jobjober.de Open in urlscan Pro
2606:4700:30::681b:b4ae Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://jobjober.de/
Effective URL:
https://jobjober.de/
Submission: On October 23 via api (October 23rd 2018, 4:15:56 pm UTC) from US

Summary HTTP 60 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 20 IPs in 8 countries across 22 domains to perform 60 HTTP transactions. The main IP is 2606:4700:30::681b:b4ae, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is jobjober.de.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on October 20th 2018. Valid for: 6 months.

This is the only time jobjober.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:30:... 2606:4700:30::681b:b5ae	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
15	2606:4700:30:... 2606:4700:30::681b:b4ae	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2606:4700:10:... 2606:4700:10::6814:2b5d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
7	2a03:90c0:999... 2a03:90c0:9997::9997	199524 (GCORE) (GCORE)
1	2606:4700:30:... 2606:4700:30::681b:934e	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2400:cb00:204... 2400:cb00:2048:1::6813:c497	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:10:... 2606:4700:10::6814:d03b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2606:4700:30:... 2606:4700:30::681c:1450	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	85.10.201.130 85.10.201.130	24940 (HETZNER-AS) (HETZNER-AS)
2	148.251.53.118 148.251.53.118	24940 (HETZNER-AS) (HETZNER-AS)
1	31.172.81.242 31.172.81.242	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
3	88.208.41.103 88.208.41.103	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	31.172.81.228 31.172.81.228	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2	195.181.175.9 195.181.175.9	60068 (CDN77) (CDN77)
1	195.181.170.17 195.181.170.17	60068 (CDN77) (CDN77)
12 15	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE - Google LLC)
3 3	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 2	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
2 2	185.33.223.209 185.33.223.209	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
60	20

1 2606:4700:30::681b:b5ae (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

jobjober.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:30::681b:b4ae (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

jobjober.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:2b5d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.datatables.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:90c0:9997::9997 (Austria)

ASN199524 (GCORE, AT)

st-n.tckn-code.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.user-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:934e (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

freebitcoincash.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::6813:c497 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:d03b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

coinhive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81a::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::681c:1450 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

coinmedia.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s2.coinmedia.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.10.201.130 (Mörfelden-walldorf, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.85-10-201-130.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.53.118 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.118.53.251.148.clients.your-server.de

acceptable.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.242 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.users-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.208.41.103 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

xl-trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.228 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

n.tckn-code.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.181.175.9 (United Kingdom)

ASN60068 (CDN77, GB)
PTR: frankfurt-2.cdn77.com

p1.dircont3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.170.17 (United Kingdom)

ASN60068 (CDN77, GB)
PTR: frankfurt-15.cdn77.com

pix.user-clicks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 31.172.81.158 (Germany) 12 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.user-clicks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.205.226 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.160 (Germany) 3 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.sniperlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.209 (European Union) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	jobjober.de 1 redirects jobjober.de	118 KB
7	adsniper.ru 7 redirects sync3.adsniper.ru	4 KB
6	user-clicks.com 3 redirects pix.user-clicks.com sync.user-clicks.com	10 KB
6	tckn-code.com st-n.tckn-code.com n.tckn-code.com	44 KB
4	user-api.com cdn.user-api.com	36 KB
4	a-ads.com ad.a-ads.com acceptable.a-ads.com
4	gstatic.com www.gstatic.com fonts.gstatic.com	128 KB
3	bumlam.com 2 redirects sync.bumlam.com	2 KB
3	sniperlog.ru 3 redirects sync3.sniperlog.ru	2 KB
3	xl-trk.com xl-trk.com	196 B
3	google.com www.google.com	544 B
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	yandex.ru 1 redirects an.yandex.ru	700 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net	596 B
2	dircont3.com p1.dircont3.com	884 B
2	coinmedia.co 1 redirects coinmedia.co s2.coinmedia.co	373 B
2	googleapis.com fonts.googleapis.com	1 KB
2	datatables.net cdn.datatables.net	29 KB
1	users-api.com sync.users-api.com	364 B
1	coinhive.com coinhive.com	69 KB
1	cloudflare.com cdnjs.cloudflare.com	10 KB
1	freebitcoincash.de freebitcoincash.de	9 KB
60	22

	Domain	Requested by
16	jobjober.de	1 redirects jobjober.de
7	sync3.adsniper.ru	7 redirects
5	sync.user-clicks.com	3 redirects jobjober.de
4	cdn.user-api.com	jobjober.de
3	sync.bumlam.com	2 redirects jobjober.de
3	sync3.sniperlog.ru	3 redirects
3	n.tckn-code.com	st-n.tckn-code.com jobjober.de
3	xl-trk.com	jobjober.de
3	fonts.gstatic.com	jobjober.de
3	ad.a-ads.com	jobjober.de
3	st-n.tckn-code.com	jobjober.de n.tckn-code.com
3	www.google.com	jobjober.de www.gstatic.com
2	ib.adnxs.com	2 redirects
2	an.yandex.ru	1 redirects jobjober.de
2	cm.g.doubleclick.net	2 redirects
2	p1.dircont3.com	st-n.tckn-code.com jobjober.de
2	fonts.googleapis.com	jobjober.de
2	cdn.datatables.net	jobjober.de
1	pix.user-clicks.com	st-n.tckn-code.com
1	sync.users-api.com	st-n.tckn-code.com
1	acceptable.a-ads.com	jobjober.de
1	s2.coinmedia.co	jobjober.de
1	coinmedia.co	1 redirects
1	www.gstatic.com	www.google.com
1	coinhive.com	jobjober.de
1	cdnjs.cloudflare.com	jobjober.de
1	freebitcoincash.de	jobjober.de
60	27

This site contains links to these domains. Also see Links.

Domain
cstrsk.de
freebitcoincash.de
www.microsoft.com
fast1track.info
token.ad
faucet.cstrsk.de
twitter.com

Subject Issuer	Validity	Valid
sni196509.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-10-20` - `2019-04-28`	6 months	crt.sh
ssl748562.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-07-04` - `2019-01-10`	6 months	crt.sh
www.google.com Google Internet Authority G3	`2018-10-02` - `2018-12-25`	3 months	crt.sh
n.tckn-code.com Let's Encrypt Authority X3	`2018-10-15` - `2019-01-13`	3 months	crt.sh
sni29133.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-10-20` - `2019-04-28`	6 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-22` - `2019-03-31`	6 months	crt.sh
ssl809251.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-08-15` - `2019-02-21`	6 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-10-02` - `2018-12-25`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2018-10-02` - `2018-12-25`	3 months	crt.sh
sni43211.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-10` - `2019-03-19`	6 months	crt.sh
*.a-ads.com COMODO RSA Domain Validation Secure Server CA	`2017-11-25` - `2018-11-27`	a year	crt.sh
sync.users-api.com Let's Encrypt Authority X3	`2018-10-15` - `2019-01-13`	3 months	crt.sh
xl-trk.com Let's Encrypt Authority X3	`2018-10-05` - `2019-01-03`	3 months	crt.sh
1088415191.rsc.cdn77.org Let's Encrypt Authority X3	`2018-09-22` - `2018-12-21`	3 months	crt.sh
1398493258.rsc.cdn77.org Let's Encrypt Authority X3	`2018-09-10` - `2018-12-09`	3 months	crt.sh
cdn.user-api.com Let's Encrypt Authority X3	`2018-08-31` - `2018-11-29`	3 months	crt.sh
*.user-clicks.com Let's Encrypt Authority X3	`2018-09-06` - `2018-12-05`	3 months	crt.sh
bs.yandex.ru Yandex CA	`2018-10-03` - `2019-10-03`	a year	crt.sh
*.bumlam.com Let's Encrypt Authority X3	`2018-08-06` - `2018-11-04`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://jobjober.de/
Frame ID: 637BBD6BC4A4C402CB1861254671A823
Requests: 53 HTTP requests in this frame

Frame: https://s2.coinmedia.co/new_code_site101036.js
Frame ID: B65FDE127C66C9C2CDDA3DBD4D53E87D
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/727034?size=728x90
Frame ID: DE9DF22055325675C7E54103162B1E74
Requests: 1 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/569149
Frame ID: 3F1D17EA08ADE07EC0BAFF3AF44EC794
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/951072?size=160x600
Frame ID: 9961DEC6A531AD495C2BAB8AF017AFE4
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/699028?size=300x250
Frame ID: E11D1B7792AD464B783F00126D6B8FBF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcnPBQUAAAAAPlum90OVunFzmE3cFVvPLsxB6Ib&co=aHR0cHM6Ly9qb2Jqb2Jlci5kZTo0NDM.&hl=en&v=v1539585139095&size=normal&cb=ytnh18dnvcly
Frame ID: 03097AC5E4C9270326BB864CED1C2072
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1539585139095&k=6LcnPBQUAAAAAPlum90OVunFzmE3cFVvPLsxB6Ib&cb=pvpb9aooekc3
Frame ID: 4617DD33DF897BA003CA781070FB7450
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://jobjober.de/ HTTP 301
https://jobjober.de/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i
env /pp_(?:alreadyInitialized|descriptions|images|titles)/i

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /pp_(?:alreadyInitialized|descriptions|images|titles)/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

env /^Recaptcha$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

60
Requests

92 %
HTTPS

52 %
IPv6

22
Domains

27
Subdomains

20
IPs

8
Countries

454 kB
Transfer

2508 kB
Size

7
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://cstrsk.de/
Title: CSTRSK Home

Search URL Search Domain Scan URL

URL: https://freebitcoincash.de/
Title: FreeBitcoinCash

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/store/apps/9wzdncrd1ll3
Title: Bitcoins Free

Search URL Search Domain Scan URL

URL: http://fast1track.info/?user_id=182&offer_id=4322&s_trk=Cgh7ANv7jjkAsBDhuqr4BBiwkr3eBQ**&subid2=U0NCLTEwNy1zc3AtOGIwYzJiMzgtYWMyYS00NDRiLTI5M2QtMTU0MDMxMTM0NS1qbmx4bHM5My0xNW5uOjA6NTM4MzkyOjA6MTAw&subacc4=538392

Search URL Search Domain Scan URL

URL: http://fast1track.info/?user_id=182&offer_id=4322&s_trk=Cgh7ANv7jjkAsBDO5sEEGLCSvd4F&subid2=U0NCLTEwNy1zc3AtOGIwYzJiMzgtYWMyYS00NDRiLTI5M2QtMTU0MDMxMTM0NS1qbmx4bHM5My0xNW5uOjA6NTM4MzkyOjA6MTAw&subacc4=538392

