app.jobprotocol.xyz Open in urlscan Pro
104.19.240.93  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request 1657181086352x910308471740039200 Show response app.jobprotocol.xyz//confirm_referral/	10 KB 5 KB	622ms 526ms	Document text/html	104.19.240.93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.jobprotocol.xyz//confirm_referral/1657181086352x910308471740039200 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 376f44fb8cce1ac6d21d101a10562d5f558466e1853877595ea0a8f06f248e3a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 726f424dac5199ce-CDG Connection keep-alive Content-Encoding br Content-Type text/html Date Thu, 07 Jul 2022 08:37:35 GMT Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Server cloudflare Transfer-Encoding chunked cache-control no-store referrer-policy origin vary Accept-Encoding x-bubble-capacity-limit 0 ms slower x-bubble-capacity-used 0.21 unit-seconds used x-bubble-perf {"total":316.5,"percents":{"top":{"bubble_cpu":14,"block":85.9,"capacity_rl":0,"other_pause":0,"pre_fiber":0.1},"sub":{"pp_userdb":4.1,"pp_wait_userdb":0,"http_request":0,"serverjson":6.3,"appserver_cache_misses_time":0,"redis":17.3,"fiber_queue":1.6,"capacity_wait":0.6}},"counts":{"pp_userdb":4,"http_request":0,"derived_build":0,"derived_cache_attempts":5,"derived_cache_memory_misses":5,"serverjson":43,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":54,"fiber_queue":59,"blocks":58},"misc":{"userdb_results":3,"userdb_data":281,"spent_time":13654970,"derived_build_time_spent":0}} x-powered-by Express
GET H2	200	early.js Show response dhtiece9044ep.cloudfront.net/package/early_js/dd268d133928160ce0477aa496e40e77dc989e7bf0f4dba4f88bcf7132d53b15/xfalse/	23 KB 10 KB	91ms 23ms	Script application/javascript	2600:9000:2250:5e00:b:9da4:d440:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dhtiece9044ep.cloudfront.net/package/early_js/dd268d133928160ce0477aa496e40e77dc989e7bf0f4dba4f88bcf7132d53b15/xfalse/early.js Requested by Host: app.jobprotocol.xyz URL: https://app.jobprotocol.xyz//confirm_referral/1657181086352x910308471740039200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:5e00:b:9da4:d440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Express Resource Hash 8925f1e8a34a8944098b7073f62d681d67ee3d3619a04dba9032b2618d6d0f00 Request headers Referer https://app.jobprotocol.xyz/ Origin https://app.jobprotocol.xyz accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 02 Mar 2022 19:02:03 GMT content-encoding gzip cf-cache-status MISS x-bubble-perf {"total":7.6,"percents":{"top":{"bubble_cpu":60.2,"block":26.4,"capacity_rl":0,"other_pause":0,"pre_fiber":6.6},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":12.2,"fiber_queue":2.2,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":1,"fiber_queue":4,"blocks":3},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":682621,"derived_build_time_spent":0}} age 10935332 x-powered-by Express x-cache Hit from cloudfront x-bubble-capacity-used 0.011 unit-seconds used content-length 8712 timing-allow-origin * access-control-allow-origin * server cloudflare etag dd268d133928160ce0477aa496e40e77dc989e7bf0f4dba4f88bcf7132d53b15 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript via 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront) cache-control public, max-age=31536000 x-amz-cf-pop FRA60-P2 accept-ranges bytes cf-ray 6e5c626ffc17690a-FRA x-amz-cf-id 49KQjvJuQV3y_n7AxHLzib7wwkQ3hZ1jeyHNG3aVnTsVA6qKxWI80w== x-bubble-capacity-limit 0 ms slower
GET H2	200	run.css dhtiece9044ep.cloudfront.net/package/run_css/cc8912c6fd8944d8c57ee29c1c3750842477752b17993aeea6c385a951c62095/jobprotocol/live/confirm_referral/xfalse/xfalse/	87 KB 16 KB	94ms 27ms	Stylesheet text/css	2600:9000:2250:5e00:b:9da4:d440:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dhtiece9044ep.cloudfront.net/package/run_css/cc8912c6fd8944d8c57ee29c1c3750842477752b17993aeea6c385a951c62095/jobprotocol/live/confirm_referral/xfalse/xfalse/run.css Requested by Host: app.jobprotocol.xyz URL: https://app.jobprotocol.xyz//confirm_referral/1657181086352x910308471740039200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:5e00:b:9da4:d440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Express Resource Hash 78bafe6f987f7ec5d75a15675f925a66901cf075316e2670d2a442e1e0c4e5b5 Request headers accept-language fr-FR,fr;q=0.9 Referer https://app.jobprotocol.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 07 Jul 2022 08:34:19 GMT content-encoding gzip cf-cache-status MISS x-bubble-perf {"total":18.1,"percents":{"top":{"bubble_cpu":48.4,"block":46.4,"capacity_rl":0,"other_pause":0,"pre_fiber":2.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":45.9,"appserver_cache_misses_time":0,"redis":77.2,"fiber_queue":4.3,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":11,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":15,"fiber_queue":11,"blocks":10},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1312895,"derived_build_time_spent":0}} age 196 x-powered-by Express x-cache Hit from cloudfront x-bubble-capacity-used 0.02 unit-seconds used content-length 15020 timing-allow-origin * access-control-allow-origin * server cloudflare etag cc8912c6fd8944d8c57ee29c1c3750842477752b17993aeea6c385a951c62095 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css via 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront) cache-control public, max-age=31536000 x-amz-cf-pop FRA60-P2 accept-ranges bytes cf-ray 726f3d85197dbbfd-FRA x-amz-cf-id inaflxKoLTyLXue1lG9Zt-iyvBgnyAKIbnpsIUh6jN7ETpVHd2YWPg== x-bubble-capacity-limit 0 ms slower
