RM3yGOqQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 29 Sep 2021 00:06:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
5710405.js
bat.bing.com/p/action/ 		0
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5710405.js
Requested by
Host: bat.bing.com
URL: http://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 29 Sep 2021 00:06:51 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: 07A170660E544EFC9DFFA11BD16F09DA Ref B: FRAEDGE1312 Ref C: 2021-09-29T00:06:52Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5710405&Ver=2&mid=c962e04e-82b3-49e9-a5d1-d87dcb275e8f&sid=2610dcc020b911ecaa1517b25f43af68&vid=26110d4020b911ec82eb255eb3a89d31&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=123employee.com&kw=123Employee,%20123%20employee,%20Offshore%20Staffing,%20virtual%20assistant,%20virtual%20assistant%20services&p=http%3A%2F%2Fwww.123employee.com%2F&r=&lt=1779&evt=pageLoad&msclkid=N&sv=1&rn=580454
Requested by
Host: www.123employee.com
URL: http://www.123employee.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 29 Sep 2021 00:06:51 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 0EF7E818800149AA83973F53AC33C1BC Ref B: FRAEDGE1312 Ref C: 2021-09-29T00:06:52Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=520459443&t=pageview&_s=1&dl=http%3A%2F%2Fwww.123employee.com%2F&ul=en-us&de=UTF-8&dt=123employee.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=42657639&gjid=1126914749&cid=1722630039.1632874012&tid=UA-6824754-1&_gid=545231015.1632874012&_r=1&gtm=2wg9r0P6V2VR&z=1639308965
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.123employee.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 00:06:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.123employee.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/964030899/ 		42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/964030899/?random=1632874012098&cv=9&fst=1632873600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9r0&sendb=1&frm=0&url=http%3A%2F%2Fwww.123employee.com%2F&tiba=123employee.com&async=1&fmt=3&is_vtc=1&random=2603689689&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.123employee.com
URL: http://www.123employee.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 00:06:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/964030899/ 		42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/964030899/?random=1632874012098&cv=9&fst=1632873600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9r0&sendb=1&frm=0&url=http%3A%2F%2Fwww.123employee.com%2F&tiba=123employee.com&async=1&fmt=3&is_vtc=1&random=2603689689&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.123employee.com
URL: http://www.123employee.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 00:06:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1553797641566180&ev=PageView&dl=http%3A%2F%2Fwww.123employee.com%2F&rl=&if=false&ts=1632874012258&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1632874012257.574614058&it=1632874012111&coo=false&exp=p1&rqm=GET
Requested by
Host: www.123employee.com
URL: http://www.123employee.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 00:06:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 29 Sep 2021 00:06:52 GMT
/
ip.itracker360.com/ 		13 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ip.itracker360.com/
Requested by
Host: d2ieqaiwehnqqp.cloudfront.net
URL: https://d2ieqaiwehnqqp.cloudfront.net/ta175151d253deeb5db168454fb7fa6d6.js
Protocol
HTTP/1.1
Server
142.250.186.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f19.1e100.net
Software
Google Frontend /
Resource Hash
64292b3511991a550ddde6303b59d977b24760b2c6e5f5ef9e2331a5aae7476e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 00:06:52 GMT
Content-Encoding
gzip
Server
Google Frontend
Vary
Accept-Encoding
Content-Type
text/plain
Access-Control-Allow-Origin
*
X-Cloud-Trace-Context
304cd7677cb88b087ae21853708e2c03
Cache-Control
no-cache
Content-Length