Search URL Search Domain Scan URL

URL: http://fast1track.info/?user_id=182&offer_id=4322&s_trk=Cgh7ANv7jjkAsBDPpvsXGLCSvd4F&subid2=U0NCLTEwNy1zc3AtOGIwYzJiMzgtYWMyYS00NDRiLTI5M2QtMTU0MDMxMTM0NS1qbmx4bHM5My0xNW5uOjA6NTM4MzkyOjA6MTAw&subacc4=538392

Search URL Search Domain Scan URL

URL: http://fast1track.info/?user_id=182&offer_id=4400&s_trk=Cgh7ANv7jjkAsBCT6LbSDxiwkr3eBQ**&subid2=U0NCLTEwNy1zc3AtOGIwYzJiMzgtYWMyYS00NDRiLTI5M2QtMTU0MDMxMTM0NS1qbmx4bHM5My0xNW5uOjA6NTM4MzkyOjA6MTAw&subacc4=538392

Search URL Search Domain Scan URL

URL: https://token.ad/

Search URL Search Domain Scan URL

URL: https://faucet.cstrsk.de/
Title: CSTRSK Faucet

Search URL Search Domain Scan URL

URL: https://cstrsk.de/faux/page/Bitcoins-Free
Title: Bitcoins-Free App

Search URL Search Domain Scan URL

URL: https://twitter.com/cstrsk
Title: @cstrsk

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://jobjober.de/ HTTP 301
https://jobjober.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://coinmedia.co/new_code_site101036.js HTTP 301
https://s2.coinmedia.co/new_code_site101036.js

Request Chain 54

https://sync.user-clicks.com/?src=gp3&cmp=pxleadvisitc3753&act=v3753&cid=A2D4FF&r64=&data64=eydhY3QnOid2Yyd9&ver=1.3.2&cb=0.14814243964709828 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABixkr3eBVIFybie7ARaGQoCY2ISEzAuMTQ4MTQyNDM5NjQ3MDk4MjhaGgoGZGF0YTY0EhBleWRoWTNRbk9pZDJZeWQ5WgwKA3ZlchIFMS4zLjLyARBweGxlYWR2aXNpdGMzNzUz-gEFdjM3NTOCAgZBMkQ0RkY* HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARixkr3eBVIFybie7ARaGQoCY2ISEzAuMTQ4MTQyNDM5NjQ3MDk4MjhaGgoGZGF0YTY0EhBleWRoWTNRbk9pZDJZeWQ5WgwKA3ZlchIFMS4zLjKiARDlVClS1t4R6IbgACWQwGR88gEQcHhsZWFkdmlzaXRjMzc1M_oBBXYzNzUzggIGQTJENEZG HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQAhixkr3eBVIFybie7ARaGQoCY2ISEzAuMTQ4MTQyNDM5NjQ3MDk4MjhaGgoGZGF0YTY0EhBleWRoWTNRbk9pZDJZeWQ5WgwKA3ZlchIFMS4zLjKiARDlVCOy1t4R6IpTDMR6bS_v8gEQcHhsZWFkdmlzaXRjMzc1M_oBBXYzNzUzggIGQTJENEZG HTTP 302
https://sync.user-clicks.com/?src=gp3&s_data=CAIQABixkr3eBVoZCgJjYhITMC4xNDgxNDI0Mzk2NDcwOTgyOFoaCgZkYXRhNjQSEGV5ZGhZM1FuT2lkMll5ZDlaDAoDdmVyEgUxLjMuMqIBEOVUI7LW3hHoilMMxHptL-_yARBweGxlYWR2aXNpdGMzNzUz-gEFdjM3NTOCAgZBMkQ0RkY*

Request Chain 55

https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=&extra2=gp3.A2D4FF.pxleadvisitc3753.v3753 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm=&extra1=&extra2=gp3.A2D4FF.pxleadvisitc3753.v3753&google_tc= HTTP 302
https://sync3.sniperlog.ru/?src=ggl&extra1=&extra2=gp3.A2D4FF.pxleadvisitc3753.v3753&google_gid=CAESELu3UFj2yJRM99vJlr6mFro&google_cver=1 HTTP 302
https://sync3.adsniper.ru/?src=ggl&s_data=CAEQABixkr3eBVIFs77ftwdaCAoGZXh0cmExWisKBmV4dHJhMhIhZ3AzLkEyRDRGRi5weGxlYWR2aXNpdGMzNzUzLnYzNzUzYhtDQUVTRUx1M1VGajJ5SlJNOTl2SmxyNm1Gcm9qATE* HTTP 302
https://sync3.sniperlog.ru/?src=ggl&s_data=CAIQABixkr3eBVoICgZleHRyYTFaKwoGZXh0cmEyEiFncDMuQTJENEZGLnB4bGVhZHZpc2l0YzM3NTMudjM3NTNiG0NBRVNFTHUzVUZqMnlKUk05OXZKbHI2bUZyb2oBMaIBEOVUI7LW3hHoilMMxHptL-8* HTTP 302
https://sync3.sniperlog.ru/?src=ggl&s_data=CAIQARixkr3eBVoICgZleHRyYTFaKwoGZXh0cmEyEiFncDMuQTJENEZGLnB4bGVhZHZpc2l0YzM3NTMudjM3NTNiG0NBRVNFTHUzVUZqMnlKUk05OXZKbHI2bUZyb2oBMaIBEOVUI7LW3hHoilMMxHptL-8* HTTP 302
https://an.yandex.ru/setud/adsniper/639E21A7A68A5FB7?sign=2460921002 HTTP 302
https://an.yandex.ru/setud/adsniper/639E21A7A68A5FB7?redir-setuniq=1&sign=2460921002

Request Chain 56

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.bumlam.com%2F%3Fsrc%3Dapn3%26extra1%3D%26extra2%3Dgp3.A2D4FF.pxleadvisitc3753.v3753%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.bumlam.com%252F%253Fsrc%253Dapn3%2526extra1%253D%2526extra2%253Dgp3.A2D4FF.pxleadvisitc3753.v3753%2526uid%253D%2524UID HTTP 302
https://sync.bumlam.com/?src=apn3&extra1=&extra2=gp3.A2D4FF.pxleadvisitc3753.v3753&uid=611746609774840707 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABixkr3eBVIFpNTf4gFaCAoGZXh0cmExWisKBmV4dHJhMhIhZ3AzLkEyRDRGRi5weGxlYWR2aXNpdGMzNzUzLnYzNzUzYhI2MTE3NDY2MDk3NzQ4NDA3MDc* HTTP 302
https://sync.bumlam.com/?src=apn3&s_data=CAIQABixkr3eBVoICgZleHRyYTFaKwoGZXh0cmEyEiFncDMuQTJENEZGLnB4bGVhZHZpc2l0YzM3NTMudjM3NTNiEjYxMTc0NjYwOTc3NDg0MDcwN6IBEOVUI7LW3hHoilMMxHptL-8* HTTP 302
https://sync.bumlam.com/?src=apn3&s_data=CAIQARixkr3eBVoICgZleHRyYTFaKwoGZXh0cmEyEiFncDMuQTJENEZGLnB4bGVhZHZpc2l0YzM3NTMudjM3NTNiEjYxMTc0NjYwOTc3NDg0MDcwN6IBEOVUI7LW3hHoilMMxHptL-8*

Request Chain 57

https://sync.user-clicks.com/?src=gp3&cmp=pxleadvisitc3753&act=v3753&cid=A2D4FF&r64=&ver=1.3.2&cb=0.12139089233254485 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABixkr3eBVIFybie7ARaGQoCY2ISEzAuMTIxMzkwODkyMzMyNTQ0ODVaDAoDdmVyEgUxLjMuMvIBEHB4bGVhZHZpc2l0YzM3NTP6AQV2Mzc1M4ICBkEyRDRGRg** HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARixkr3eBVIFybie7ARaGQoCY2ISEzAuMTIxMzkwODkyMzMyNTQ0ODVaDAoDdmVyEgUxLjMuMqIBEOVUI7LW3hHoilMMxHptL-_yARBweGxlYWR2aXNpdGMzNzUz-gEFdjM3NTOCAgZBMkQ0RkY* HTTP 302
https://sync.user-clicks.com/?src=gp3&s_data=CAIQABixkr3eBVoZCgJjYhITMC4xMjEzOTA4OTIzMzI1NDQ4NVoMCgN2ZXISBTEuMy4yogEQ5VQjstbeEeiKUwzEem0v7_IBEHB4bGVhZHZpc2l0YzM3NTP6AQV2Mzc1M4ICBkEyRDRGRg** HTTP 302
https://sync.user-clicks.com/?src=gp3&s_data=CAIQARixkr3eBVoZCgJjYhITMC4xMjEzOTA4OTIzMzI1NDQ4NVoMCgN2ZXISBTEuMy4yogEQ5VQjstbeEeiKUwzEem0v7_IBEHB4bGVhZHZpc2l0YzM3NTP6AQV2Mzc1M4ICBkEyRDRGRg**

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
jobjober.de/
Redirect Chain

http://jobjober.de/
https://jobjober.de/

20 KB
9 KB

516ms
493ms

Document
text/html

2606:4700:30::681b:b4ae
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://jobjober.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:30::681b:b4ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / PHP/5.6.36

Resource Hash

abba127b44571b6d4a555b3b5d6516f190e050ad6b78b1587d265eb86eef8ece

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:method: GET
:authority: jobjober.de
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
cookie: __cfduid=dfe977c6c4faeca64c419460cd51425bf1540311343; _lcp=a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Tue, 23 Oct 2018 16:15:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-lima-id: zevnf6rx6Uu43YskUg
content-security-policy: upgrade-insecure-requests
x-powered-by: PHP/5.6.36
set-cookie: ci_session=fd500f84ed2641e0540e5316c26919fc11e8b1ce; expires=Tue, 23-Oct-2018 18:15:44 GMT; Max-Age=7200; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 46e5810b5e699774-FRA
content-encoding: gzip