GET H2	200	run.js Show response dhtiece9044ep.cloudfront.net/package/run_js/3efde104cc0fc2a44780f9f72b1040f61429d600ab2a7fdb5b760395d92f69a6/xfalse/x15/	2 MB 605 KB	95ms 28ms	Script application/javascript	2600:9000:2250:5e00:b:9da4:d440:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dhtiece9044ep.cloudfront.net/package/run_js/3efde104cc0fc2a44780f9f72b1040f61429d600ab2a7fdb5b760395d92f69a6/xfalse/x15/run.js Requested by Host: app.jobprotocol.xyz URL: https://app.jobprotocol.xyz//confirm_referral/1657181086352x910308471740039200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:5e00:b:9da4:d440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Express Resource Hash 09c1674dcda9288f688c9197f8ce74d0cb123d00d012ddf65d0f023e9eade1fd Request headers Referer https://app.jobprotocol.xyz/ Origin https://app.jobprotocol.xyz accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 22:26:54 GMT content-encoding gzip cf-cache-status MISS x-bubble-perf {"total":6.2,"percents":{"top":{"bubble_cpu":50.7,"block":16.2,"capacity_rl":0,"other_pause":0,"pre_fiber":7.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":5,"fiber_queue":2.9,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":1,"fiber_queue":4,"blocks":3},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":474835,"derived_build_time_spent":0}} age 36641 x-powered-by Express x-cache Hit from cloudfront x-bubble-capacity-used 0.007 unit-seconds used content-length 617331 timing-allow-origin * access-control-allow-origin * server cloudflare etag 3efde104cc0fc2a44780f9f72b1040f61429d600ab2a7fdb5b760395d92f69a6 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript via 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront) cache-control public, max-age=31536000 x-amz-cf-pop FRA60-P2 accept-ranges bytes cf-ray 726bc3bc0c1abb9d-FRA x-amz-cf-id UiU6gWfncArwEchQ-j7FSBNECiSC6zFW52kE5V3_-hDo0D0YCeH1wQ== x-bubble-capacity-limit 0 ms slower
GET H2	200	static.js Show response dhtiece9044ep.cloudfront.net/package/static_js/ce50be74357e1c8c23bc7b0a222ebfa6c6b334045e4759c66f32952de206aa21/jobprotocol/live/confirm_referral/xnull/xfalse/xfalse/xfalse/	665 KB 147 KB	185ms 118ms	Script application/javascript	2600:9000:2250:5e00:b:9da4:d440:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dhtiece9044ep.cloudfront.net/package/static_js/ce50be74357e1c8c23bc7b0a222ebfa6c6b334045e4759c66f32952de206aa21/jobprotocol/live/confirm_referral/xnull/xfalse/xfalse/xfalse/static.js Requested by Host: app.jobprotocol.xyz URL: https://app.jobprotocol.xyz//confirm_referral/1657181086352x910308471740039200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:5e00:b:9da4:d440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Express Resource Hash 4404b271cc573d6ff28829a9999026934f0a335877933db6e852f9d55b1f6a05 Request headers Referer https://app.jobprotocol.xyz/ Origin https://app.jobprotocol.xyz accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 07 Jul 2022 08:34:19 GMT content-encoding gzip cf-cache-status MISS x-bubble-perf {"total":54.7,"percents":{"top":{"bubble_cpu":41.6,"block":58,"capacity_rl":0,"other_pause":0,"pre_fiber":0.6},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":19.7,"appserver_cache_misses_time":0,"redis":59.9,"fiber_queue":5.6,"capacity_wait":1.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":8,"derived_cache_memory_misses":8,"serverjson":13,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":39,"fiber_queue":36,"blocks":35},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":3417031,"derived_build_time_spent":0}} age 196 x-powered-by Express x-cache Hit from cloudfront x-bubble-capacity-used 0.053 unit-seconds used content-length 149457 timing-allow-origin * access-control-allow-origin * server cloudflare etag ce50be74357e1c8c23bc7b0a222ebfa6c6b334045e4759c66f32952de206aa21 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript via 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront) cache-control public, max-age=31536000 x-amz-cf-pop FRA60-P2 accept-ranges bytes cf-ray 726f3d84d99f9bc2-FRA x-amz-cf-id fZEjLDDo4PE3H6p8RaOY85CBXeXgOaSa-5DVWtAbJ6aJUs0kZ6WeTQ== x-bubble-capacity-limit 0 ms slower
