scammedbyjosephsehr.com Open in urlscan Pro
208.94.117.203  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response scammedbyjosephsehr.com/	20 KB 6 KB	671ms 251ms	Document text/html	208.94.117.203 GRIDFURY-AS
General Check archive.org Show headers Download Go to Full URL https://scammedbyjosephsehr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.203 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-203.sites.nearlyfreespeech.net Software Apache / Resource Hash d3b43aa0aaa68e0f33edc655515df76cca2492e04477f86052f800e1ae30ef7c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-encoding gzip content-length 5603 content-type text/html; charset=UTF-8 date Sat, 20 Jul 2024 07:46:31 GMT etag "4f12-61d9bc56e84b6" last-modified Fri, 19 Jul 2024 15:58:49 GMT server Apache vary Accept-Encoding via e7s
GET H2	200	css2 fonts.googleapis.com/	10 KB 1 KB	115ms 15ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?display=swap&family=Inter:ital,wght@0,300;0,400;1,300;1,400&family=Fraunces:ital,wght@0,300;0,400;1,300;1,400 Requested by Host: scammedbyjosephsehr.com URL: https://scammedbyjosephsehr.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bdce53ed6a4e4fe6edacb8103f1f9f95c7d3493c44c5300ae7bc8236cfdd3e81 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://scammedbyjosephsehr.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 20 Jul 2024 07:46:31 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 20 Jul 2024 07:46:31 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 20 Jul 2024 07:46:31 GMT
GET H2	200	main.css scammedbyjosephsehr.com/assets/	33 KB 6 KB	294ms 271ms	Stylesheet text/css	208.94.117.203 GRIDFURY-AS
General Check archive.org Show headers Download Go to Full URL https://scammedbyjosephsehr.com/assets/main.css Requested by Host: scammedbyjosephsehr.com URL: https://scammedbyjosephsehr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.203 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-203.sites.nearlyfreespeech.net Software Apache / Resource Hash 4a8cbb452f81d7fff9038167ce689a949ec0c5086e92d03bcbf0144ffc246d09 Request headers Referer https://scammedbyjosephsehr.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 07:46:31 GMT content-encoding gzip via e7s last-modified Fri, 19 Jul 2024 15:58:56 GMT server Apache etag "84d5-61d9bc5d1553e" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 6280
GET H2	200	js Show response www.googletagmanager.com/gtag/	226 KB 82 KB	215ms 28ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-973858286 Requested by Host: scammedbyjosephsehr.com URL: https://scammedbyjosephsehr.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d920add4620c35653ba7fded20baa0607c6a64ca22797f9d53f6564d5d185f72 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://scammedbyjosephsehr.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 07:46:32 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 83341 x-xss-protection 0 last-modified Sat, 20 Jul 2024 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 20 Jul 2024 07:46:32 GMT
GET H2	200	image01.jpg scammedbyjosephsehr.com/assets/images/	28 KB 29 KB	298ms 275ms	Image image/jpeg	208.94.117.203 GRIDFURY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://scammedbyjosephsehr.com/assets/images/image01.jpg Requested by Host: scammedbyjosephsehr.com URL: https://scammedbyjosephsehr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.203 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-203.sites.nearlyfreespeech.net Software Apache / Resource Hash 282f2a498697e304aebe1ce7f1c6bf1c2d1c088c9e6aa7347090f7dc383109b4 Request headers Referer https://scammedbyjosephsehr.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 07:46:31 GMT via e7s last-modified Fri, 19 Jul 2024 15:58:55 GMT server Apache etag "71be-61d9bc5c704a7" content-type image/jpeg accept-ranges bytes content-length 29118