Redirect headers

Date: Tue, 23 Oct 2018 16:15:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dfe977c6c4faeca64c419460cd51425bf1540311343; expires=Wed, 23-Oct-19 16:15:43 GMT; path=/; domain=.jobjober.de; HttpOnly _lcp=a; Path=/; expires=Mon Mar 20 2034 13:02:58
X-Lima-Id: zeHeOlhrSb0vq1l5fM
Content-Security-Policy: upgrade-insecure-requests
Location: https://jobjober.de/
Server: cloudflare
CF-RAY: 46e5810b17a464db-FRA

GET
H2 200 bootstrap.css
jobjober.de/assets/css/ 124 KB
20 KB 15ms
13ms Stylesheet
text/css 2606:4700:30::681b:b4ae
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://jobjober.de/assets/css/bootstrap.css

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:30::681b:b4ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6066104b032d752120a3756fb57a1a4b4d2024de1b6ab3b8b0a6eac437d05a6d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /assets/css/bootstrap.css
pragma: no-cache
cookie: __cfduid=dfe977c6c4faeca64c419460cd51425bf1540311343; _lcp=a; ci_session=fd500f84ed2641e0540e5316c26919fc11e8b1ce
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: jobjober.de
referer: https://jobjober.de/
:scheme: https
:method: GET
Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Jul 2018 09:59:11 GMT
server: cloudflare
etag: W/"1400e7-1f01d-5703d995595c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
x-lima-id: arQpdCcMlw61qzbpli
cache-control: public, max-age=2592000
content-security-policy: upgrade-insecure-requests
cf-ray: 46e5810e79269774-FRA
expires: Thu, 22 Nov 2018 16:15:44 GMT

GET
H2 200 style.css
jobjober.de/assets/css/ 11 KB
3 KB 10ms
9ms Stylesheet
text/css 2606:4700:30::681b:b4ae
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://jobjober.de/assets/css/style.css

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:30::681b:b4ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

be4a31a69e2368730992cdb09635a890dda35dbc62920bffb0e74442cefd78cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /assets/css/style.css
pragma: no-cache
cookie: __cfduid=dfe977c6c4faeca64c419460cd51425bf1540311343; _lcp=a; ci_session=fd500f84ed2641e0540e5316c26919fc11e8b1ce
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: jobjober.de
referer: https://jobjober.de/
:scheme: https
:method: GET
Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Jul 2018 09:59:25 GMT
server: cloudflare
etag: W/"140112-2a75-5703d9a2623e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
x-lima-id: arHOpjcqo7jnMYla3B
cache-control: public, max-age=2592000
content-security-policy: upgrade-insecure-requests
cf-ray: 46e5810e79279774-FRA
expires: Thu, 22 Nov 2018 16:15:44 GMT

GET
H2 200 font-awesome.min.css
jobjober.de/assets/css/ 17 KB
4 KB 11ms
9ms Stylesheet
text/css 2606:4700:30::681b:b4ae
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://jobjober.de/assets/css/font-awesome.min.css

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:30::681b:b4ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f96c8aa5eadbf98b155a0627034b14b6fdced2431dcd5e383eb957e42b7b9d9e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /assets/css/font-awesome.min.css
pragma: no-cache
cookie: __cfduid=dfe977c6c4faeca64c419460cd51425bf1540311343; _lcp=a; ci_session=fd500f84ed2641e0540e5316c26919fc11e8b1ce
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: jobjober.de
referer: https://jobjober.de/
:scheme: https
:method: GET
Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Jul 2018 09:59:13 GMT
server: cloudflare
etag: W/"1400ec-4577-5703d997a732b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
x-lima-id: ar60zvKNQBVVABSYBb
cache-control: public, max-age=2592000
content-security-policy: upgrade-insecure-requests
cf-ray: 46e5810e79289774-FRA
expires: Thu, 22 Nov 2018 16:15:44 GMT

GET
H2 200 flipclock.css
jobjober.de/assets/css/ 10 KB
2 KB 13ms
12ms Stylesheet
text/css 2606:4700:30::681b:b4ae
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://jobjober.de/assets/css/flipclock.css

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:30::681b:b4ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e170d2d111addd53d14888a90aa11df43684c0ed1aef5152ff34d0b5dce83c3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /assets/css/flipclock.css
pragma: no-cache
cookie: __cfduid=dfe977c6c4faeca64c419460cd51425bf1540311343; _lcp=a; ci_session=fd500f84ed2641e0540e5316c26919fc11e8b1ce
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: jobjober.de
referer: https://jobjober.de/
:scheme: https
:method: GET
Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Jul 2018 09:59:13 GMT
server: cloudflare
etag: W/"1400eb-279f-5703d9975912e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
x-lima-id: ar1G9MoZd2aSTJTguR
cache-control: public, max-age=2592000
content-security-policy: upgrade-insecure-requests
cf-ray: 46e5810e79299774-FRA
expires: Thu, 22 Nov 2018 16:15:44 GMT

GET
S 200 dataTables.bootstrap.min.css
cdn.datatables.net/1.10.13/css/ 4 KB
1 KB 51ms
12ms Stylesheet
text/css 2606:4700:10::6814:2b5d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.datatables.net/1.10.13/css/dataTables.bootstrap.min.css
Requested by: Host: jobjober.de
URL: https://jobjober.de/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:2b5d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5f6d1473458b6d1ba293ab2352d5bed3454082ab106a15ff9516bfcb577514d

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:44 GMT
content-encoding: gzip
cf-cache-status: HIT
status: 200
content-length: 935
last-modified: Tue, 17 Jul 2018 10:18:26 GMT
server: cloudflare
etag: "112005a-105c-5712f4449437a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 46e5810eba24c2d3-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 23 Oct 2019 16:15:44 GMT

GET
S 200 api.js Show response
www.google.com/recaptcha/ 762 B
544 B 16ms
15ms Script
text/javascript 2a00:1450:4001:81a::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

045d0466303c1141e3e24ba1a7ba9aad316015c51b21316497c6f50b4efdb358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 447
x-xss-protection: 1; mode=block
expires: Tue, 23 Oct 2018 16:15:44 GMT

GET
H2 200 logo.png
jobjober.de/assets/img/ 5 KB
5 KB 15ms
14ms Image
image/png 2606:4700:30::681b:b4ae
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jobjober.de/assets/img/logo.png

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:30::681b:b4ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9eb72b2160145a0574b01f7d9a60ea1487c4066f62b78d3b9eb1b9b09658988

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /assets/img/logo.png
pragma: no-cache
cookie: __cfduid=dfe977c6c4faeca64c419460cd51425bf1540311343; _lcp=a; ci_session=fd500f84ed2641e0540e5316c26919fc11e8b1ce
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: jobjober.de
referer: https://jobjober.de/
:scheme: https
:method: GET
Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:44 GMT
cf-cache-status: HIT
status: 200
x-lima-id: ze8gSPbWMVX0WSW339
content-length: 4919
last-modified: Thu, 05 Jul 2018 09:59:34 GMT
server: cloudflare
etag: "14012a-1337-5703d9aba7451"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 46e5810e792a9774-FRA
expires: Thu, 22 Nov 2018 16:15:44 GMT

GET
H2 200 160x200.jpg
jobjober.de/assets/img/samples/ 3 KB
3 KB 12ms
12ms Image
image/jpeg 2606:4700:30::681b:b4ae
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jobjober.de/assets/img/samples/160x200.jpg

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:30::681b:b4ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

eff4584820dde7379fc24846686b7a9d18ed19e8d42332ca551472dcca3fa610

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /assets/img/samples/160x200.jpg
pragma: no-cache
cookie: __cfduid=dfe977c6c4faeca64c419460cd51425bf1540311343; _lcp=a; ci_session=fd500f84ed2641e0540e5316c26919fc11e8b1ce
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: jobjober.de
referer: https://jobjober.de/
:scheme: https
:method: GET
Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:44 GMT
cf-cache-status: HIT
status: 200
x-lima-id: arNaOHsg8GzCakQINV
content-length: 3213
last-modified: Thu, 05 Jul 2018 09:59:35 GMT
server: cloudflare
etag: "14012b-c8d-5703d9abf370e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 46e5810e792b9774-FRA
expires: Thu, 22 Nov 2018 16:15:44 GMT

GET
H2 200 fh_logo.png
jobjober.de/assets/img/ 18 KB
18 KB 12ms
11ms Image
image/png 2606:4700:30::681b:b4ae
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jobjober.de/assets/img/fh_logo.png

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:30::681b:b4ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

41e31d902cfa3121ea405a6de651cf3a1e3169358703547f3345610971b64222

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /assets/img/fh_logo.png
pragma: no-cache
cookie: __cfduid=dfe977c6c4faeca64c419460cd51425bf1540311343; _lcp=a; ci_session=fd500f84ed2641e0540e5316c26919fc11e8b1ce
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: jobjober.de
referer: https://jobjober.de/
:scheme: https
:method: GET
Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:44 GMT
cf-cache-status: HIT
status: 200
x-lima-id: ar768m02c3Pn8awnnR
content-length: 18668
last-modified: Thu, 05 Jul 2018 09:59:33 GMT
server: cloudflare
etag: "140123-48ec-5703d9aa5d31d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 46e5810ed9b19774-FRA
expires: Thu, 22 Nov 2018 16:15:44 GMT

GET
S 200 a.js Show response
st-n.tckn-code.com/js/ 48 KB
19 KB 55ms
13ms Script
application/x-javascript 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://st-n.tckn-code.com/js/a.js

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:90c0:9997::9997 , Austria, ASN199524 (GCORE, AT),

Reverse DNS

Software

nginx /

Resource Hash

235728a37a742caf79d73f39c7947c90783ba875aaa0d118c89d4174f807d401

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-id: nkf-up-gc6
date: Tue, 23 Oct 2018 16:15:44 GMT
content-encoding: gzip
last-modified: Fri, 19 Oct 2018 14:57:14 GMT
server: nginx
strict-transport-security: max-age=15768000
x-cached-since: 2018-10-23T16:14:23+00:00
content-type: application/x-javascript
status: 200
cache-control: max-age=60
cache: STALE
expires: Tue, 23 Oct 2018 16:16:44 GMT

GET
S 200 script.js Show response
freebitcoincash.de/Privacy-Policy/ 0
9 KB 654ms
569ms Script
text/html 2606:4700:30::681b:934e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://freebitcoincash.de/Privacy-Policy/script.js
Requested by: Host: jobjober.de
URL: https://jobjober.de/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:934e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html; charset=UTF-8