33
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1553797641566180&ev=Microdata&dl=http%3A%2F%2Fwww.123employee.com%2F&rl=&if=false&ts=1632874013761&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22123employee.com%22%2C%22meta%3Adescription%22%3A%22123employee.com%20-%20123%20employee%20is%20an%20offshore%20outsourcing%20solution%20provider%20based%20in%20the%20philippines%22%2C%22meta%3Akeywords%22%3A%22123Employee%2C%20123%20employee%2C%20Offshore%20Staffing%2C%20virtual%20assistant%2C%20virtual%20assistant%20services%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1632874012257.574614058&it=1632874012111&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.123employee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 00:06:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 29 Sep 2021 00:06:53 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster string| jslang object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _pa object| uetq function| fbq function| _fbq function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET function| UET_init function| UET_push object| gaplugins object| gaGlobal object| gaData object| regeneratorRuntime object| JSON3 object| _0x3039 function| _0x9ced function| trackerLoad string| os string| str number| c object| iTracker360

9 Cookies

Domain/Path Name / Value
.bing.com/ Name: MUID
Value: 3F38F3609D97613200BAE3A19C4560C5
.123employee.com/ Name: _uetsid
Value: 2610dcc020b911ecaa1517b25f43af68
.123employee.com/ Name: _uetvid
Value: 26110d4020b911ec82eb255eb3a89d31
.123employee.com/ Name: _ga
Value: GA1.2.1722630039.1632874012
.123employee.com/ Name: _gid
Value: GA1.2.545231015.1632874012
.123employee.com/ Name: _gat_UA-6824754-1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.123employee.com/ Name: _fbp
Value: fb.1.1632874012257.574614058
.123employee.com/ Name: iTracker360
Value: sou%3Ddirect%7Cmed%3Dnone%7Cter%3D-%7Ccon%3D-%7Ccam%3Ddirect%7Cref%3Dhttp%253A//www.123employee.com/%7Cfirstlpurl%3Dhttp%253A//www.123employee.com/%7Cgcl%3D%7Cgaclientid%3D%7Cleadsource%3Ddirect-none-link%7Cip%3D%7Ccustomfield1%3D%7Ccustomfield2%3D%7Ccustomfield3%3D%7Ccustomfield4%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
connect.facebook.net
d2ieqaiwehnqqp.cloudfront.net
googleads.g.doubleclick.net
ip.itracker360.com
my.wickedreports.com
tag.marinsm.com
www.123employee.com
www.articles.123employee.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.225.84.185
142.250.185.130
142.250.186.147
151.101.192.65
2620:1ec:c11::200
2a00:1450:4001:80e::2008
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2004
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.207.72.187
50.116.108.82
025be2e6eb465673d92e9dd5ffae6fc18107fbabc63e92b7f80c581025b4a170
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2546b3a40143c3ed1ef01a45f6d358040920ac6d5d5d50623df95b81a44bd03f
25691b4cadbc6312d4968d44601681557ab0c8dc4cef73a82ff00171ba2bad31
33628ebb86280c77514a5ca9f8ab99fefe1f3df7b61ae81c22f12fa57816a2cc
3b843d8505c200af17cdbf0a534faf3a5e6d41e67068387787984470ea717c97
3b870b7b55d760197d46d3cf704703f3acaff4c5f6ab2b4ce457289e147adfe0
40cb29c6823e44efb83a3f11ea4d5f63f6ba7d029afa2058205dbecfa7d9ca30
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
64292b3511991a550ddde6303b59d977b24760b2c6e5f5ef9e2331a5aae7476e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
a84f286bd551347260b4b570d50c8d40b6ccb82cdda8006d6c0fe0e30e258358
a8737b044adea58b5ec33a471a85226ca42f073ef5a65abf189093d64474d538
ab2bdb2de2cc05f0ded67ad25c4bf8dcf20cdd171379f7c64d2dfde6e3f3171e
ae12cd0ce50f9c505d476f9536b32bfe5aa45d9f0a5f2075a2e04374585c13e3
ceeaf5ce6354f2a0b7c71bbe9bff4e2c26ff86e60acfa5afce099b04cb66d4f1
dcc5bbc643292a6b0b52dd29d6a6d79716a9bc762218cf58f5464e6f929629ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eea3ead3e9a10973b32261ef9be1682a0f0e69ee0cbd513c5f3a7eb9221a6733
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62