GET H2	200	dynamic.js Show response dhtiece9044ep.cloudfront.net/package/dynamic_js/d73e8cbd21b09d4dda03bc6543ca98fc3dc33175ef243371ebd757d80e9bc705/jobprotocol/live/confirm_referral/xnull/xfalse/xfalse/en_us/xfalse/xfalse/	148 KB 25 KB	428ms 361ms	Script application/javascript	2600:9000:2250:5e00:b:9da4:d440:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dhtiece9044ep.cloudfront.net/package/dynamic_js/d73e8cbd21b09d4dda03bc6543ca98fc3dc33175ef243371ebd757d80e9bc705/jobprotocol/live/confirm_referral/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js Requested by Host: app.jobprotocol.xyz URL: https://app.jobprotocol.xyz//confirm_referral/1657181086352x910308471740039200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:5e00:b:9da4:d440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Express Resource Hash ed022781c71d6d8580d320cf0c9257582e7a99d7f748808c2c68f65412c4c7eb Request headers Referer https://app.jobprotocol.xyz/ Origin https://app.jobprotocol.xyz accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 07 Jul 2022 08:37:35 GMT content-encoding gzip cf-cache-status MISS x-bubble-perf {"total":118.4,"percents":{"top":{"bubble_cpu":12.3,"block":87.1,"capacity_rl":0,"other_pause":0,"pre_fiber":0.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":4.9,"appserver_cache_misses_time":0,"redis":13.2,"fiber_queue":1.2,"capacity_wait":2.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":9,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":16,"fiber_queue":13,"blocks":12},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":2181221,"derived_build_time_spent":0}} x-amz-cf-pop FRA60-P2 x-powered-by Express x-cache Miss from cloudfront x-bubble-capacity-used 0.034 unit-seconds used content-length 23922 timing-allow-origin * access-control-allow-origin * server cloudflare etag d73e8cbd21b09d4dda03bc6543ca98fc3dc33175ef243371ebd757d80e9bc705 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript via 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront) cache-control public, max-age=31536000 accept-ranges bytes cf-ray 726f425179c96945-FRA x-amz-cf-id HvQozkzt9Xek5-h6qtx8zF307zjuDdTBtrCHE7QU8qCZ2cL4g-pgfQ== x-bubble-capacity-limit 0 ms slower
GET H2	200	clipboard.min.js Show response dd7tel2830j4w.cloudfront.net/f1618227041113x740068462949819800/	10 KB 11 KB	89ms 22ms	Script text/javascript	2600:9000:223c:2600:11:b70:f800:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dd7tel2830j4w.cloudfront.net/f1618227041113x740068462949819800/clipboard.min.js Requested by Host: app.jobprotocol.xyz URL: https://app.jobprotocol.xyz//confirm_referral/1657181086352x910308471740039200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:2600:11:b70:f800:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424 Request headers accept-language fr-FR,fr;q=0.9 Referer https://app.jobprotocol.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 07 Jul 2022 04:06:11 GMT via 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront) age 16351 x-amz-meta-app-version live x-cache Hit from cloudfront content-length 10662 x-amz-meta-appname meta last-modified Mon, 12 Apr 2021 11:30:42 GMT server AmazonS3 etag "3f3688138a1b9fc4ef669ce9056b6674" x-amz-version-id FtdIjRneKqegeOl8FxopA45YbrIlmvEe cache-control public,max-age=86400 x-amz-cf-pop FRA56-P2 accept-ranges bytes content-type text/javascript x-amz-cf-id XIV5Zvf4HtM4qlb8NXrxyZtflXzqWFqb9QJBb2Id1FuXpxDzh89d6g==
GET H2	200	jquery.toast.min.css d2tf8y1b8kxrzw.cloudfront.net/serve_files/airalert/	4 KB 5 KB	89ms 23ms	Stylesheet text/css	2600:9000:223d:cc00:1f:fceb:ff00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2tf8y1b8kxrzw.cloudfront.net/serve_files/airalert/jquery.toast.min.css Requested by Host: app.jobprotocol.xyz URL: https://app.jobprotocol.xyz//confirm_referral/1657181086352x910308471740039200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223d:cc00:1f:fceb:ff00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5a896b35367d958d102f97f4fd08b5cb0dd11a70cb8a0d8754b624aec866ed8d Request headers accept-language fr-FR,fr;q=0.9 Referer https://app.jobprotocol.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-amz-version-id null via 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront) etag "be8a6c1b1899c2ce48fdfb2d46784d30" last-modified Thu, 27 May 2021 13:04:35 GMT server AmazonS3 age 9427 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type text/css date Thu, 07 Jul 2022 06:01:35 GMT x-amz-cf-pop FRA56-P3 accept-ranges bytes content-length 4508 x-amz-cf-id Bd5ojjQ6lQm_XfoOpb52Xf7ELQt-lbTk50_zlTIYJsmNZ1ZE1wN87g==
GET H2	200	jquery-xss.toast.min.js Show response d2tf8y1b8kxrzw.cloudfront.net/serve_files/airalert/	24 KB 25 KB	93ms 27ms	Script application/javascript	2600:9000:223d:cc00:1f:fceb:ff00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2tf8y1b8kxrzw.cloudfront.net/serve_files/airalert/jquery-xss.toast.min.js Requested by Host: app.jobprotocol.xyz URL: https://app.jobprotocol.xyz//confirm_referral/1657181086352x910308471740039200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223d:cc00:1f:fceb:ff00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f605bf0857e1a6b753a24f1a564aaf13568512749e6027484c802d5d6c895d60 Request headers accept-language fr-FR,fr;q=0.9 Referer https://app.jobprotocol.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-amz-version-id null via 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront) etag "71f7c158e5fec1b3277f18ecab3d26c8" last-modified Thu, 27 May 2021 13:04:34 GMT server AmazonS3 age 26895 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type application/javascript date Thu, 07 Jul 2022 01:09:21 GMT x-amz-cf-pop FRA56-P3 accept-ranges bytes content-length 24946 x-amz-cf-id sMq1jfDzkOITnNAFfR6JuTydx__enUhtUvL000eiEqFdl42-frNlGQ==
