urlscan.io logo urlscan.io
SecurityTrails logo

www.resumehelp.com Open in urlscan Pro
52.228.84.35  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.resumehelp.com/mobile/resume/finalize/12682306
Effective URL: https://www.resumehelp.com/user/login
Submission Tags: falconsandbox
Submission: On September 03 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 15 domains to perform 39 HTTP transactions. The main IP is 52.228.84.35, located in Toronto, Canada and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.resumehelp.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 5th 2020. Valid for: a year.
This is the only time www.resumehelp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    52.228.84.35 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.resumehelp.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
cdnprod4.resumehelp.com
cdnprod3.resumehelp.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    18.66.110.125 (United States)

ASN16509 (AMAZON-02, US)
cdn.segment.com
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
1    54.200.110.219 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-110-219.us-west-2.compute.amazonaws.com
api.segment.io
1    18.66.97.26 (United States)

ASN16509 (AMAZON-02, US)
cdn.getblueshift.com
1    2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    63.33.186.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-186-64.eu-west-1.compute.amazonaws.com
seal.digicert.com
2    2a00:1450:4001:828::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    35.190.25.25 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 25.25.190.35.bc.googleusercontent.com
api-js.mixpanel.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
1    52.40.5.227 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-5-227.us-west-2.compute.amazonaws.com
api.getblueshift.com
Domain Requested by
4 fonts.gstatic.com fonts.googleapis.com
4 cdnprod4.resumehelp.com www.resumehelp.com
cdnprod4.resumehelp.com
4 www.resumehelp.com 2 redirects ajax.googleapis.com
3 cdnprod3.resumehelp.com www.resumehelp.com
2 www.google.de
2 www.google.com
2 accounts.google.com apis.google.com
ssl.gstatic.com
2 seal.digicert.com www.resumehelp.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com cdnprod3.resumehelp.com
www.googletagmanager.com
2 apis.google.com cdnprod3.resumehelp.com
apis.google.com
1 api.getblueshift.com cdn.getblueshift.com
1 ssl.gstatic.com accounts.google.com
1 api-js.mixpanel.com cdn.mxpnl.com
1 cdn.mxpnl.com cdn.segment.com
1 cdn.getblueshift.com cdn.segment.com
1 api.segment.io cdn.segment.com
1 www.googleadservices.com www.googletagmanager.com
1 cdn.segment.com cdnprod3.resumehelp.com
1 ajax.googleapis.com www.resumehelp.com
1 fonts.googleapis.com www.resumehelp.com
39 22

This site contains no links.

Subject Issuer Validity Valid
*.resumehelp.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-16 -
2021-11-08		 3 months crt.sh
sni22f41gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-20 -
2021-11-30		 a year crt.sh
sni22f3dgl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-20 -
2021-11-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.segment.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-19 -
2022-08-09		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.getblueshift.com
Amazon		 2020-10-06 -
2021-11-06		 a year crt.sh
*.mxpnl.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-07-15 -
2022-07-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
seal.digicert.com
DigiCert SHA2 Secure Server CA		 2020-03-30 -
2022-06-03		 2 years crt.sh
accounts.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.mixpanel.com
GeoTrust RSA CA 2018		 2020-04-20 -
2022-04-21		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://www.resumehelp.com/user/login
Frame ID: EC34D7D7BF10D9028018798B8C7C8CEC
Requests: 33 HTTP requests in this frame

Frame: https://www.resumehelp.com/app/Norton
Frame ID: BBD14F07C426E81CD3BA8571F862B5C2
Requests: 3 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: AA6B5A72987FB727FBA5467464F5B10B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login | ResumeHelp

Page URL History Show full URLs

  1. https://www.resumehelp.com/mobile/resume/finalize/12682306 HTTP 302
    https://www.resumehelp.com/mobile/user/login?ReturnUrl=%2Fmobile%2Fresume%2Ffinalize%2F12682306 HTTP 302
    https://www.resumehelp.com/user/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /cdn\.segment\.com\/analytics\.js/i