GET
H2 200 jquery.min.js Show response
jobjober.de/assets/js/ 84 KB
31 KB 10ms
9ms Script
application/javascript 2606:4700:30::681b:b4ae
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://jobjober.de/assets/js/jquery.min.js

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:30::681b:b4ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad77478f8594e99701d9f5960d69da28aaa9cfaf724959fca6137e2db91f7c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /assets/js/jquery.min.js
pragma: no-cache
cookie: __cfduid=dfe977c6c4faeca64c419460cd51425bf1540311343; _lcp=a; ci_session=fd500f84ed2641e0540e5316c26919fc11e8b1ce
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: jobjober.de
referer: https://jobjober.de/
:scheme: https
:method: GET
Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Jul 2018 10:00:47 GMT
server: cloudflare
etag: W/"1401fd-14e9f-5703d9f15adc8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-lima-id: zeeL8H5mqWVw2wuV6C
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
cf-ray: 46e5810ed9a99774-FRA
expires: Tue, 30 Oct 2018 16:15:44 GMT

GET
S 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/ 36 KB
10 KB 28ms
27ms Script
application/javascript 2400:cb00:2048:1::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:44 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
served-in-seconds: 0.001
last-modified: Thu, 17 May 2018 09:27:13 GMT
server: cloudflare
etag: W/"5afd4af1-90b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 46e5810edbd69798-FRA
expires: Sun, 13 Oct 2019 16:15:44 GMT

GET
S 200 jquery.dataTables.min.js Show response
cdn.datatables.net/1.10.13/js/ 81 KB
28 KB 11ms
9ms Script
application/javascript 2606:4700:10::6814:2b5d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.datatables.net/1.10.13/js/jquery.dataTables.min.js
Requested by: Host: jobjober.de
URL: https://jobjober.de/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:2b5d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c96037e7a94386bbb2d49f231a771a3162803d80db2b8ece29bd2e4ff6842cb7

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:44 GMT
content-encoding: gzip
cf-cache-status: HIT
status: 200
content-length: 28202
last-modified: Tue, 17 Jul 2018 10:18:26 GMT
server: cloudflare
etag: "112044c-14473-5712f4449531a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 46e5810eda7bc2d3-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 23 Oct 2019 16:15:44 GMT

GET
H2 200 retina-1.1.0.js Show response
jobjober.de/assets/js/ 4 KB
2 KB 12ms
11ms Script
application/javascript 2606:4700:30::681b:b4ae
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://jobjober.de/assets/js/retina-1.1.0.js

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:30::681b:b4ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3796f16c6213440e04fd8e9948f136bfd0ea7afa8f962a896e95a445116b381f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /assets/js/retina-1.1.0.js
pragma: no-cache
cookie: __cfduid=dfe977c6c4faeca64c419460cd51425bf1540311343; _lcp=a; ci_session=fd500f84ed2641e0540e5316c26919fc11e8b1ce
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: jobjober.de
referer: https://jobjober.de/
:scheme: https
:method: GET
Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Jul 2018 10:00:48 GMT
server: cloudflare
etag: W/"140200-1033-5703d9f24059f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-lima-id: zeRFKbQhsKnc1vg2B7
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
cf-ray: 46e5810ed9ad9774-FRA
expires: Tue, 30 Oct 2018 16:15:44 GMT

GET
H2 200 custom.js Show response
jobjober.de/assets/js/ 379 B
463 B 14ms
13ms Script
application/javascript 2606:4700:30::681b:b4ae
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://jobjober.de/assets/js/custom.js

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:30::681b:b4ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

862f109511964dfe5d3d0efb24f4d7388b3e928121c73daadaec612c9e0332db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /assets/js/custom.js
pragma: no-cache
cookie: __cfduid=dfe977c6c4faeca64c419460cd51425bf1540311343; _lcp=a; ci_session=fd500f84ed2641e0540e5316c26919fc11e8b1ce
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: jobjober.de
referer: https://jobjober.de/
:scheme: https
:method: GET
Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Jul 2018 10:00:45 GMT
server: cloudflare
etag: W/"1401f6-17b-5703d9ef17c3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-lima-id: arPn8VPyxzGEYAMFvm
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
cf-ray: 46e5810ed9ae9774-FRA
expires: Tue, 30 Oct 2018 16:15:44 GMT

GET
H2 200 flipclock.min.js Show response
jobjober.de/assets/js/ 21 KB
6 KB 14ms
13ms Script
application/javascript 2606:4700:30::681b:b4ae
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://jobjober.de/assets/js/flipclock.min.js

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:30::681b:b4ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

326c2a740d0a95a689b47763d9161edc5574f383a22f82de0bbd78733877de63

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /assets/js/flipclock.min.js
pragma: no-cache
cookie: __cfduid=dfe977c6c4faeca64c419460cd51425bf1540311343; _lcp=a; ci_session=fd500f84ed2641e0540e5316c26919fc11e8b1ce
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: jobjober.de
referer: https://jobjober.de/
:scheme: https
:method: GET
Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Jul 2018 10:00:45 GMT
server: cloudflare
etag: W/"1401f7-5283-5703d9ef68d1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-lima-id: ze6jngqs7cZHV6oDaj
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
cf-ray: 46e5810ed9af9774-FRA
expires: Tue, 30 Oct 2018 16:15:44 GMT

GET
H2 200 jquery.prettyPhoto.js Show response
jobjober.de/assets/js/ 22 KB
6 KB 14ms
12ms Script
application/javascript 2606:4700:30::681b:b4ae
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://jobjober.de/assets/js/jquery.prettyPhoto.js

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:30::681b:b4ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

15852f5e6504eac32a587f44d47bc36f543605e700e292812d9b6ead171602ff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /assets/js/jquery.prettyPhoto.js
pragma: no-cache
cookie: __cfduid=dfe977c6c4faeca64c419460cd51425bf1540311343; _lcp=a; ci_session=fd500f84ed2641e0540e5316c26919fc11e8b1ce
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: jobjober.de
referer: https://jobjober.de/
:scheme: https
:method: GET
Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Jul 2018 10:00:48 GMT
server: cloudflare
etag: W/"1401fe-5632-5703d9f1b1c64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-lima-id: zeVlBUDRX9wjXVRzJV
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
cf-ray: 46e5810ed9b09774-FRA
expires: Tue, 30 Oct 2018 16:15:44 GMT

GET
S 200 coinhive.min.js Show response
coinhive.com/lib/ 265 KB
69 KB 10ms
9ms Script
application/javascript 2606:4700:10::6814:d03b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://coinhive.com/lib/coinhive.min.js
Requested by: Host: jobjober.de
URL: https://jobjober.de/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:d03b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7a9bdb4f8cff06f1f195018a63e4ae1ed73968c8c170df51ed665700e9bd847

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 15 Oct 2018 11:58:03 GMT
server: cloudflare
status: 200
etag: W/"5bc480cb-423b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=28800
cf-ray: 46e5810edd13977a-FRA
expires: Wed, 24 Oct 2018 00:15:44 GMT

GET
S 200 css
fonts.googleapis.com/ 2 KB
578 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81a::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,700,900

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

8d5502baced87f07b76889b11ca5e5f4102a8af763e77ca54614d235c73f2617

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
last-modified: Tue, 23 Oct 2018 16:15:44 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Tue, 23 Oct 2018 16:15:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection: 1; mode=block
expires: Tue, 23 Oct 2018 16:15:44 GMT

GET
S 200 css
fonts.googleapis.com/ 1 KB
498 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81a::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,900

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

9d409b1139c699d61e6474e30c7025195829cdc825fb3de854f4b08836d7140d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
last-modified: Tue, 23 Oct 2018 16:15:44 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Tue, 23 Oct 2018 16:15:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection: 1; mode=block
expires: Tue, 23 Oct 2018 16:15:44 GMT

GET
H2 200 prettyPhoto.css
jobjober.de/assets/css/ 19 KB
3 KB 11ms
10ms Stylesheet
text/css 2606:4700:30::681b:b4ae
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://jobjober.de/assets/css/prettyPhoto.css

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:30::681b:b4ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bce9eaa8b457cb72d0bda6dff1d8a775ccdde58b6f25cfe12ee7769b2a9b8ba1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /assets/css/prettyPhoto.css
pragma: no-cache
cookie: __cfduid=dfe977c6c4faeca64c419460cd51425bf1540311343; _lcp=a; ci_session=fd500f84ed2641e0540e5316c26919fc11e8b1ce
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: jobjober.de
referer: https://jobjober.de/
:scheme: https
:method: GET
Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Jul 2018 09:59:24 GMT
server: cloudflare
etag: W/"140110-4df5-5703d9a1bd34d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
x-lima-id: arfB79kAf4dfdZavyr
cache-control: public, max-age=2592000
content-security-policy: upgrade-insecure-requests
cf-ray: 46e5810e894b9774-FRA
expires: Thu, 22 Nov 2018 16:15:44 GMT

GET
H2 200 hoverex-all.css
jobjober.de/assets/css/ 52 KB
5 KB 31ms
30ms Stylesheet
text/css 2606:4700:30::681b:b4ae
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://jobjober.de/assets/css/hoverex-all.css

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:30::681b:b4ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d25cc0b9260e7db14c48d33f771fd171eff8531522160c78ea4ccc7242aa4bbc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /assets/css/hoverex-all.css
pragma: no-cache
cookie: __cfduid=dfe977c6c4faeca64c419460cd51425bf1540311343; _lcp=a; ci_session=fd500f84ed2641e0540e5316c26919fc11e8b1ce
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: jobjober.de
referer: https://jobjober.de/
:scheme: https
:method: GET
Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Jul 2018 09:59:14 GMT
server: cloudflare
etag: W/"1400ed-d18f-5703d99816867"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
x-lima-id: zeSJuKOYhLO1ZYALRx
cache-control: public, max-age=2592000
content-security-policy: upgrade-insecure-requests
cf-ray: 46e5810e894c9774-FRA
expires: Thu, 22 Nov 2018 16:15:44 GMT

GET
S 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/v1539585139095/ 253 KB
88 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:81a::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1539585139095/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c1d9b31f5f67e16badbdc143641001337ec5ae1dc8c10722c2f40b95e02f2631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 17 Oct 2018 18:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Oct 2018 17:45:00 GMT
server: sffe
age: 509441
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 90059
x-xss-protection: 1; mode=block
expires: Thu, 17 Oct 2019 18:45:03 GMT

