esf.mystaffsavvy.com Open in urlscan Pro
185.166.130.131 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://esf.mystaffsavvy.com/shifts/available
Submission: On May 22 via manual (May 22nd 2023, 6:44:09 pm UTC) from IN — Scanned from GB

Summary HTTP 36 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 36 HTTP transactions. The main IP is 185.166.130.131, located in United Kingdom and belongs to UKFAST, GB. The main domain is esf.mystaffsavvy.com.
TLS certificate: Issued by R3 on March 27th 2023. Valid for: 3 months.

This is the only time esf.mystaffsavvy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	185.166.130.131 185.166.130.131	61323 (UKFAST) (UKFAST)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
36	3

33 185.166.130.131 (United Kingdom)

ASN61323 (UKFAST, GB)
PTR: 185.166.130.131.srvlist.ukfast.net

esf.mystaffsavvy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	mystaffsavvy.com esf.mystaffsavvy.com	2 MB
3	gstatic.com www.gstatic.com	37 KB
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	232 B
36	3

	Domain	Requested by
33	esf.mystaffsavvy.com	esf.mystaffsavvy.com
3	www.gstatic.com	esf.mystaffsavvy.com
1	www.google.com	1 redirects
36	3

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
www.mozilla.org
www.google.com
staffsavvy.com

Subject Issuer	Validity	Valid
esf.mystaffsavvy.com R3	`2023-03-27` - `2023-06-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://esf.mystaffsavvy.com/shifts/available
Frame ID: EFB0D77BC43833AE09273130C335014A
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Edinburgh Street Food powered by StaffSavvy

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

97 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1954 kB
Transfer

1991 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/en-us/windows/microsoft-edge
Title: Upgrade to Microsoft Edge

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/en-US/firefox/
Title: FireFox

Search URL Search Domain Scan URL

URL: http://www.google.com/chrome/
Title: Chrome

Search URL Search Domain Scan URL

URL: https://staffsavvy.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://www.google.com/jsapi HTTP 301
https://www.gstatic.com/charts/loader.js

36 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request available Show response
esf.mystaffsavvy.com/shifts/ 10 KB
12 KB 165ms
41ms Document
text/html 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache / PHP/7.4.20

Resource Hash

94aff76ffe1ac73708fa70e9a299050526310e0812f192a0a0798f058dc414dd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 May 2023 18:44:03 GMT
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Referrer-Policy: same-origin
Server: Apache
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.4.20
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK foundation.min.css
esf.mystaffsavvy.com/style/base/foundation/css/ 152 KB
154 KB 34ms
31ms Stylesheet
text/css 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/style/base/foundation/css/foundation.min.css?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

fc51380c10f826db776db2574c139287f97ee42fee7c4e839fdbc42e8a95905e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:03 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 155673
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:59:31 GMT
Server: Apache
ETag: "26019-5fa1b4884f0f4"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK crew.css
esf.mystaffsavvy.com/ 27 KB
29 KB 155ms
31ms Stylesheet
text/css 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/crew.css?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

2440de1f758382232497154bd72e0b77885c307d6067e68cc3f53583395170c2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 27801
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Tue, 25 Apr 2023 09:07:42 GMT
Server: Apache
ETag: "6c99-5fa2574b40961"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK layout.css
esf.mystaffsavvy.com/style/ 38 KB
39 KB 188ms
31ms Stylesheet
text/css 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/style/layout.css?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

95e3711ff79275c8030e7255bff192ba9f8dddd1013a5e4ee3b7376d94367dca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 38739
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Wed, 17 May 2023 21:04:45 GMT
Server: Apache
ETag: "9753-5fbea09965812"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK local.css
esf.mystaffsavvy.com/local/ 0
2 KB 220ms
31ms Stylesheet
text/css 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/local/local.css?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 26 Jan 2023 16:02:30 GMT
Server: Apache
ETag: "0-5f32ce044cb52"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96

GET
H/1.1 200
OK token-input.css
esf.mystaffsavvy.com/scripts/tokeninput/ 4 KB
6 KB 251ms
31ms Stylesheet
text/css 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/scripts/tokeninput/token-input.css?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

b795a44fdbe536f4259002e184d0aba921f45b0de3c99c3cd45d604a732509dd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 4598
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:59:13 GMT
Server: Apache
ETag: "11f6-5fa1b477b2654"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95