GET H2	200	magic.js Show response cdn.jsdelivr.net/npm/magic-sdk/dist/	77 KB 26 KB	81ms 34ms	Script application/javascript	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/magic-sdk/dist/magic.js Requested by Host: app.jobprotocol.xyz URL: https://app.jobprotocol.xyz//confirm_referral/1657181086352x910308471740039200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fdd3572778873799fd1a66997667844255a3ce009ff7dc91cbadcdb02f8c0aea Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language fr-FR,fr;q=0.9 Referer https://app.jobprotocol.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 07 Jul 2022 08:37:35 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3052 x-jsd-version 8.1.1 x-cache HIT, HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19153-FRA, cache-cdg20727-CDG timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"1339b-hXJ8Aom62ihjv78m3GlrWzVUCxc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s36osENXaLbOxXW%2Bcu2G9MYHL5n1AsGtaGUS91keQghYr1gagDn%2BsOCt2O2BqTUecg4b9lcStqmIs%2FA2vx5U2BVDCjEY8jxd7WVOtC5%2B0SJOo%2Fd00SEmKBQcuD6BQ4SFpFrtsMtwKaHDEj6Bd0U%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 cf-ray 726f4251490e99b0-CDG
GET H2	200	ethers-5.2.umd.min.js Show response cdn.ethers.io/lib/	716 KB 198 KB	86ms 25ms	Script application/javascript	18.66.139.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.ethers.io/lib/ethers-5.2.umd.min.js Requested by Host: app.jobprotocol.xyz URL: https://app.jobprotocol.xyz//confirm_referral/1657181086352x910308471740039200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.82 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-82.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff Request headers accept-language fr-FR,fr;q=0.9 Referer https://app.jobprotocol.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-amz-version-id 3StspTE73ijjMFvXMjx4rHtfrweE9frC content-encoding gzip last-modified Thu, 20 May 2021 21:33:05 GMT server AmazonS3 age 27436 etag W/"50ed955cf32ac8e4e1daa0fac8fcde98" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 via 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront) date Thu, 07 Jul 2022 01:01:34 GMT x-amz-cf-pop FRA60-P4 x-amz-cf-id PYe8QjSUX7to-CGeiQvAwUAzz8D8jRyeDlp1t30GBpLbPjSmMr47ig==
GET H2	200	css fonts.googleapis.com/	664 B 861 B	87ms 30ms	Stylesheet text/css	2a00:1450:400e:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato%7CLato:regular Requested by Host: dhtiece9044ep.cloudfront.net URL: https://dhtiece9044ep.cloudfront.net/package/early_js/dd268d133928160ce0477aa496e40e77dc989e7bf0f4dba4f88bcf7132d53b15/xfalse/early.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://app.jobprotocol.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 07 Jul 2022 08:37:35 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 07 Jul 2022 08:37:35 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 07 Jul 2022 08:37:35 GMT
GET H/1.1	200 OK	font_regular.css s3.amazonaws.com/appforest_uf/f1641420468960x443596829040061800/	175 B 719 B	475ms 156ms	Stylesheet text/css	52.217.44.174 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/appforest_uf/f1641420468960x443596829040061800/font_regular.css Requested by Host: dhtiece9044ep.cloudfront.net URL: https://dhtiece9044ep.cloudfront.net/package/early_js/dd268d133928160ce0477aa496e40e77dc989e7bf0f4dba4f88bcf7132d53b15/xfalse/early.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.217.44.174 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash 2703dbbe98e1df6586af251bb9de8dea6170341835ab6166b0789e6cf92dc5d1 Request headers accept-language fr-FR,fr;q=0.9 Referer https://app.jobprotocol.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-amz-server-side-encryption AES256 x-amz-meta-appname meritverse Last-Modified Wed, 05 Jan 2022 22:07:50 GMT Server AmazonS3 x-amz-request-id KZ5WX5EPBMXZWJQ5 ETag "3f86b3a247df1f2c72e6d5d583b6c377" x-amz-meta-app-version live x-amz-version-id r6ICp9eBfyHSGI_p8a73PZa3TIWP_XRW Cache-Control public,max-age=86400 Date Thu, 07 Jul 2022 08:37:36 GMT Accept-Ranges bytes Content-Type text/css Content-Length 175 x-amz-id-2 1LBCNn2Gzqyx2b055GliTScRB8djR+byUYt8Xd48lHG62KdsJsp9Bzch0PaKXAgxK799Udj7uOU=