GET
H2

200

new_code_site101036.js
s2.coinmedia.co/ Frame B65F
Redirect Chain

https://coinmedia.co/new_code_site101036.js
https://s2.coinmedia.co/new_code_site101036.js

0
0

68ms
30ms

Document
text/html

2606:4700:30::681c:1450
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.coinmedia.co/new_code_site101036.js
Requested by: Host: jobjober.de
URL: https://jobjober.de/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681c:1450 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.5.9-1ubuntu4.17
Resource Hash

Request headers

:method: GET
:authority: s2.coinmedia.co
:scheme: https
:path: /new_code_site101036.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://jobjober.de/
accept-encoding: gzip, deflate
cookie: __cfduid=d8cb36893e2a3480d9bcabced55e3e8861540311344
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://jobjober.de/

Response headers

status: 200
date: Tue, 23 Oct 2018 16:15:44 GMT
content-type: text/html;charset=UTF-8
x-powered-by: PHP/5.5.9-1ubuntu4.17
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 46e5810f9d7ec2fb-FRA
content-encoding: gzip

Redirect headers

status: 301
date: Tue, 23 Oct 2018 16:15:44 GMT
content-type: text/html; charset=iso-8859-1
set-cookie: __cfduid=d8cb36893e2a3480d9bcabced55e3e8861540311344; expires=Wed, 23-Oct-19 16:15:44 GMT; path=/; domain=.coinmedia.co; HttpOnly
location: https://s2.coinmedia.co/new_code_site101036.js
cf-cache-status: EXPIRED
expires: Tue, 23 Oct 2018 20:15:44 GMT
cache-control: public, max-age=14400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 46e5810f2c1ac2fb-FRA

GET
H/1.1 200
OK 727034
ad.a-ads.com/ Frame DE9D 0
0 39ms
9ms Document
text/html 85.10.201.130
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/727034?size=728x90

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.10.201.130 Mörfelden-walldorf, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85-10-201-130.clients.your-server.de

Software

nginx/1.10.3 / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://jobjober.de/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://jobjober.de/

Response headers

Server: nginx/1.10.3
Date: Tue, 23 Oct 2018 16:15:44 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
Content-Encoding: gzip

GET
H/1.1 200
OK 569149
acceptable.a-ads.com/ Frame 3F1D 0
0 86ms
13ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://acceptable.a-ads.com/569149

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.118.53.251.148.clients.your-server.de

Software

nginx/1.10.3 / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: acceptable.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://jobjober.de/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://jobjober.de/

Response headers

Server: nginx/1.10.3
Date: Tue, 23 Oct 2018 16:15:44 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
Content-Encoding: gzip

GET
S 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14/ 13 KB
13 KB 10ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b907cd5b9c690c51dffd25fed156e1f024bf46db2ed8778273cf7657b4f35a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,900
Origin: https://jobjober.de

Response headers

date: Tue, 02 Oct 2018 06:22:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:23:58 GMT
server: sffe
age: 1849969
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 13604
x-xss-protection: 1; mode=block
expires: Wed, 02 Oct 2019 06:22:55 GMT

GET
S 200 1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v12/ 13 KB
13 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v12/1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b9eb54a7bc036b92da19d3f8253113bb2f9c2c5405939b50bac3444e5e21f369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Raleway:400,700,900
Origin: https://jobjober.de

Response headers

date: Tue, 02 Oct 2018 06:22:44 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:26:12 GMT
server: sffe
age: 1849980
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 13016
x-xss-protection: 1; mode=block
expires: Wed, 02 Oct 2019 06:22:44 GMT

GET
S 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v14/ 14 KB
14 KB 10ms
7ms Font
font/woff2 2a00:1450:4001:81a::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,900
Origin: https://jobjober.de

Response headers

date: Mon, 15 Oct 2018 16:54:40 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:23:20 GMT
server: sffe
age: 688864
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 13944
x-xss-protection: 1; mode=block
expires: Tue, 15 Oct 2019 16:54:40 GMT

GET
S 200 e.js Show response
sync.users-api.com/ 64 B
364 B 49ms
6ms Script
application/x-javascript 31.172.81.242
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.users-api.com/e.js
Requested by: Host: st-n.tckn-code.com
URL: https://st-n.tckn-code.com/js/a.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.172.81.242 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 9c20b89ccdbc45f17228831b98621df07568bd5829cab3ea699ed0ddd05fc6ae

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:45 GMT
content-encoding: gzip
last-modified: Wed, 26 Jul 2017 12:01:01 GMT
server: nginx/1.10.3
status: 200
etag: W/"686897696a7c876b7e1"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: private, immutable, no-transform
access-control-allow-credentials: true

GET
S 204 track.gif
xl-trk.com/ 0
66 B 60ms
12ms Image
text/plain 88.208.41.103
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xl-trk.com/track.gif?a=test_adv_out1
Requested by: Host: jobjober.de
URL: https://jobjober.de/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.41.103 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Tue, 23 Oct 2018 16:15:44 GMT
x-upstream: 192.168.11.101:8085
server: nginx

GET
H/1.1 200
OK 951072
ad.a-ads.com/ Frame 9961 0
0 16ms
14ms Document
text/html 85.10.201.130
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/951072?size=160x600

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.10.201.130 Mörfelden-walldorf, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85-10-201-130.clients.your-server.de

Software

nginx/1.10.3 / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://jobjober.de/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://jobjober.de/

Response headers

Server: nginx/1.10.3
Date: Tue, 23 Oct 2018 16:15:44 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
Content-Encoding: gzip

GET
H/1.1 200
OK 699028
ad.a-ads.com/ Frame E11D 0
0 37ms
13ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/699028?size=300x250

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.118.53.251.148.clients.your-server.de

Software

nginx/1.10.3 / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://jobjober.de/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://jobjober.de/

Response headers

Server: nginx/1.10.3
Date: Tue, 23 Oct 2018 16:15:44 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
Content-Encoding: gzip

GET
S 200 a Show response
n.tckn-code.com/ 6 KB
2 KB 105ms
47ms Script
text/javascript 31.172.81.228
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://n.tckn-code.com/a?Id=538392&uid=ssp-8b0c2b38-ac2a-444b-293d-1540311345&sync=0&hours=16&ajax=0&domain=n.tckn-code.com&unq=1&cookies=1&_c=e30%3D&RNum=5078&docurl_=aHV2c3c_NTZyeGx1e29zwoE-dXdC&client_info=eyJ3aW4iOnsidyI6MTYwMCwiaCI6MTIwMH0sInNjcmVlbiI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwLCJjb2xvckRlcHRoIjoyNCwicGl4ZWxEZXB0aCI6MjR9LCJuYXZpZ2F0b3IiOnsibGFuZ3VhZ2UiOiJlbi1VUyIsImJyb3dzZXJMYW5ndWFnZSI6IiIsInN5c3RlbUxhbmd1YWdlIjoiIiwidXNlckxhbmd1YWdlIjoiIiwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ2ZW5kb3IiOiJHb29nbGUgSW5jLiIsInRpbWVab25lIjowLCJkYXRlIjoiMjAxOC0xMC0yM1QxNjoxNTo0NC41MDlaIiwiaG91ciI6MTYsIndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDAsInBsdWdpbnMiOltdLCJmbGFzaFZlcnNpb24iOmZhbHNlLCJjb25uZWN0aW9uVHlwZSI6InVuZGVmIn19&doc_inf=eyJ0aXRsZSI6IkZhdWNldCUyMENNUyIsImRlc2NyaXB0aW9uIjoiIiwiY2hhclNldCI6IlVURi04In0%3D&set=e30%3D&ver=8&bln=0
Requested by: Host: st-n.tckn-code.com
URL: https://st-n.tckn-code.com/js/a.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.172.81.228 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: d523113d9b070ec0cf7a5a5f270f89101d4d371e10615a5742cae6d294f86f76

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Tue, 23 Oct 2018 16:15:46 GMT
content-encoding: gzip
server: nginx/1.10.3
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
S 200 t.js Show response
st-n.tckn-code.com/js/ 45 KB
17 KB 13ms
12ms Script
application/x-javascript 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://st-n.tckn-code.com/js/t.js

Requested by

Host: n.tckn-code.com
URL: https://n.tckn-code.com/a?Id=538392&uid=ssp-8b0c2b38-ac2a-444b-293d-1540311345&sync=0&hours=16&ajax=0&domain=n.tckn-code.com&unq=1&cookies=1&_c=e30%3D&RNum=5078&docurl_=aHV2c3c_NTZyeGx1e29zwoE-dXdC&client_info=eyJ3aW4iOnsidyI6MTYwMCwiaCI6MTIwMH0sInNjcmVlbiI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwLCJjb2xvckRlcHRoIjoyNCwicGl4ZWxEZXB0aCI6MjR9LCJuYXZpZ2F0b3IiOnsibGFuZ3VhZ2UiOiJlbi1VUyIsImJyb3dzZXJMYW5ndWFnZSI6IiIsInN5c3RlbUxhbmd1YWdlIjoiIiwidXNlckxhbmd1YWdlIjoiIiwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ2ZW5kb3IiOiJHb29nbGUgSW5jLiIsInRpbWVab25lIjowLCJkYXRlIjoiMjAxOC0xMC0yM1QxNjoxNTo0NC41MDlaIiwiaG91ciI6MTYsIndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDAsInBsdWdpbnMiOltdLCJmbGFzaFZlcnNpb24iOmZhbHNlLCJjb25uZWN0aW9uVHlwZSI6InVuZGVmIn19&doc_inf=eyJ0aXRsZSI6IkZhdWNldCUyMENNUyIsImRlc2NyaXB0aW9uIjoiIiwiY2hhclNldCI6IlVURi04In0%3D&set=e30%3D&ver=8&bln=0

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:90c0:9997::9997 , Austria, ASN199524 (GCORE, AT),

Reverse DNS

Software

nginx /

Resource Hash

3f13cf80fa208659818b7ad3ec8de52e15f8f8ce3eb73abe4689c7a631524dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-id: nkf-up-gc6
date: Tue, 23 Oct 2018 16:15:45 GMT
content-encoding: gzip
last-modified: Fri, 19 Oct 2018 14:57:14 GMT
server: nginx
strict-transport-security: max-age=15768000
x-cached-since: 2018-10-23T16:15:03+00:00
content-type: application/x-javascript
status: 200
cache-control: max-age=60
cache: HIT
expires: Tue, 23 Oct 2018 16:16:45 GMT