GET
H/1.1 200
OK colour.css
esf.mystaffsavvy.com/style/bluetwo/ 37 KB
39 KB 283ms
31ms Stylesheet
text/css 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/style/bluetwo/colour.css?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

7150dbb9cf13942d584b357c3945332ab3ca4b19c2649a1ff1d244abe9f4e721

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 37987
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:59:21 GMT
Server: Apache
ETag: "9463-5fa1b47ee4ea5"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94

GET
H/1.1 200
OK foundation-datepicker.min.css
esf.mystaffsavvy.com/scripts/datepicker/ 3 KB
4 KB 316ms
31ms Stylesheet
text/css 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/scripts/datepicker/foundation-datepicker.min.css?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

c8c84bffe3544eeae03b1099370b72a0f5b914352c982964bb0f76737dbeeef7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 2685
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:59:11 GMT
Server: Apache
ETag: "a7d-5fa1b4757e6ef"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93

GET
H/1.1 200
OK all.css
esf.mystaffsavvy.com/style/base/fontawesome/ 220 KB
222 KB 347ms
31ms Stylesheet
text/css 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/style/base/fontawesome/all.css?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

730311fe453cbf37f68fefd56fee3530a4722ed549aa300699979fbeef6b0e0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 225362
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:59:21 GMT
Server: Apache
ETag: "37052-5fa1b47f2a7ec"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92

GET
H/1.1 200
OK redactor.min.css
esf.mystaffsavvy.com/scripts/redactor/ 42 KB
43 KB 413ms
31ms Stylesheet
text/css 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/scripts/redactor/redactor.min.css?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

35f0945e8b89a339eaf13026cb1bf44d38e9a4de039c6cad0c3a6fc2dc5c874f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 42658
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:59:12 GMT
Server: Apache
ETag: "a6a2-5fa1b476d62e8"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91

GET
H/1.1 200
OK jquery.js Show response
esf.mystaffsavvy.com/style/base/foundation/js/vendor/ 87 KB
89 KB 447ms
31ms Script
application/javascript 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/style/base/foundation/js/vendor/jquery.js?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 89478
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:59:31 GMT
Server: Apache
ETag: "15d86-5fa1b488fb2d8"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/7.6.0/ 18 KB
7 KB 119ms
37ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.6.0/firebase-app.js

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

239ca489071c66cbd6b4a5a56e5e4e4252eeb27d801249a9f03b03cf885be15c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 10:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6132
x-xss-protection: 0
last-modified: Thu, 12 Dec 2019 21:42:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 May 2024 10:21:39 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/7.6.0/ 47 KB
12 KB 121ms
40ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.6.0/firebase-messaging.js

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5324a34dd647d22e9b7db0129d53271d5901d370b5462bff16dd0aaf14bf6a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 353144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12497
x-xss-protection: 0
last-modified: Thu, 12 Dec 2019 21:42:56 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 May 2024 16:38:20 GMT

GET
H/1.1 200
OK jscolor.js Show response
esf.mystaffsavvy.com/scripts/jscolor/ 29 KB
31 KB 484ms
32ms Script
application/javascript 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/scripts/jscolor/jscolor.js?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

1b09f973faf4576d3f1bb32ab9628493f609e85ee8eb94fee25dc0cd01071aaf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 29813
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:59:12 GMT
Server: Apache
ETag: "7475-5fa1b4767a242"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89

GET
H/1.1 200
OK token-input.js Show response
esf.mystaffsavvy.com/scripts/tokeninput/ 28 KB
30 KB 516ms
31ms Script
application/javascript 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/scripts/tokeninput/token-input.js?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

29a2a59e3b2cf3a8bed88de085e251c6fef24ea4be0b28317dd1083fdd0e4a7b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 28950
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:59:14 GMT
Server: Apache
ETag: "7116-5fa1b477e377b"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88