GET H2	200	407337de.jpg scammedbyjosephsehr.com/assets/images/gallery01/	60 KB 60 KB	199ms 177ms	Image image/jpeg	208.94.117.203 GRIDFURY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://scammedbyjosephsehr.com/assets/images/gallery01/407337de.jpg Requested by Host: scammedbyjosephsehr.com URL: https://scammedbyjosephsehr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.203 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-203.sites.nearlyfreespeech.net Software Apache / Resource Hash 4728c15442ceef990c8aa7ff9f885e0079a9a1740762ac105e5f7219beb2711e Request headers Referer https://scammedbyjosephsehr.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 07:46:31 GMT via e7s last-modified Fri, 19 Jul 2024 15:58:54 GMT server Apache etag "efb4-61d9bc5b7a334" content-type image/jpeg accept-ranges bytes content-length 61364
GET H2	200	6c51f5ba.jpg scammedbyjosephsehr.com/assets/images/gallery01/	22 KB 22 KB	159ms 154ms	Image image/jpeg	208.94.117.203 GRIDFURY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://scammedbyjosephsehr.com/assets/images/gallery01/6c51f5ba.jpg Requested by Host: scammedbyjosephsehr.com URL: https://scammedbyjosephsehr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.203 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-203.sites.nearlyfreespeech.net Software Apache / Resource Hash dc8687d39d8723e7b633f08c0b291e6ed43866795c958af6116f404c260fda66 Request headers Referer https://scammedbyjosephsehr.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 07:46:32 GMT via e7s last-modified Fri, 19 Jul 2024 15:58:51 GMT server Apache etag "5712-61d9bc5833583" content-type image/jpeg accept-ranges bytes content-length 22290
GET H2	200	dabd7f07.jpg scammedbyjosephsehr.com/assets/images/gallery01/	63 KB 64 KB	161ms 156ms	Image image/jpeg	208.94.117.203 GRIDFURY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://scammedbyjosephsehr.com/assets/images/gallery01/dabd7f07.jpg Requested by Host: scammedbyjosephsehr.com URL: https://scammedbyjosephsehr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.203 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-203.sites.nearlyfreespeech.net Software Apache / Resource Hash a042696ddd6cd9ee26756b81864a6b9288ecbf14650f9efa9c62c3f69fb5b00e Request headers Referer https://scammedbyjosephsehr.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 07:46:32 GMT via e7s last-modified Fri, 19 Jul 2024 15:58:52 GMT server Apache etag "fdbe-61d9bc5972ad1" content-type image/jpeg accept-ranges bytes content-length 64958
GET H2	200	84a2daf7.jpg scammedbyjosephsehr.com/assets/images/gallery01/	94 KB 94 KB	160ms 155ms	Image image/jpeg	208.94.117.203 GRIDFURY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://scammedbyjosephsehr.com/assets/images/gallery01/84a2daf7.jpg Requested by Host: scammedbyjosephsehr.com URL: https://scammedbyjosephsehr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.203 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-203.sites.nearlyfreespeech.net Software Apache / Resource Hash 723b1747c24f64e32648f52a6e4f831f7c2a5488faba6fb0dcb3c40a609a4d6f Request headers Referer https://scammedbyjosephsehr.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 07:46:32 GMT via e7s last-modified Fri, 19 Jul 2024 15:58:53 GMT server Apache etag "1783a-61d9bc5a53485" content-type image/jpeg accept-ranges bytes content-length 96314
GET H2	200	e4f09a86.jpg scammedbyjosephsehr.com/assets/images/gallery01/	24 KB 24 KB	160ms 156ms	Image image/jpeg	208.94.117.203 GRIDFURY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://scammedbyjosephsehr.com/assets/images/gallery01/e4f09a86.jpg Requested by Host: scammedbyjosephsehr.com URL: https://scammedbyjosephsehr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.203 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-203.sites.nearlyfreespeech.net Software Apache / Resource Hash 78847b95a9598fd045271ce51b96b7ec67c29c6bd73398cb471e2949c4df10da Request headers Referer https://scammedbyjosephsehr.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 07:46:32 GMT via e7s last-modified Fri, 19 Jul 2024 15:58:51 GMT server Apache etag "6077-61d9bc587c95f" content-type image/jpeg accept-ranges bytes content-length 24695