GET H/1.1	200 OK	data Show response app.jobprotocol.xyz/api/1.1/init/	673 B 2 KB	241ms 240ms	XHR text/plain	104.19.240.93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.jobprotocol.xyz/api/1.1/init/data?location=https%3A%2F%2Fapp.jobprotocol.xyz%2F%2Fconfirm_referral%2F1657181086352x910308471740039200 Requested by Host: app.jobprotocol.xyz URL: https://app.jobprotocol.xyz//confirm_referral/1657181086352x910308471740039200 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash b26d70a43a7564a245e3d47a7567b52e5e40b101d3806495daf175f73f5640e0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://app.jobprotocol.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 07 Jul 2022 08:37:35 GMT CF-Cache-Status DYNAMIC x-bubble-perf {"total":21.4,"percents":{"top":{"bubble_cpu":47.9,"block":48.4,"capacity_rl":0,"other_pause":0,"pre_fiber":2.2},"sub":{"pp_userdb":18.6,"pp_wait_userdb":0,"http_request":0,"serverjson":18.9,"appserver_cache_misses_time":0,"redis":22.6,"fiber_queue":4.3,"capacity_wait":0.9}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":15,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":16,"fiber_queue":18,"blocks":17},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":7541957,"derived_build_time_spent":0}} Server cloudflare x-powered-by Express Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Transfer-Encoding chunked Connection keep-alive x-bubble-capacity-used 0.116 unit-seconds used CF-RAY 726f4251ab7e99ce-CDG x-bubble-capacity-limit 0 ms slower
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 24 KB	83ms 24ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato%7CLato:regular Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://app.jobprotocol.xyz accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 17:07:14 GMT x-content-type-options nosniff age 142221 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23580 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:48:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 05 Jul 2023 17:07:14 GMT
GET H2	200	analytics.min.js Show response cdn.segment.com/analytics.js/v1/pi4XAoz5H0XFMTwqRfdRttDcR5mgvvDO/	347 KB 54 KB	116ms 29ms	Script text/javascript	18.66.115.169 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics.js/v1/pi4XAoz5H0XFMTwqRfdRttDcR5mgvvDO/analytics.min.js Requested by Host: dhtiece9044ep.cloudfront.net URL: https://dhtiece9044ep.cloudfront.net/package/dynamic_js/d73e8cbd21b09d4dda03bc6543ca98fc3dc33175ef243371ebd757d80e9bc705/jobprotocol/live/confirm_referral/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.115.169 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-115-169.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 58cdd32afe519baf3cfa1e0ea6aab8475accb2be9397fbd388be958b5595feda Request headers accept-language fr-FR,fr;q=0.9 Referer https://app.jobprotocol.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-amz-version-id sAsOaqc_f4PgrwTtbK49fyoYIuLzfmfR content-encoding br etag W/"afe5c5c12d1ee902513c1f6ed002ae45" age 65 x-cache Hit from cloudfront access-control-max-age 3000 x-amz-replication-status COMPLETED access-control-allow-origin * last-modified Mon, 09 May 2022 21:14:23 GMT server AmazonS3 date Thu, 07 Jul 2022 08:36:32 GMT vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/javascript; charset=utf-8 via 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront) cache-control public, max-age=120 x-amz-cf-pop FRA56-P5 x-amz-cf-id i1LtXheUhYCB1ZUlkjMO0oQUlxO0R9myQCq0wBJMgjObgx0yuRRgtA==
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language fr-FR,fr;q=0.9 Referer https://app.jobprotocol.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/gif
POST H/1.1	200 OK	hi Show response app.jobprotocol.xyz/user/	57 B 1 KB	230ms 230ms	XHR application/json	104.19.240.93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.jobprotocol.xyz/user/hi Requested by Host: dhtiece9044ep.cloudfront.net URL: https://dhtiece9044ep.cloudfront.net/package/run_js/3efde104cc0fc2a44780f9f72b1040f61429d600ab2a7fdb5b760395d92f69a6/xfalse/x15/run.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash b05f42243d7969ae2ec8c2f4a20d21475d23aa5aa28dfb63f0682d882e2717c1 Request headers X-Bubble-Epoch-Name Epoch: Runmode page fully loaded X-Bubble-UTM-Data {} X-Bubble-Fiber-ID 1657183056052x518422508618853200 X-Bubble-PL 1657183056053x334 accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 X-Bubble-Epoch-ID 1657183056013x562674167977994500 Content-Type application/json X-Bubble-R https://app.jobprotocol.xyz//confirm_referral/1657181086352x910308471740039200 Accept application/json, text/javascript, */*; q=0.01 cache-control no-cache X-Requested-With XMLHttpRequest Referer https://app.jobprotocol.xyz/ X-Bubble-Breaking-Revision 5 Response headers Date Thu, 07 Jul 2022 08:37:36 GMT Content-Encoding br vary Accept-Encoding CF-Cache-Status DYNAMIC x-bubble-perf {"total":17,"percents":{"top":{"bubble_cpu":26.6,"block":70,"capacity_rl":0,"other_pause":0,"pre_fiber":3.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":29.8,"appserver_cache_misses_time":0,"redis":42.6,"fiber_queue":13.1,"capacity_wait":16.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":9,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":678173,"derived_build_time_spent":0}} x-bubble-appname jobprotocol x-powered-by Express Transfer-Encoding chunked Connection keep-alive x-bubble-capacity-used 0.01 unit-seconds used Server cloudflare Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-bubble-request-took 17 Content-Type application/json cache-control no-cache CF-RAY 726f425468e599ce-CDG x-bubble-capacity-limit 0 ms slower