GET
S 200 nvk.js Show response
p1.dircont3.com/ 323 B
469 B 65ms
6ms Script
application/javascript 195.181.175.9
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://p1.dircont3.com/nvk.js

Requested by

Host: st-n.tckn-code.com
URL: https://st-n.tckn-code.com/js/t.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.181.175.9 , United Kingdom, ASN60068 (CDN77, GB),

Reverse DNS

frankfurt-2.cdn77.com

Software

CDN77-Turbo /

Resource Hash

fcfe68e6fa10cf5e79c3f34d1521adfb54513f637b9ff669cde8134123267fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:45 GMT
content-encoding: gzip
last-modified: Thu, 26 Apr 2018 17:10:33 GMT
server: CDN77-Turbo
x-edge-location: frankfurtDE
etag: W/"5ae20809-143"
strict-transport-security: max-age=604800
x-cache: HIT
content-type: application/javascript
status: 200
x-edge-ip: 195.181.175.2
x-age: 117773

GET
S 200 pix_o_2989c12bbe64bf9ea5766deb25d5f63b.js Show response
pix.user-clicks.com/js/ 30 KB
7 KB 88ms
6ms Script
application/javascript 195.181.170.17
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.user-clicks.com/js/pix_o_2989c12bbe64bf9ea5766deb25d5f63b.js
Requested by: Host: st-n.tckn-code.com
URL: https://st-n.tckn-code.com/js/t.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.181.170.17 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS: frankfurt-15.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 66a9222f0a423b2b856ab6ab7b4ee5377f1093688b9a247a6b86642e5c10e204

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 23 Oct 2018 16:15:45 GMT
content-encoding: gzip
last-modified: Sat, 13 Oct 2018 13:28:30 GMT
server: CDN77-Turbo
x-edge-location: frankfurtDE
etag: W/"5bc1f2fe-77b8"
x-cache: HIT
content-type: application/javascript
status: 200
x-edge-ip: 195.181.170.15
x-age: 873977

GET
S 200 img_150x100.jpg
cdn.user-api.com/r/5b8390c3287f3eca488b551e/ 21 KB
21 KB 67ms
11ms Image
image/jpeg 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.user-api.com/r/5b8390c3287f3eca488b551e/img_150x100.jpg
Requested by: Host: jobjober.de
URL: https://jobjober.de/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Austria, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: 5953bff76cab257d780a0f8616082e7a3caffacad33bc488d480417fa3c8dc0c

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-id: nkf-up-gc16
date: Tue, 23 Oct 2018 16:15:45 GMT
last-modified: Mon, 27 Aug 2018 05:49:02 GMT
server: nginx
etag: "5b8390ce-54c8"
status: 200
x-cached-since: 2018-10-22T10:37:53+00:00
content-type: image/jpeg
access-control-allow-origin: *
cache: HIT
accept-ranges: bytes
access-control-allow-headers: *
content-length: 21704

GET
S 200 img_150x100.jpg
cdn.user-api.com/r/5b7e8409287f3ede488b5331/ 3 KB
4 KB 66ms
11ms Image
image/jpeg 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.user-api.com/r/5b7e8409287f3ede488b5331/img_150x100.jpg
Requested by: Host: jobjober.de
URL: https://jobjober.de/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Austria, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: d448efd48a4214de5d1030901be9cadbb7ab09f3b60fefc9f39c73ba2f50062b

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-id: nkf-up-gc16
date: Tue, 23 Oct 2018 16:15:45 GMT
last-modified: Thu, 23 Aug 2018 09:53:31 GMT
server: nginx
etag: "5b7e841b-dea"
status: 200
x-cached-since: 2018-10-22T20:45:09+00:00
content-type: image/jpeg
access-control-allow-origin: *
cache: HIT
accept-ranges: bytes
access-control-allow-headers: *
content-length: 3562

GET
S 200 img_150x100.jpg
cdn.user-api.com/r/5b7e819f287f3e29678b534e/ 5 KB
5 KB 70ms
16ms Image
image/jpeg 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.user-api.com/r/5b7e819f287f3e29678b534e/img_150x100.jpg
Requested by: Host: jobjober.de
URL: https://jobjober.de/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Austria, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: 7d75fd8914647ced95f215bc5f988bfa7aa32b58487044db2383904f830424ba

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-id: nkf-up-gc16
date: Tue, 23 Oct 2018 16:15:45 GMT
last-modified: Thu, 23 Aug 2018 09:43:08 GMT
server: nginx
etag: "5b7e81ac-1431"
status: 200
x-cached-since: 2018-10-23T10:20:54+00:00
content-type: image/jpeg
access-control-allow-origin: *
cache: HIT
accept-ranges: bytes
access-control-allow-headers: *
content-length: 5169

GET
S 200 img_150x100.jpg
cdn.user-api.com/r/5ba21e86287f3efd658b4ff1/ 5 KB
5 KB 90ms
36ms Image
image/jpeg 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.user-api.com/r/5ba21e86287f3efd658b4ff1/img_150x100.jpg
Requested by: Host: jobjober.de
URL: https://jobjober.de/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Austria, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: 625771f29980589056dcecfb22662810f2f036bcf87e9f045e7951eba96479a0

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-id: nkf-up-gc16
date: Tue, 23 Oct 2018 16:15:45 GMT
last-modified: Wed, 19 Sep 2018 10:02:05 GMT
server: nginx
etag: "5ba21e9d-147f"
status: 200
x-cached-since: 2018-10-19T13:16:07+00:00
content-type: image/jpeg
access-control-allow-origin: *
cache: REVALIDATED
accept-ranges: bytes
access-control-allow-headers: *
content-length: 5247

GET
S 200 tokenad-light-mini.png
st-n.tckn-code.com/i/logo/ 6 KB
7 KB 12ms
10ms Image
image/png 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st-n.tckn-code.com/i/logo/tokenad-light-mini.png

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:90c0:9997::9997 , Austria, ASN199524 (GCORE, AT),

Reverse DNS

Software

nginx /

Resource Hash

58b9a80fa864e1aa8edbf848b7afa771a5c8bd0adc1c49a38935fffbac28d743

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-id: nkf-up-gc6
date: Tue, 23 Oct 2018 16:15:45 GMT
last-modified: Tue, 30 Jan 2018 14:25:33 GMT
server: nginx
strict-transport-security: max-age=15768000
x-cached-since: 2018-10-23T16:14:55+00:00
content-type: image/png
status: 200
cache-control: max-age=60
cache: HIT
accept-ranges: bytes
content-length: 6430
expires: Tue, 23 Oct 2018 16:16:45 GMT

GET
S 200 st
n.tckn-code.com/ 119 B
119 B 8ms
7ms Image
image/png 31.172.81.228
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.tckn-code.com/st?d=eyJ0aW1lIjoxNTQwMzExMzQ1LCJhZG5faWQiOjQzLCJhZHRfaWQiOjEsImNvZGVfaWQiOjUzODM5Miwic2l0ZV9pZCI6MzIxMjExLCJzdWJfaWQiOiIiLCJjbnJfY29kZSI6IkRFVSIsImNpdHkiOiIiLCJkc3AiOjEwNywiYWR0X2Zvcm1hdCI6IjR4MSJ9
Requested by: Host: jobjober.de
URL: https://jobjober.de/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.172.81.228 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Oct 2018 16:15:46 GMT
server: nginx/1.10.3
status: 200
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-cache, no-store
content-type: image/png
content-length: 119

GET
S 204 track.gif
xl-trk.com/ 0
65 B 12ms
11ms Image
text/plain 88.208.41.103
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xl-trk.com/track.gif?a=build_test1&b=ssp-8b0c2b38-ac2a-444b-293d-1540311345&c=538392&d=0&e=https%3A
Requested by: Host: jobjober.de
URL: https://jobjober.de/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.41.103 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Tue, 23 Oct 2018 16:15:45 GMT
x-upstream: 192.168.11.101:8085
server: nginx

GET
S 200 stv
n.tckn-code.com/ 119 B
119 B 8ms
7ms Image
image/png 31.172.81.228
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.tckn-code.com/stv?d=eyJ0aW1lIjoxNTQwMzExMzQ1LCJhZG5faWQiOjQzLCJhZHRfaWQiOjEsImNvZGVfaWQiOjUzODM5Miwic2l0ZV9pZCI6MzIxMjExLCJzdWJfaWQiOiIiLCJjbnJfY29kZSI6IkRFVSIsImNpdHkiOiIiLCJkc3AiOjEwNywiYWR0X2Zvcm1hdCI6IjR4MSJ9
Requested by: Host: jobjober.de
URL: https://jobjober.de/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.172.81.228 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Oct 2018 16:15:46 GMT
server: nginx/1.10.3
status: 200
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-cache, no-store
content-type: image/png
content-length: 119

GET
S 204 track.gif
xl-trk.com/ 0
65 B 12ms
12ms Image
text/plain 88.208.41.103
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xl-trk.com/track.gif?a=visibility_test1&b=ssp-8b0c2b38-ac2a-444b-293d-1540311345&c=538392&d=0&e=https%3A
Requested by: Host: jobjober.de
URL: https://jobjober.de/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.41.103 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Tue, 23 Oct 2018 16:15:45 GMT
x-upstream: 192.168.11.101:8085
server: nginx

GET
BLOB 200
OK 1afee92c-6367-451f-bd81-1ce95bfdfa3c
https://jobjober.de/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://jobjober.de/1afee92c-6367-451f-bd81-1ce95bfdfa3c
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
BLOB 200
OK 1afee92c-6367-451f-bd81-1ce95bfdfa3c
https://jobjober.de/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://jobjober.de/1afee92c-6367-451f-bd81-1ce95bfdfa3c
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
BLOB 200
OK 1afee92c-6367-451f-bd81-1ce95bfdfa3c
https://jobjober.de/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://jobjober.de/1afee92c-6367-451f-bd81-1ce95bfdfa3c
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
BLOB 200
OK 1afee92c-6367-451f-bd81-1ce95bfdfa3c
https://jobjober.de/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://jobjober.de/1afee92c-6367-451f-bd81-1ce95bfdfa3c
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
BLOB 200
OK 1afee92c-6367-451f-bd81-1ce95bfdfa3c
https://jobjober.de/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://jobjober.de/1afee92c-6367-451f-bd81-1ce95bfdfa3c
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 0309 0
0 36ms
36ms Document
text/html 2a00:1450:4001:81a::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcnPBQUAAAAAPlum90OVunFzmE3cFVvPLsxB6Ib&co=aHR0cHM6Ly9qb2Jqb2Jlci5kZTo0NDM.&hl=en&v=v1539585139095&size=normal&cb=ytnh18dnvcly