GET H2	200	e774e26e.jpg scammedbyjosephsehr.com/assets/images/gallery01/	86 KB 86 KB	161ms 157ms	Image image/jpeg	208.94.117.203 GRIDFURY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://scammedbyjosephsehr.com/assets/images/gallery01/e774e26e.jpg Requested by Host: scammedbyjosephsehr.com URL: https://scammedbyjosephsehr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.203 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-203.sites.nearlyfreespeech.net Software Apache / Resource Hash 86ac30689574ca396e55904fe4406b17d1f60d977201e3e2cad871ceebeab70c Request headers Referer https://scammedbyjosephsehr.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 07:46:32 GMT via e7s last-modified Fri, 19 Jul 2024 15:58:54 GMT server Apache etag "15652-61d9bc5b30f58" content-type image/jpeg accept-ranges bytes content-length 87634
GET H2	200	d4660ca6.jpg scammedbyjosephsehr.com/assets/images/gallery01/	68 KB 68 KB	160ms 156ms	Image image/jpeg	208.94.117.203 GRIDFURY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://scammedbyjosephsehr.com/assets/images/gallery01/d4660ca6.jpg Requested by Host: scammedbyjosephsehr.com URL: https://scammedbyjosephsehr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.203 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-203.sites.nearlyfreespeech.net Software Apache / Resource Hash 0506216be57aacbe1c58695417d9e77c31c6281af22928cb73a5c7692a75ef4c Request headers Referer https://scammedbyjosephsehr.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 07:46:32 GMT via e7s last-modified Fri, 19 Jul 2024 15:58:53 GMT server Apache etag "11015-61d9bc5a071c9" content-type image/jpeg accept-ranges bytes content-length 69653
GET H2	200	image02.jpg scammedbyjosephsehr.com/assets/images/	31 KB 31 KB	160ms 157ms	Image image/jpeg	208.94.117.203 GRIDFURY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://scammedbyjosephsehr.com/assets/images/image02.jpg Requested by Host: scammedbyjosephsehr.com URL: https://scammedbyjosephsehr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.203 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-203.sites.nearlyfreespeech.net Software Apache / Resource Hash fa236d8911d240e98f88c9c47a48ffd007a2d22415a3f2ec93104a69f5f51aae Request headers Referer https://scammedbyjosephsehr.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 07:46:32 GMT via e7s last-modified Fri, 19 Jul 2024 15:58:55 GMT server Apache etag "7cd8-61d9bc5cb9883" content-type image/jpeg accept-ranges bytes content-length 31960
GET H2	200	main.js Show response scammedbyjosephsehr.com/assets/	67 KB 13 KB	160ms 155ms	Script text/javascript	208.94.117.203 GRIDFURY-AS
General Check archive.org Show headers Download Go to Full URL https://scammedbyjosephsehr.com/assets/main.js Requested by Host: scammedbyjosephsehr.com URL: https://scammedbyjosephsehr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.203 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-203.sites.nearlyfreespeech.net Software Apache / Resource Hash f9c570e7af9c8b7b94cbdba7c253cedd4e30e39e19084b9f6145b684431cdbac Request headers Referer https://scammedbyjosephsehr.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 07:46:32 GMT content-encoding gzip via e7s last-modified Fri, 19 Jul 2024 15:58:56 GMT server Apache etag "10b1b-61d9bc5d60859" vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 13247
GET H2	200	icons.svg scammedbyjosephsehr.com/assets/	1 MB 404 KB	159ms 156ms	Other image/svg+xml	208.94.117.203 GRIDFURY-AS
General Check archive.org Show headers Download Go to Full URL https://scammedbyjosephsehr.com/assets/icons.svg Requested by Host: scammedbyjosephsehr.com URL: https://scammedbyjosephsehr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.203 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-203.sites.nearlyfreespeech.net Software Apache / Resource Hash 88d9424797a5d9bcf88275da5cc69f2e225557f91b4945cffd1097af53f2948c Request headers Referer https://scammedbyjosephsehr.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 07:46:32 GMT content-encoding gzip via e7s last-modified Fri, 19 Jul 2024 15:58:57 GMT server Apache etag "13fa22-61d9bc5e3e32d" vary Accept-Encoding content-type image/svg+xml accept-ranges bytes