POST H/1.1	200 OK	m Show response app.jobprotocol.xyz/user/	4 B 1 KB	261ms 221ms	XHR application/json	104.19.240.93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.jobprotocol.xyz/user/m Requested by Host: dhtiece9044ep.cloudfront.net URL: https://dhtiece9044ep.cloudfront.net/package/run_js/3efde104cc0fc2a44780f9f72b1040f61429d600ab2a7fdb5b760395d92f69a6/xfalse/x15/run.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Request headers X-Bubble-UTM-Data {} X-Bubble-Fiber-ID 1657183056063x436537308014455000 X-Bubble-PL 1657183056053x334 accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type application/json Accept application/json, text/javascript, */*; q=0.01 X-Bubble-R https://app.jobprotocol.xyz//confirm_referral/1657181086352x910308471740039200 cache-control no-cache X-Requested-With XMLHttpRequest Referer https://app.jobprotocol.xyz/ X-Bubble-Breaking-Revision 5 Response headers Date Thu, 07 Jul 2022 08:37:36 GMT Content-Encoding br vary Accept-Encoding CF-Cache-Status DYNAMIC x-bubble-perf {"total":12.6,"percents":{"top":{"bubble_cpu":23.9,"block":71.5,"capacity_rl":0,"other_pause":0,"pre_fiber":4.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":40.4,"fiber_queue":16.9,"capacity_wait":15.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":8,"blocks":7},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":451684,"derived_build_time_spent":0}} x-bubble-appname jobprotocol x-powered-by Express Transfer-Encoding chunked Connection keep-alive x-bubble-capacity-used 0.007 unit-seconds used Server cloudflare Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-bubble-request-took 12 Content-Type application/json cache-control no-cache CF-RAY 726f4254ba01ee89-CDG x-bubble-capacity-limit 0 ms slower
GET H2	200	js Show response www.googletagmanager.com/gtag/	86 KB 34 KB	95ms 36ms	Script application/javascript	2a00:1450:4001:800::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=308324786 Requested by Host: dhtiece9044ep.cloudfront.net URL: https://dhtiece9044ep.cloudfront.net/package/run_js/3efde104cc0fc2a44780f9f72b1040f61429d600ab2a7fdb5b760395d92f69a6/xfalse/x15/run.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f5fd078009cd1344df3a57f2a01a4b961288d235b8ed42015dfca0873e93d2bf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://app.jobprotocol.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 07 Jul 2022 08:37:36 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34176 x-xss-protection 0 last-modified Thu, 07 Jul 2022 06:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 07 Jul 2022 08:37:36 GMT
POST H/1.1	200 OK	start Show response app.jobprotocol.xyz/workflow/	453 B 1 KB	894ms 854ms	XHR application/json	104.19.240.93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.jobprotocol.xyz/workflow/start Requested by Host: dhtiece9044ep.cloudfront.net URL: https://dhtiece9044ep.cloudfront.net/package/run_js/3efde104cc0fc2a44780f9f72b1040f61429d600ab2a7fdb5b760395d92f69a6/xfalse/x15/run.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash d66a90b31749cedbebee7217c3c855efe152068c8dd7d1cbc1490ec8601f6f5f Request headers X-Bubble-UTM-Data {} X-Bubble-Fiber-ID 1657183056105x256294584491863360 X-Bubble-PL 1657183056053x334 accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type application/json Accept application/json, text/javascript, */*; q=0.01 X-Bubble-R https://app.jobprotocol.xyz//confirm_referral/1657181086352x910308471740039200 cache-control no-cache X-Requested-With XMLHttpRequest Referer https://app.jobprotocol.xyz/ X-Bubble-Breaking-Revision 5 Response headers Date Thu, 07 Jul 2022 08:37:36 GMT Content-Encoding br vary Accept-Encoding CF-Cache-Status DYNAMIC x-bubble-perf {"total":625.9,"percents":{"top":{"bubble_cpu":6.6,"block":93,"capacity_rl":0,"other_pause":0,"pre_fiber":0.2},"sub":{"pp_userdb":0.6,"pp_wait_userdb":0,"http_request":0,"serverjson":22.6,"appserver_cache_misses_time":0,"redis":81.9,"fiber_queue":11.1,"capacity_wait":0.8}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":3,"derived_cache_memory_misses":3,"serverjson":33,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":43,"fiber_queue":40,"blocks":39},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":17169347,"derived_build_time_spent":0}} x-bubble-appname jobprotocol x-powered-by Express Transfer-Encoding chunked Connection keep-alive x-bubble-capacity-used 0.264 unit-seconds used Server cloudflare Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-bubble-request-took 626 Content-Type application/json cache-control no-cache CF-RAY 726f4254fe4099fd-CDG x-bubble-capacity-limit 0 ms slower