GET
H/1.1 200
OK jquery.tinysort.min.js Show response
esf.mystaffsavvy.com/scripts/tinysort/ 3 KB
5 KB 548ms
31ms Script
application/javascript 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/scripts/tinysort/jquery.tinysort.min.js?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

f0a0e4253b89d13a4b64796c74b0801d310b761cf0d200188eb06b0f0a3a9202

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 3483
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:59:13 GMT
Server: Apache
ETag: "d9b-5fa1b477a8dfc"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87

GET
H2

200

loader.js Show response
www.gstatic.com/charts/
Redirect Chain

https://www.google.com/jsapi
https://www.gstatic.com/charts/loader.js

61 KB
18 KB

38ms
36ms

Script
text/javascript

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18534
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 17:52:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gviz"
vary: Accept-Encoding, Origin
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 22 May 2023 19:06:04 GMT

Redirect headers

date: Mon, 22 May 2023 18:21:05 GMT
x-content-type-options: nosniff
server: sffe
age: 1379
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/charts/loader.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Mon, 22 May 2023 18:51:05 GMT

GET
H/1.1 200
OK redactor.min.js Show response
esf.mystaffsavvy.com/scripts/redactor/ 258 KB
259 KB 581ms
32ms Script
application/javascript 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/scripts/redactor/redactor.min.js?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

7912a94bf75358d6a84708f89485cb58c79ef5fc1ce52d8e4e67b8d47f01b49e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 263876
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:59:13 GMT
Server: Apache
ETag: "406c4-5fa1b47719907"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86

GET
H/1.1 200
OK imagemanager.min.js Show response
esf.mystaffsavvy.com/scripts/redactor/_plugins/imagemanager/ 1 KB
3 KB 619ms
31ms Script
application/javascript 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/scripts/redactor/_plugins/imagemanager/imagemanager.min.js?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

3fb004efbc2979cc844f9b1ba8eea698d4cc2b66db5dda17825afde76f6738dd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 1040
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:59:18 GMT
Server: Apache
ETag: "410-5fa1b47c60633"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85

GET
H/1.1 200
OK alignment.min.js Show response
esf.mystaffsavvy.com/scripts/redactor/_plugins/alignment/ 996 B
3 KB 651ms
31ms Script
application/javascript 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/scripts/redactor/_plugins/alignment/alignment.min.js?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

2a465f2088bcb5cb745e9f34dce15dd4a297f553454294efcf3435e31637ee02

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 996
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:59:16 GMT
Server: Apache
ETag: "3e4-5fa1b47a93b24"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84

GET
H/1.1 200
OK table.min.js Show response
esf.mystaffsavvy.com/scripts/redactor/_plugins/table/ 6 KB
8 KB 683ms
31ms Script
application/javascript 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/scripts/redactor/_plugins/table/table.min.js?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

ed200dc7aebdca002acc6aac3d4d9c52ebd5ac56cd173d25035286edefc05440

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 6570
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:59:19 GMT
Server: Apache
ETag: "19aa-5fa1b47d1124f"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83

GET
H/1.1 200
OK datamerge.js Show response
esf.mystaffsavvy.com/scripts/redactor/_plugins/datamerge/ 6 KB
8 KB 716ms
31ms Script
application/javascript 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/scripts/redactor/_plugins/datamerge/datamerge.js?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

ac52fbf1765f633dbfc27f0e6256a82e5cc9cddc34c974af23995b38de2b41c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 6311
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:59:17 GMT
Server: Apache
ETag: "18a7-5fa1b47b25341"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82

GET
H/1.1 200
OK signature_pad.umd.js Show response
esf.mystaffsavvy.com/scripts/signature_pad/ 21 KB
22 KB 748ms
31ms Script
application/javascript 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/scripts/signature_pad/signature_pad.umd.js?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

1402c851b80cd4854af126b5978c436823a6302772730cf908766ffa5cf2e1b4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 21150
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:59:13 GMT
Server: Apache
ETag: "529e-5fa1b477b60eb"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=81

GET
H/1.1 200
OK foundation-datepicker.min.js Show response
esf.mystaffsavvy.com/scripts/datepicker/ 27 KB
28 KB 780ms
31ms Script
application/javascript 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/scripts/datepicker/foundation-datepicker.min.js?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

a77d1942209c6cfb4f7084e37cfadbe511b2f16bf270accc7f41c425232b2005

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 27510
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:59:11 GMT
Server: Apache
ETag: "6b76-5fa1b4757a487"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=80