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1539585139095/recaptcha__en.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z2MqeEe63LyIGd1FFuEA1WdfnzM' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LcnPBQUAAAAAPlum90OVunFzmE3cFVvPLsxB6Ib&co=aHR0cHM6Ly9qb2Jqb2Jlci5kZTo0NDM.&hl=en&v=v1539585139095&size=normal&cb=ytnh18dnvcly
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://jobjober.de/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://jobjober.de/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Oct 2018 16:15:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-z2MqeEe63LyIGd1FFuEA1WdfnzM' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 11754
server: GSE
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
S 200 nvk.png
p1.dircont3.com/ 68 B
415 B 127ms
126ms Image
image/png 195.181.175.9
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p1.dircont3.com/nvk.png?ut=o3jig6uhhth

Requested by

Host: jobjober.de
URL: https://jobjober.de/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.181.175.9 , United Kingdom, ASN60068 (CDN77, GB),

Reverse DNS

frankfurt-2.cdn77.com

Software

CDN77-Turbo /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Oct 2018 16:15:45 GMT
server: CDN77-Turbo
x-edge-location: frankfurtDE
etag: "afcb011cfe6b924f202ee9544f17f631b32a01b1"
strict-transport-security: max-age=604800
x-cache: MISS
content-type: image/png; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-edge-ip: 195.181.175.2
content-length: 68
expires: 0

GET
H/1.1

200
OK

/
sync.user-clicks.com/
Redirect Chain

https://sync.user-clicks.com/?src=gp3&cmp=pxleadvisitc3753&act=v3753&cid=A2D4FF&r64=&data64=eydhY3QnOid2Yyd9&ver=1.3.2&cb=0.14814243964709828
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABixkr3eBVIFybie7ARaGQoCY2ISEzAuMTQ4MTQyNDM5NjQ3MDk4MjhaGgoGZGF0YTY0EhBleWRoWTNRbk9pZDJZeWQ5WgwKA3ZlchIFMS4zLjLyARBweGxlYWR2aXNpdGMzNzUz-gEFdjM3NTOCAgZ...
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARixkr3eBVIFybie7ARaGQoCY2ISEzAuMTQ4MTQyNDM5NjQ3MDk4MjhaGgoGZGF0YTY0EhBleWRoWTNRbk9pZDJZeWQ5WgwKA3ZlchIFMS4zLjKiARDlVClS1t4R6IbgACWQwGR88gEQcHhsZWFkdml...
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQAhixkr3eBVIFybie7ARaGQoCY2ISEzAuMTQ4MTQyNDM5NjQ3MDk4MjhaGgoGZGF0YTY0EhBleWRoWTNRbk9pZDJZeWQ5WgwKA3ZlchIFMS4zLjKiARDlVCOy1t4R6IpTDMR6bS_v8gEQcHhsZWFkdml...
https://sync.user-clicks.com/?src=gp3&s_data=CAIQABixkr3eBVoZCgJjYhITMC4xNDgxNDI0Mzk2NDcwOTgyOFoaCgZkYXRhNjQSEGV5ZGhZM1FuT2lkMll5ZDlaDAoDdmVyEgUxLjMuMqIBEOVUI7LW3hHoilMMxHptL-_yARBweGxlYWR2aXNpdGMz...

43 B
434 B

6ms
6ms

Image
image/gif

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.user-clicks.com/?src=gp3&s_data=CAIQABixkr3eBVoZCgJjYhITMC4xNDgxNDI0Mzk2NDcwOTgyOFoaCgZkYXRhNjQSEGV5ZGhZM1FuT2lkMll5ZDlaDAoDdmVyEgUxLjMuMqIBEOVUI7LW3hHoilMMxHptL-_yARBweGxlYWR2aXNpdGMzNzUz-gEFdjM3NTOCAgZBMkQ0RkY*
Requested by: Host: jobjober.de
URL: https://jobjober.de/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 23 Oct 2018 16:15:45 GMT
Server: nginx
ETag: e55423b2-d6de-11e8-8a53-0cc47a6d2fef
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Tue, 23 Oct 2018 16:15:45 GMT
Server: nginx
ETag: e55423b2-d6de-11e8-8a53-0cc47a6d2fef
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.user-clicks.com/?src=gp3&s_data=CAIQABixkr3eBVoZCgJjYhITMC4xNDgxNDI0Mzk2NDcwOTgyOFoaCgZkYXRhNjQSEGV5ZGhZM1FuT2lkMll5ZDlaDAoDdmVyEgUxLjMuMqIBEOVUI7LW3hHoilMMxHptL-_yARBweGxlYWR2aXNpdGMzNzUz-gEFdjM3NTOCAgZBMkQ0RkY*
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
S

404

639E21A7A68A5FB7
an.yandex.ru/setud/adsniper/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=&extra2=gp3.A2D4FF.pxleadvisitc3753.v3753
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm=&extra1=&extra2=gp3.A2D4FF.pxleadvisitc3753.v3753&google_tc=
https://sync3.sniperlog.ru/?src=ggl&extra1=&extra2=gp3.A2D4FF.pxleadvisitc3753.v3753&google_gid=CAESELu3UFj2yJRM99vJlr6mFro&google_cver=1
https://sync3.adsniper.ru/?src=ggl&s_data=CAEQABixkr3eBVIFs77ftwdaCAoGZXh0cmExWisKBmV4dHJhMhIhZ3AzLkEyRDRGRi5weGxlYWR2aXNpdGMzNzUzLnYzNzUzYhtDQUVTRUx1M1VGajJ5SlJNOTl2SmxyNm1Gcm9qATE*
https://sync3.sniperlog.ru/?src=ggl&s_data=CAIQABixkr3eBVoICgZleHRyYTFaKwoGZXh0cmEyEiFncDMuQTJENEZGLnB4bGVhZHZpc2l0YzM3NTMudjM3NTNiG0NBRVNFTHUzVUZqMnlKUk05OXZKbHI2bUZyb2oBMaIBEOVUI7LW3hHoilMMxHptL-8*
https://sync3.sniperlog.ru/?src=ggl&s_data=CAIQARixkr3eBVoICgZleHRyYTFaKwoGZXh0cmEyEiFncDMuQTJENEZGLnB4bGVhZHZpc2l0YzM3NTMudjM3NTNiG0NBRVNFTHUzVUZqMnlKUk05OXZKbHI2bUZyb2oBMaIBEOVUI7LW3hHoilMMxHptL-8*
https://an.yandex.ru/setud/adsniper/639E21A7A68A5FB7?sign=2460921002
https://an.yandex.ru/setud/adsniper/639E21A7A68A5FB7?redir-setuniq=1&sign=2460921002

43 B
290 B

35ms
35ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/setud/adsniper/639E21A7A68A5FB7?redir-setuniq=1&sign=2460921002
Requested by: Host: jobjober.de
URL: https://jobjober.de/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Oct 2018 16:15:45 GMT
last-modified: Tue, 23 Oct 2018 16:15:45 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
status: 404
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=windows-1251
content-length: 43
expires: Tue, 23 Oct 2018 16:15:45 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Oct 2018 16:15:45 GMT
last-modified: Tue, 23 Oct 2018 16:15:45 GMT
server: nginx/1.12.2
status: 302
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/setud/adsniper/639E21A7A68A5FB7?redir-setuniq=1&sign=2460921002
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 0
x-xss-protection: 1; mode=block
expires: Tue, 23 Oct 2018 16:15:45 GMT

GET
H/1.1

200
OK

/
sync.bumlam.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.bumlam.com%2F%3Fsrc%3Dapn3%26extra1%3D%26extra2%3Dgp3.A2D4FF.pxleadvisitc3753.v3753%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.bumlam.com%252F%253Fsrc%253Dapn3%2526extra1%253D%2526extra2%253Dgp3.A2D4FF.pxleadvisitc3753.v3753%2526uid%253D%2524UID
https://sync.bumlam.com/?src=apn3&extra1=&extra2=gp3.A2D4FF.pxleadvisitc3753.v3753&uid=611746609774840707
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABixkr3eBVIFpNTf4gFaCAoGZXh0cmExWisKBmV4dHJhMhIhZ3AzLkEyRDRGRi5weGxlYWR2aXNpdGMzNzUzLnYzNzUzYhI2MTE3NDY2MDk3NzQ4NDA3MDc*
https://sync.bumlam.com/?src=apn3&s_data=CAIQABixkr3eBVoICgZleHRyYTFaKwoGZXh0cmEyEiFncDMuQTJENEZGLnB4bGVhZHZpc2l0YzM3NTMudjM3NTNiEjYxMTc0NjYwOTc3NDg0MDcwN6IBEOVUI7LW3hHoilMMxHptL-8*
https://sync.bumlam.com/?src=apn3&s_data=CAIQARixkr3eBVoICgZleHRyYTFaKwoGZXh0cmEyEiFncDMuQTJENEZGLnB4bGVhZHZpc2l0YzM3NTMudjM3NTNiEjYxMTc0NjYwOTc3NDg0MDcwN6IBEOVUI7LW3hHoilMMxHptL-8*

43 B
434 B

6ms
6ms

Image
image/gif

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=apn3&s_data=CAIQARixkr3eBVoICgZleHRyYTFaKwoGZXh0cmEyEiFncDMuQTJENEZGLnB4bGVhZHZpc2l0YzM3NTMudjM3NTNiEjYxMTc0NjYwOTc3NDg0MDcwN6IBEOVUI7LW3hHoilMMxHptL-8*
Requested by: Host: jobjober.de
URL: https://jobjober.de/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 23 Oct 2018 16:15:45 GMT
Server: nginx
ETag: e55423b2-d6de-11e8-8a53-0cc47a6d2fef
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Tue, 23 Oct 2018 16:15:45 GMT
Server: nginx
ETag: e55423b2-d6de-11e8-8a53-0cc47a6d2fef
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=apn3&s_data=CAIQARixkr3eBVoICgZleHRyYTFaKwoGZXh0cmEyEiFncDMuQTJENEZGLnB4bGVhZHZpc2l0YzM3NTMudjM3NTNiEjYxMTc0NjYwOTc3NDg0MDcwN6IBEOVUI7LW3hHoilMMxHptL-8*
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