GET H/1.1	200 OK	AvenirNext-Regular-08%20%284%29.ttf s3.amazonaws.com/appforest_uf/f1641420377509x153733543181704200/	411 KB 412 KB	473ms 153ms	Font font/ttf	52.217.44.174 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/appforest_uf/f1641420377509x153733543181704200/AvenirNext-Regular-08%20%284%29.ttf Requested by Host: s3.amazonaws.com URL: https://s3.amazonaws.com/appforest_uf/f1641420468960x443596829040061800/font_regular.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.217.44.174 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash 5f3eed8e891997529629227d479b1b9d83ae2e1bbaabbf499fcd22e4b303126c Request headers Referer https://s3.amazonaws.com/appforest_uf/f1641420468960x443596829040061800/font_regular.css Origin https://app.jobprotocol.xyz accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 07 Jul 2022 08:37:37 GMT Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method x-amz-request-id EYP5PR653X58HZJW x-amz-server-side-encryption AES256 x-amz-meta-app-version live Content-Length 421096 x-amz-id-2 ZI4fWG9Fi6i2bl2u0EVZ5FOAoZh8Ct3g3QMU6g049LmGvOKZqRRngT1TCAk8IijwSOylWYl1Y/M= x-amz-meta-appname meritverse Last-Modified Wed, 05 Jan 2022 22:06:19 GMT Server AmazonS3 ETag "4d8fdeb265ff6d34fb3bd8e4292665c0" Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET, POST x-amz-version-id 6tLFRWgTVkiRG0gW8weA2nXFjBXTukD3 Access-Control-Allow-Origin * Cache-Control public,max-age=86400 Accept-Ranges bytes Content-Type font/ttf
POST H/1.1	200 OK	apm Show response app.jobprotocol.xyz/user/	4 B 1 KB	253ms 253ms	XHR application/json	104.19.240.93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.jobprotocol.xyz/user/apm Requested by Host: dhtiece9044ep.cloudfront.net URL: https://dhtiece9044ep.cloudfront.net/package/run_js/3efde104cc0fc2a44780f9f72b1040f61429d600ab2a7fdb5b760395d92f69a6/xfalse/x15/run.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Request headers X-Bubble-UTM-Data {} X-Bubble-Fiber-ID 1657183057862x587804041168911000 X-Bubble-PL 1657183056053x334 accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type application/json Accept application/json, text/javascript, */*; q=0.01 X-Bubble-R https://app.jobprotocol.xyz//confirm_referral/1657181086352x910308471740039200 cache-control no-cache X-Requested-With XMLHttpRequest Referer https://app.jobprotocol.xyz/ X-Bubble-Breaking-Revision 5 Response headers Date Thu, 07 Jul 2022 08:37:38 GMT Content-Encoding br vary Accept-Encoding CF-Cache-Status DYNAMIC x-bubble-perf {"total":45.7,"percents":{"top":{"bubble_cpu":5.5,"block":70.6,"capacity_rl":0,"other_pause":0,"pre_fiber":23.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":37,"fiber_queue":27.2,"capacity_wait":17.8}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":5,"fiber_queue":6,"blocks":5},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":374424,"derived_build_time_spent":0}} x-bubble-appname jobprotocol x-powered-by Express Transfer-Encoding chunked Connection keep-alive x-bubble-capacity-used 0.006 unit-seconds used Server cloudflare Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-bubble-request-took 46 Content-Type application/json cache-control no-cache CF-RAY 726f425fba9599fd-CDG x-bubble-capacity-limit 0 ms slower
POST H/1.1	200 OK	frg Show response app.jobprotocol.xyz/	4 B 1 KB	274ms 274ms	XHR application/json	104.19.240.93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.jobprotocol.xyz/frg Requested by Host: dhtiece9044ep.cloudfront.net URL: https://dhtiece9044ep.cloudfront.net/package/run_js/3efde104cc0fc2a44780f9f72b1040f61429d600ab2a7fdb5b760395d92f69a6/xfalse/x15/run.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b Request headers X-Bubble-UTM-Data {} X-Bubble-Fiber-ID 1657183059065x245460650127788740 X-Bubble-PL 1657183056053x334 accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type application/json Accept application/json, text/javascript, */*; q=0.01 X-Bubble-R https://app.jobprotocol.xyz//confirm_referral/1657181086352x910308471740039200 cache-control no-cache X-Requested-With XMLHttpRequest Referer https://app.jobprotocol.xyz/ X-Bubble-Breaking-Revision 5 Response headers Date Thu, 07 Jul 2022 08:37:39 GMT Content-Encoding br vary Accept-Encoding CF-Cache-Status DYNAMIC x-bubble-perf {"total":59.7,"percents":{"top":{"bubble_cpu":5.1,"block":94.2,"capacity_rl":0,"other_pause":0,"pre_fiber":0.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":17.4,"fiber_queue":1.7,"capacity_wait":2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":459483,"derived_build_time_spent":0}} x-bubble-appname jobprotocol x-powered-by Express Transfer-Encoding chunked Connection keep-alive x-bubble-capacity-used 0.007 unit-seconds used Server cloudflare Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-bubble-request-took 60 Content-Type application/json cache-control no-cache CF-RAY 726f4267385e99fd-CDG x-bubble-capacity-limit 0 ms slower