GET
H/1.1 200
OK jquery.inputmask.min.js Show response
esf.mystaffsavvy.com/scripts/ 193 KB
195 KB 813ms
32ms Script
application/javascript 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/scripts/jquery.inputmask.min.js?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

f7b9cc954623a58e62d87826d24a760ae2b5ed51ad9326ee22363a797e69b102

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 197680
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:59:11 GMT
Server: Apache
ETag: "30430-5fa1b47510d09"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=79

GET
H/1.1 200
OK staffsavvy.js Show response
esf.mystaffsavvy.com/scripts/ 22 KB
24 KB 854ms
33ms Script
text/javascript 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/scripts/staffsavvy.js?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache / PHP/7.4.20

Resource Hash

00a0daac1ab35bb8dee723c7f775753cc324b7cab4d8acc0e7b077a72274202d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
X-Powered-By: PHP/7.4.20
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:59:10 GMT
Server: Apache
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript;charset=UTF-8
Cache-Control: public, max-age=10800
Keep-Alive: timeout=5, max=78
Expires: Mon, 22 May 2023 21:44:04 GMT

GET
H/1.1 200
OK 1-client-logo.png
esf.mystaffsavvy.com/local/ 25 KB
26 KB 32ms
32ms Image
image/png 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://esf.mystaffsavvy.com/local/1-client-logo.png

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

be1ab2365dd46bbb44d913d0571ac5402d733d46dc2d5d2b228856e403a6779b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 25154
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 26 Jan 2023 16:02:30 GMT
Server: Apache
ETag: "6242-5f32ce043b9e3"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=77

GET
H/1.1 200
OK 1-client-logo-dark.png
esf.mystaffsavvy.com/local/ 25 KB
26 KB 193ms
31ms Image
image/png 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://esf.mystaffsavvy.com/local/1-client-logo-dark.png

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

be1ab2365dd46bbb44d913d0571ac5402d733d46dc2d5d2b228856e403a6779b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 25154
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 26 Jan 2023 16:02:30 GMT
Server: Apache
ETag: "6242-5f32ce0438333"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72

GET
H/1.1 200
OK foundation.min.js Show response
esf.mystaffsavvy.com/style/base/foundation/js/vendor/ 505 KB
507 KB 64ms
32ms Script
application/javascript 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/style/base/foundation/js/vendor/foundation.min.js

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

e15a31e073c09eaf46c20dd31145300d5b2126bc12c91095629c3d02f4d4003e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 517465
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:59:32 GMT
Server: Apache
ETag: "7e559-5fa1b4893315f"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK staffsavvy-dark.png
esf.mystaffsavvy.com/images/ 2 KB
4 KB 215ms
31ms Image
image/png 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://esf.mystaffsavvy.com/images/staffsavvy-dark.png

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

7a09c41b44742847de9fe535c533610ef220b78fb163350fb3b97047186b1cac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 2262
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:58:45 GMT
Server: Apache
ETag: "8d6-5fa1b45c44755"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK staffsavvy-light.png
esf.mystaffsavvy.com/images/ 2 KB
3 KB 225ms
31ms Image
image/png 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://esf.mystaffsavvy.com/images/staffsavvy-light.png

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

9e129dff3e78dad31f45930158bd0f4ef9f2aae8445c3dd8cbb15019e7c3f531

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 1956
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:58:45 GMT
Server: Apache
ETag: "7a4-5fa1b45c5935c"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71

GET
H/1.1 200
OK print.css
esf.mystaffsavvy.com/style/base/ 0
2 KB 246ms
31ms Stylesheet
text/css 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/style/base/print.css?v=b642bf8acc

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/shifts/available

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/shifts/available
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:59:21 GMT
Server: Apache
ETag: "0-5fa1b47eb7bfe"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
DATA 200
OK truncated
/ 179 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34c2659fd8cefa81566bb68fd35fb0e6a2e91d76d0bdc35dbe3ec9f7bd57c833