/
sync.user-clicks.com/
Redirect Chain

https://sync.user-clicks.com/?src=gp3&cmp=pxleadvisitc3753&act=v3753&cid=A2D4FF&r64=&ver=1.3.2&cb=0.12139089233254485
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABixkr3eBVIFybie7ARaGQoCY2ISEzAuMTIxMzkwODkyMzMyNTQ0ODVaDAoDdmVyEgUxLjMuMvIBEHB4bGVhZHZpc2l0YzM3NTP6AQV2Mzc1M4ICBkEyRDRGRg**
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARixkr3eBVIFybie7ARaGQoCY2ISEzAuMTIxMzkwODkyMzMyNTQ0ODVaDAoDdmVyEgUxLjMuMqIBEOVUI7LW3hHoilMMxHptL-_yARBweGxlYWR2aXNpdGMzNzUz-gEFdjM3NTOCAgZBMkQ0RkY*
https://sync.user-clicks.com/?src=gp3&s_data=CAIQABixkr3eBVoZCgJjYhITMC4xMjEzOTA4OTIzMzI1NDQ4NVoMCgN2ZXISBTEuMy4yogEQ5VQjstbeEeiKUwzEem0v7_IBEHB4bGVhZHZpc2l0YzM3NTP6AQV2Mzc1M4ICBkEyRDRGRg**
https://sync.user-clicks.com/?src=gp3&s_data=CAIQARixkr3eBVoZCgJjYhITMC4xMjEzOTA4OTIzMzI1NDQ4NVoMCgN2ZXISBTEuMy4yogEQ5VQjstbeEeiKUwzEem0v7_IBEHB4bGVhZHZpc2l0YzM3NTP6AQV2Mzc1M4ICBkEyRDRGRg**

43 B
434 B

6ms
6ms

Image
image/gif

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.user-clicks.com/?src=gp3&s_data=CAIQARixkr3eBVoZCgJjYhITMC4xMjEzOTA4OTIzMzI1NDQ4NVoMCgN2ZXISBTEuMy4yogEQ5VQjstbeEeiKUwzEem0v7_IBEHB4bGVhZHZpc2l0YzM3NTP6AQV2Mzc1M4ICBkEyRDRGRg**
Requested by: Host: jobjober.de
URL: https://jobjober.de/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://jobjober.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 23 Oct 2018 16:15:45 GMT
Server: nginx
ETag: e55423b2-d6de-11e8-8a53-0cc47a6d2fef
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Tue, 23 Oct 2018 16:15:45 GMT
Server: nginx
ETag: e55423b2-d6de-11e8-8a53-0cc47a6d2fef
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.user-clicks.com/?src=gp3&s_data=CAIQARixkr3eBVoZCgJjYhITMC4xMjEzOTA4OTIzMzI1NDQ4NVoMCgN2ZXISBTEuMy4yogEQ5VQjstbeEeiKUwzEem0v7_IBEHB4bGVhZHZpc2l0YzM3NTP6AQV2Mzc1M4ICBkEyRDRGRg**
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 4617 0
0 28ms
27ms Document
text/html 2a00:1450:4001:81a::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1539585139095&k=6LcnPBQUAAAAAPlum90OVunFzmE3cFVvPLsxB6Ib&cb=pvpb9aooekc3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1539585139095/recaptcha__en.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Y85LJJJenjuQaENG/0OHFeIDu98' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=v1539585139095&k=6LcnPBQUAAAAAPlum90OVunFzmE3cFVvPLsxB6Ib&cb=pvpb9aooekc3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://jobjober.de/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://jobjober.de/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Oct 2018 16:15:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-Y85LJJJenjuQaENG/0OHFeIDu98' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1127
server: GSE
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.coinmedia.co/	1970-01-19 04:37:27	Name: __cfduid Value: d8cb36893e2a3480d9bcabced55e3e8861540311344
.jobjober.de/	1970-01-18 19:53:17	Name: 2989c12bbe64bf9ea5766deb25d5f63b_vc Value: 1
.jobjober.de/	1970-01-18 19:52:19	Name: SC_unique_538392 Value: 1
.jobjober.de/	1970-01-18 19:53:17	Name: 2989c12bbe64bf9ea5766deb25d5f63b_hits Value: 1
jobjober.de/	1970-01-18 19:51:58	Name: ci_session Value: fd500f84ed2641e0540e5316c26919fc11e8b1ce
jobjober.de/	1970-01-24 10:54:32	Name: _lcp Value: a
.jobjober.de/	1970-01-19 04:37:27	Name: __cfduid Value: dfe977c6c4faeca64c419460cd51425bf1540311343

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acceptable.a-ads.com
ad.a-ads.com
an.yandex.ru
cdn.datatables.net
cdn.user-api.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
coinhive.com
coinmedia.co
fonts.googleapis.com
fonts.gstatic.com
freebitcoincash.de
ib.adnxs.com
jobjober.de
n.tckn-code.com
p1.dircont3.com
pix.user-clicks.com
s2.coinmedia.co
st-n.tckn-code.com
sync.bumlam.com
sync.user-clicks.com
sync.users-api.com
sync3.adsniper.ru
sync3.sniperlog.ru
www.google.com
www.gstatic.com
xl-trk.com
148.251.53.118
185.33.223.209
195.181.170.17
195.181.175.9
216.58.205.226
2400:cb00:2048:1::6813:c497
2606:4700:10::6814:2b5d
2606:4700:10::6814:d03b
2606:4700:30::681b:934e
2606:4700:30::681b:b4ae
2606:4700:30::681b:b5ae
2606:4700:30::681c:1450
2a00:1450:4001:81a::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:81a::200a
2a02:6b8::90
2a03:90c0:9997::9997
31.172.81.158
31.172.81.160
31.172.81.228
31.172.81.242
85.10.201.130
88.208.41.103
045d0466303c1141e3e24ba1a7ba9aad316015c51b21316497c6f50b4efdb358
15852f5e6504eac32a587f44d47bc36f543605e700e292812d9b6ead171602ff
235728a37a742caf79d73f39c7947c90783ba875aaa0d118c89d4174f807d401
2ad77478f8594e99701d9f5960d69da28aaa9cfaf724959fca6137e2db91f7c8
326c2a740d0a95a689b47763d9161edc5574f383a22f82de0bbd78733877de63
3796f16c6213440e04fd8e9948f136bfd0ea7afa8f962a896e95a445116b381f
3e170d2d111addd53d14888a90aa11df43684c0ed1aef5152ff34d0b5dce83c3
3f13cf80fa208659818b7ad3ec8de52e15f8f8ce3eb73abe4689c7a631524dc6
41e31d902cfa3121ea405a6de651cf3a1e3169358703547f3345610971b64222
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58b9a80fa864e1aa8edbf848b7afa771a5c8bd0adc1c49a38935fffbac28d743
5953bff76cab257d780a0f8616082e7a3caffacad33bc488d480417fa3c8dc0c
6066104b032d752120a3756fb57a1a4b4d2024de1b6ab3b8b0a6eac437d05a6d
625771f29980589056dcecfb22662810f2f036bcf87e9f045e7951eba96479a0
66a9222f0a423b2b856ab6ab7b4ee5377f1093688b9a247a6b86642e5c10e204
7d75fd8914647ced95f215bc5f988bfa7aa32b58487044db2383904f830424ba
862f109511964dfe5d3d0efb24f4d7388b3e928121c73daadaec612c9e0332db
8d5502baced87f07b76889b11ca5e5f4102a8af763e77ca54614d235c73f2617
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
9c20b89ccdbc45f17228831b98621df07568bd5829cab3ea699ed0ddd05fc6ae
9d409b1139c699d61e6474e30c7025195829cdc825fb3de854f4b08836d7140d
abba127b44571b6d4a555b3b5d6516f190e050ad6b78b1587d265eb86eef8ece
b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b
b5f6d1473458b6d1ba293ab2352d5bed3454082ab106a15ff9516bfcb577514d
b907cd5b9c690c51dffd25fed156e1f024bf46db2ed8778273cf7657b4f35a05
b9eb54a7bc036b92da19d3f8253113bb2f9c2c5405939b50bac3444e5e21f369
bce9eaa8b457cb72d0bda6dff1d8a775ccdde58b6f25cfe12ee7769b2a9b8ba1
be4a31a69e2368730992cdb09635a890dda35dbc62920bffb0e74442cefd78cb
c1d9b31f5f67e16badbdc143641001337ec5ae1dc8c10722c2f40b95e02f2631
c96037e7a94386bbb2d49f231a771a3162803d80db2b8ece29bd2e4ff6842cb7
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
d25cc0b9260e7db14c48d33f771fd171eff8531522160c78ea4ccc7242aa4bbc
d448efd48a4214de5d1030901be9cadbb7ab09f3b60fefc9f39c73ba2f50062b
d523113d9b070ec0cf7a5a5f270f89101d4d371e10615a5742cae6d294f86f76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a9bdb4f8cff06f1f195018a63e4ae1ed73968c8c170df51ed665700e9bd847
eff4584820dde7379fc24846686b7a9d18ed19e8d42332ca551472dcca3fa610
f96c8aa5eadbf98b155a0627034b14b6fdced2431dcd5e383eb957e42b7b9d9e
f9eb72b2160145a0574b01f7d9a60ea1487c4066f62b78d3b9eb1b9b09658988
fcfe68e6fa10cf5e79c3f34d1521adfb54513f637b9ff669cde8134123267fe0

jobjober.de Open in urlscan Pro 2606:4700:30::681b:b4ae Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

92 %HTTPS

52 %IPv6

22 Domains

27 Subdomains

20 IPs

8 Countries

454 kBTransfer

2508 kBSize

7 Cookies

11 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

jobjober.de Open in urlscan Pro
2606:4700:30::681b:b4ae Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

92 %
HTTPS

52 %
IPv6

22
Domains

27
Subdomains

20
IPs

8
Countries

454 kB
Transfer

2508 kB
Size

7
Cookies

60 HTTP transactions
0 data transactions