POST H/1.1	200 OK	frg Show response app.jobprotocol.xyz/	4 B 1 KB	861ms 861ms	XHR application/json	104.19.240.93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.jobprotocol.xyz/frg Requested by Host: dhtiece9044ep.cloudfront.net URL: https://dhtiece9044ep.cloudfront.net/package/run_js/3efde104cc0fc2a44780f9f72b1040f61429d600ab2a7fdb5b760395d92f69a6/xfalse/x15/run.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Request headers X-Bubble-UTM-Data {} X-Bubble-Fiber-ID 1657183059343x963657422978527400 X-Bubble-PL 1657183056053x334 accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type application/json Accept application/json, text/javascript, */*; q=0.01 X-Bubble-R https://app.jobprotocol.xyz//confirm_referral/1657181086352x910308471740039200 cache-control no-cache X-Requested-With XMLHttpRequest Referer https://app.jobprotocol.xyz/ X-Bubble-Breaking-Revision 5 Response headers Date Thu, 07 Jul 2022 08:37:40 GMT Content-Encoding br vary Accept-Encoding CF-Cache-Status DYNAMIC x-bubble-perf {"total":348.4,"percents":{"top":{"bubble_cpu":1.8,"block":97.4,"capacity_rl":0,"other_pause":0,"pre_fiber":0.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0.8,"appserver_cache_misses_time":0,"redis":2.6,"fiber_queue":0.6,"capacity_wait":0.2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":3,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":13,"blocks":12},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":946516,"derived_build_time_spent":0}} x-bubble-appname jobprotocol x-powered-by Express Transfer-Encoding chunked Connection keep-alive x-bubble-capacity-used 0.015 unit-seconds used Server cloudflare Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-bubble-request-took 349 Content-Type application/json cache-control no-cache CF-RAY 726f4268fb5e99fd-CDG x-bubble-capacity-limit 0 ms slower

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| bubble_session_uid object| headers_source_maps object| load_error_log object| _bubble_page_load_data object| webfont object| WebFont function| FontFaceObserver string| gm_key boolean| glrl_key_status string| _p string| bubble_page_name function| $ function| jQuery string| bubble_bundle_name function| setImmediate function| clearImmediate object| safe_require object| Base64 object| BrowserDetect function| highlight_dom_changes function| local_storage_fallback object| u function| kill_notifier_socket function| restore_notifier_socket object| client_db number| server_time_offset object| element_performance_counts function| ElementInstance_rehydrate object| appquery function| google_web_fonts_active_cb function| fontface_webfonts_loaded_cb function| authenticate_as object| testing object| document_ready_key function| display_page function| Lib_post_load number| bubble_version object| plugins object| optional_modules object| bubble_run_derived function| gtag object| app object| analytics object| dataLayer object| translation_data object| language_data string| application_language function| Lib function| ClipboardJS function| filterCSS function| filterXSS function| Magic object| _ethers object| ethers function| everything_ready function| wait_for_everything function| show_banner object| gtag_script boolean| segment_analytics_loaded object| google_tag_manager boolean| google_web_fonts_active object| fontface_loaded boolean| all_fontface_loaded

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.app.jobprotocol.xyz/	1970-01-20 04:24:02	Name: jobprotocol_live_u2main Value: 1657183055250x397759708603401900
			.app.jobprotocol.xyz/	1970-01-20 04:24:02	Name: jobprotocol_live_u2main.sig Value: OTEyRmC-Cqx3yfJoNCkBbjJMhvg
			.app.jobprotocol.xyz/	1969-12-31 23:59:59	Name: jobprotocol_u1main Value: 1657183055105x533070778536537600

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.jobprotocol.xyz
cdn.ethers.io
cdn.jsdelivr.net
cdn.segment.com
d2tf8y1b8kxrzw.cloudfront.net
dd7tel2830j4w.cloudfront.net
dhtiece9044ep.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
s3.amazonaws.com
www.googletagmanager.com
104.19.240.93
18.66.115.169
18.66.139.82
2600:9000:223c:2600:11:b70:f800:21
2600:9000:223d:cc00:1f:fceb:ff00:21
2600:9000:2250:5e00:b:9da4:d440:21
2606:4700::6810:5914
2a00:1450:4001:800::2008
2a00:1450:4001:828::2003
2a00:1450:400e:800::200a
52.217.44.174
09c1674dcda9288f688c9197f8ce74d0cb123d00d012ddf65d0f023e9eade1fd
2703dbbe98e1df6586af251bb9de8dea6170341835ab6166b0789e6cf92dc5d1
376f44fb8cce1ac6d21d101a10562d5f558466e1853877595ea0a8f06f248e3a
4404b271cc573d6ff28829a9999026934f0a335877933db6e852f9d55b1f6a05
58cdd32afe519baf3cfa1e0ea6aab8475accb2be9397fbd388be958b5595feda
5a896b35367d958d102f97f4fd08b5cb0dd11a70cb8a0d8754b624aec866ed8d
5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86
5f3eed8e891997529629227d479b1b9d83ae2e1bbaabbf499fcd22e4b303126c
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
78bafe6f987f7ec5d75a15675f925a66901cf075316e2670d2a442e1e0c4e5b5
8925f1e8a34a8944098b7073f62d681d67ee3d3619a04dba9032b2618d6d0f00
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
b05f42243d7969ae2ec8c2f4a20d21475d23aa5aa28dfb63f0682d882e2717c1
b26d70a43a7564a245e3d47a7567b52e5e40b101d3806495daf175f73f5640e0
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff
d66a90b31749cedbebee7217c3c855efe152068c8dd7d1cbc1490ec8601f6f5f
ed022781c71d6d8580d320cf0c9257582e7a99d7f748808c2c68f65412c4c7eb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5fd078009cd1344df3a57f2a01a4b961288d235b8ed42015dfca0873e93d2bf
f605bf0857e1a6b753a24f1a564aaf13568512749e6027484c802d5d6c895d60
fdd3572778873799fd1a66997667844255a3ce009ff7dc91cbadcdb02f8c0aea