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK login.png
esf.mystaffsavvy.com/images/ 643 B
2 KB 150ms
31ms Image
image/png 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://esf.mystaffsavvy.com/images/login.png

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/crew.css?v=b642bf8acc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

b2bfee734b1d0b849db3a3196c28d56e8d73c118feed8defb16c7cd67a8fc383

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://esf.mystaffsavvy.com/crew.css?v=b642bf8acc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Connection: Keep-Alive
Content-Length: 643
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 24 Apr 2023 20:58:40 GMT
Server: Apache
ETag: "283-5fa1b4578a426"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73

GET
H/1.1 200
OK 3A2A0E_2_0.woff2
esf.mystaffsavvy.com/style/base/webfonts/ 31 KB
32 KB 56ms
31ms Font
text/plain 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/style/base/webfonts/3A2A0E_2_0.woff2

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/style/layout.css?v=b642bf8acc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

71b013ab75f65110bd324c6deaa8d1314ceec9069721e7a09d3099e86807740b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://esf.mystaffsavvy.com/style/layout.css?v=b642bf8acc
Origin: https://esf.mystaffsavvy.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
Referrer-Policy: same-origin
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Last-Modified: Mon, 24 Apr 2023 20:59:23 GMT
Server: Apache
X-Content-Type-Options: nosniff
ETag: "7b59-5fa1b480783bd"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=76
Content-Length: 31577
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 3A2A0E_1_0.woff2
esf.mystaffsavvy.com/style/base/webfonts/ 29 KB
30 KB 89ms
32ms Font
text/plain 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/style/base/webfonts/3A2A0E_1_0.woff2

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/style/layout.css?v=b642bf8acc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

69410b08688518994443f6b2a09c4e4995410a08ad48231d0b6c2cc277f5c420

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://esf.mystaffsavvy.com/style/layout.css?v=b642bf8acc
Origin: https://esf.mystaffsavvy.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
Referrer-Policy: same-origin
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Last-Modified: Mon, 24 Apr 2023 20:59:22 GMT
Server: Apache
X-Content-Type-Options: nosniff
ETag: "727b-5fa1b4802c0ff"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 29307
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 3A2A0E_0_0.woff2
esf.mystaffsavvy.com/style/base/webfonts/ 30 KB
32 KB 121ms
31ms Font
text/plain 185.166.130.131
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://esf.mystaffsavvy.com/style/base/webfonts/3A2A0E_0_0.woff2

Requested by

Host: esf.mystaffsavvy.com
URL: https://esf.mystaffsavvy.com/style/layout.css?v=b642bf8acc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.166.130.131 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

185.166.130.131.srvlist.ukfast.net

Software

Apache /

Resource Hash

02a1922bab812a1c17d32156a5ff2ac2f996255cada96d9c58ea730bb07b6ff2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://esf.mystaffsavvy.com/style/layout.css?v=b642bf8acc
Origin: https://esf.mystaffsavvy.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 18:44:04 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
Referrer-Policy: same-origin
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.myinterview.com *.vimeo.com *.youtube.com *.youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net *.myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' *.googleapis.com *.myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' *.myinterview.com player.vimeo.com *.youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Last-Modified: Mon, 24 Apr 2023 20:59:22 GMT
Server: Apache
X-Content-Type-Options: nosniff
ETag: "79b2-5fa1b480034a7"
Expect-CT: max-age=86400,report-uri="https://smartblue.uriports.com/reports/report"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 31154
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.esf.mystaffsavvy.com/	1969-12-31 23:59:59	Name: sbsavvy-080a64a08a Value: acb0o8h9ssikqh56jlq80d3alb