GET DATA	200 OK	truncated /	357 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bac1af44439212a3e0a97645f7e1e7ba09afc7290f710aa864a562e2401e18e2 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET H2	200	6NUu8FyLNQOQZAnv9bYEvDiIdE9Ea92uemAk_WBq8U_9v0c2Wa0K7iN7hzFUPJH58nib14c7qv8.woff2 fonts.gstatic.com/s/fraunces/v31/	36 KB 36 KB	262ms 19ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/fraunces/v31/6NUu8FyLNQOQZAnv9bYEvDiIdE9Ea92uemAk_WBq8U_9v0c2Wa0K7iN7hzFUPJH58nib14c7qv8.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?display=swap&family=Inter:ital,wght@0,300;0,400;1,300;1,400&family=Fraunces:ital,wght@0,300;0,400;1,300;1,400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d1634772533aeeff86fa05d470c8bb700d62ad510826eb42e05d67303927045b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://scammedbyjosephsehr.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 16 Jul 2024 14:44:53 GMT x-content-type-options nosniff age 320499 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 36584 x-xss-protection 0 last-modified Tue, 02 May 2023 16:15:50 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 16 Jul 2025 14:44:53 GMT
GET H2	200	UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 fonts.gstatic.com/s/inter/v13/	46 KB 46 KB	254ms 11ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?display=swap&family=Inter:ital,wght@0,300;0,400;1,300;1,400&family=Fraunces:ital,wght@0,300;0,400;1,300;1,400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://scammedbyjosephsehr.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 16 Jul 2024 09:37:43 GMT x-content-type-options nosniff age 338929 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46704 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:49:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 16 Jul 2025 09:37:43 GMT
GET H2	404	favicon.ico scammedbyjosephsehr.com/	1 KB 664 B	98ms 97ms	Other text/html	208.94.117.203 GRIDFURY-AS
General Check archive.org Show headers Download Go to Full URL https://scammedbyjosephsehr.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.203 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-203.sites.nearlyfreespeech.net Software Apache / Resource Hash 7105aae175066e456c45a59478bd5d4e08dc9bccd1ddbd52e9d72c1432ada4ec Request headers Referer https://scammedbyjosephsehr.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 07:46:34 GMT content-encoding gzip via e7s server Apache vary Accept-Encoding content-type text/html; charset=UTF-8 accept-ranges bytes content-length 609

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| _scrollToTop object| $modalCaption object| google_tag_manager object| google_tag_data

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.scammedbyjosephsehr.com/	1970-01-21 00:20:37	Name: _gcl_au Value: 1.1.1887612943.1721461592

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://scammedbyjosephsehr.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
scammedbyjosephsehr.com
www.googletagmanager.com
208.94.117.203
2a00:1450:4001:810::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2008
0506216be57aacbe1c58695417d9e77c31c6281af22928cb73a5c7692a75ef4c
282f2a498697e304aebe1ce7f1c6bf1c2d1c088c9e6aa7347090f7dc383109b4
4728c15442ceef990c8aa7ff9f885e0079a9a1740762ac105e5f7219beb2711e
4a8cbb452f81d7fff9038167ce689a949ec0c5086e92d03bcbf0144ffc246d09
7105aae175066e456c45a59478bd5d4e08dc9bccd1ddbd52e9d72c1432ada4ec
723b1747c24f64e32648f52a6e4f831f7c2a5488faba6fb0dcb3c40a609a4d6f
78847b95a9598fd045271ce51b96b7ec67c29c6bd73398cb471e2949c4df10da
86ac30689574ca396e55904fe4406b17d1f60d977201e3e2cad871ceebeab70c
88d9424797a5d9bcf88275da5cc69f2e225557f91b4945cffd1097af53f2948c
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
a042696ddd6cd9ee26756b81864a6b9288ecbf14650f9efa9c62c3f69fb5b00e
bac1af44439212a3e0a97645f7e1e7ba09afc7290f710aa864a562e2401e18e2
bdce53ed6a4e4fe6edacb8103f1f9f95c7d3493c44c5300ae7bc8236cfdd3e81
d1634772533aeeff86fa05d470c8bb700d62ad510826eb42e05d67303927045b
d3b43aa0aaa68e0f33edc655515df76cca2492e04477f86052f800e1ae30ef7c
d920add4620c35653ba7fded20baa0607c6a64ca22797f9d53f6564d5d185f72
dc8687d39d8723e7b633f08c0b291e6ed43866795c958af6116f404c260fda66
f9c570e7af9c8b7b94cbdba7c253cedd4e30e39e19084b9f6145b684431cdbac
fa236d8911d240e98f88c9c47a48ffd007a2d22415a3f2ec93104a69f5f51aae