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .myinterview.com .vimeo.com .youtube.com .youtu.be; frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .googleapis.com hello.myfonts.net embed.myinterview.com fonts.googleapis.com www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; style-src 'self' 'unsafe-inline' hello.myfonts.net .myinterview.com; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; connect-src 'self' .googleapis.com .myinterview.com hello.myfonts.net www.google.com ajax.googleapis.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com; media-src 'self' player.vimeo.com blob:; object-src 'self' ; child-src 'none' ; frame-src 'self' .myinterview.com player.vimeo.com .youtube.com; worker-src 'self' www.gstatic.com ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://smartblue.uriports.com/reports/report; report-to default;
Strict-Transport-Security	max-age=7776000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

esf.mystaffsavvy.com
www.google.com
www.gstatic.com
185.166.130.131
2a00:1450:4001:806::2004
2a00:1450:4001:829::2003
00a0daac1ab35bb8dee723c7f775753cc324b7cab4d8acc0e7b077a72274202d
02a1922bab812a1c17d32156a5ff2ac2f996255cada96d9c58ea730bb07b6ff2
1402c851b80cd4854af126b5978c436823a6302772730cf908766ffa5cf2e1b4
1b09f973faf4576d3f1bb32ab9628493f609e85ee8eb94fee25dc0cd01071aaf
239ca489071c66cbd6b4a5a56e5e4e4252eeb27d801249a9f03b03cf885be15c
2440de1f758382232497154bd72e0b77885c307d6067e68cc3f53583395170c2
29a2a59e3b2cf3a8bed88de085e251c6fef24ea4be0b28317dd1083fdd0e4a7b
2a465f2088bcb5cb745e9f34dce15dd4a297f553454294efcf3435e31637ee02
34c2659fd8cefa81566bb68fd35fb0e6a2e91d76d0bdc35dbe3ec9f7bd57c833
35f0945e8b89a339eaf13026cb1bf44d38e9a4de039c6cad0c3a6fc2dc5c874f
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
3fb004efbc2979cc844f9b1ba8eea698d4cc2b66db5dda17825afde76f6738dd
5324a34dd647d22e9b7db0129d53271d5901d370b5462bff16dd0aaf14bf6a4a
69410b08688518994443f6b2a09c4e4995410a08ad48231d0b6c2cc277f5c420
7150dbb9cf13942d584b357c3945332ab3ca4b19c2649a1ff1d244abe9f4e721
71b013ab75f65110bd324c6deaa8d1314ceec9069721e7a09d3099e86807740b
730311fe453cbf37f68fefd56fee3530a4722ed549aa300699979fbeef6b0e0f
7912a94bf75358d6a84708f89485cb58c79ef5fc1ce52d8e4e67b8d47f01b49e
7a09c41b44742847de9fe535c533610ef220b78fb163350fb3b97047186b1cac
94aff76ffe1ac73708fa70e9a299050526310e0812f192a0a0798f058dc414dd
95e3711ff79275c8030e7255bff192ba9f8dddd1013a5e4ee3b7376d94367dca
9e129dff3e78dad31f45930158bd0f4ef9f2aae8445c3dd8cbb15019e7c3f531
a77d1942209c6cfb4f7084e37cfadbe511b2f16bf270accc7f41c425232b2005
ac52fbf1765f633dbfc27f0e6256a82e5cc9cddc34c974af23995b38de2b41c4
b2bfee734b1d0b849db3a3196c28d56e8d73c118feed8defb16c7cd67a8fc383
b795a44fdbe536f4259002e184d0aba921f45b0de3c99c3cd45d604a732509dd
be1ab2365dd46bbb44d913d0571ac5402d733d46dc2d5d2b228856e403a6779b
c8c84bffe3544eeae03b1099370b72a0f5b914352c982964bb0f76737dbeeef7
e15a31e073c09eaf46c20dd31145300d5b2126bc12c91095629c3d02f4d4003e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed200dc7aebdca002acc6aac3d4d9c52ebd5ac56cd173d25035286edefc05440
f0a0e4253b89d13a4b64796c74b0801d310b761cf0d200188eb06b0f0a3a9202
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f7b9cc954623a58e62d87826d24a760ae2b5ed51ad9326ee22363a797e69b102
fc51380c10f826db776db2574c139287f97ee42fee7c4e839fdbc42e8a95905e

esf.mystaffsavvy.com Open in urlscan Pro 185.166.130.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

36 Requests

97 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

1954 kBTransfer

1991 kBSize

1 Cookies

4 Outgoing links

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

esf.mystaffsavvy.com Open in urlscan Pro
185.166.130.131 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

97 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1954 kB
Transfer

1991 kB
Size

1
Cookies

36 HTTP transactions
1 data transactions