Page Statistics

39
Requests

100 %
HTTPS

64 %
IPv6

15
Domains

22
Subdomains

22
IPs

4
Countries

500 kB
Transfer

1644 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.resumehelp.com/mobile/resume/finalize/12682306 HTTP 302
    https://www.resumehelp.com/mobile/user/login?ReturnUrl=%2Fmobile%2Fresume%2Ffinalize%2F12682306 HTTP 302
    https://www.resumehelp.com/user/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
www.resumehelp.com/user/
Redirect Chain
  • https://www.resumehelp.com/mobile/resume/finalize/12682306
  • https://www.resumehelp.com/mobile/user/login?ReturnUrl=%2Fmobile%2Fresume%2Ffinalize%2F12682306
  • https://www.resumehelp.com/user/login
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.resumehelp.com/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.228.84.35 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
93332e456590ca218420e38ea69309ca0c304112eeb6331486fd9c4bebe0134f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.resumehelp.com
:scheme
https
:path
/user/login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uip=%7b%22ip%22%3a%22185.236.201.226%22%2c%22c_c%22%3a%22CH%22%2c%22r_c%22%3a%22ZH%22%2c%22city%22%3a%22Zurich%22%2c%22zip%22%3a%228010%22%2c%22ct_c%22%3a%22EU%22%7d; sgid=fcd6f883-9586-4cac-a056-8c748ed2dc6e; visit_utms=#####; bgid=0e78b101-ae43-4747-9366-a762d9542dee; dvc=d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cache-control
public, no-store, max-age=0
content-length
5603
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
Fri, 03 Sep 2021 14:16:37 GMT
last-modified
Fri, 03 Sep 2021 14:16:37 GMT
vary
*,User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; redirectHttpToHttps
date
Fri, 03 Sep 2021 14:16:37 GMT

Redirect headers

cache-control
public, no-store, max-age=0
content-length
154
content-type
text/html; charset=utf-8
expires
Fri, 03 Sep 2021 14:16:37 GMT
last-modified
Fri, 03 Sep 2021 14:16:37 GMT
location
https://www.resumehelp.com/user/login
vary
*,User-Agent
set-cookie
dvc=d; path=/; secure; HttpOnly; SameSite=Lax
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; redirectHttpToHttps
date
Fri, 03 Sep 2021 14:16:37 GMT
css
fonts.googleapis.com/ 		14 KB
1018 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap
Requested by
Host: www.resumehelp.com
URL: https://www.resumehelp.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6542a230e1b1f3d11cec9d86e1cf73bfe25694b7e498117ef185ba90ec587a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 03 Sep 2021 14:16:38 GMT
server
ESF
date
Fri, 03 Sep 2021 14:16:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Sep 2021 14:16:38 GMT
base.min.css
cdnprod4.resumehelp.com/distcss/ 		167 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnprod4.resumehelp.com/distcss/base.min.css?v=1670
Requested by
Host: www.resumehelp.com
URL: https://www.resumehelp.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F6D) /
Resource Hash
db01f54fa444a00c049538a3f68650826b76a9789fe03f999a37b6333cd23d3b

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 03 Sep 2021 14:16:38 GMT
content-encoding
gzip
content-md5
5OyWAl91WVCIw9/MwSDHEA==
age
191209
x-cache
HIT
content-length
26371
x-ms-lease-status
unlocked
last-modified
Tue, 31 Aug 2021 11:00:20 GMT
server
ECAcc (frc/8F6D)
etag
0x8D96C6E86457A3E
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
96fcef38-901e-0021-6511-9f5bc9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1036800
x-ms-version
2009-09-19
expires
Wed, 15 Sep 2021 14:16:38 GMT
main.min.css
cdnprod4.resumehelp.com/distcss/ 		201 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnprod4.resumehelp.com/distcss/main.min.css?v=1670
Requested by
Host: www.resumehelp.com
URL: https://www.resumehelp.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FCB) /
Resource Hash
a39ea618f3c16c11d9300c1d714a4255a3a64d520eb5d2241c43f0b73cab76f6

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 03 Sep 2021 14:16:38 GMT
content-encoding
gzip
content-md5
EqkHgmNaG6gakkm/znMnlA==
age
190867
x-cache
HIT
content-length
29381
x-ms-lease-status
unlocked
last-modified
Tue, 31 Aug 2021 11:00:21 GMT
server
ECAcc (frc/8FCB)
etag
0x8D96C6E86D354B0
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
dcaf8741-501e-0073-5911-9f2721000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1036800
x-ms-version
2009-09-19
expires
Wed, 15 Sep 2021 14:16:38 GMT
rh-logo.svg
cdnprod4.resumehelp.com/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnprod4.resumehelp.com/img/rh-logo.svg?v=1670
Requested by
Host: www.resumehelp.com
URL: https://www.resumehelp.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F06) /
Resource Hash
b80bb1b8cd4953db897490cc555ffbcc5c76a29c667489f07005ac299be4ed55

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 03 Sep 2021 14:16:38 GMT
content-encoding
gzip
content-md5
kRfE4SPc6TvTptZgQr19kw==
age
191203
x-cache
HIT
content-length
910
x-ms-lease-status
unlocked
last-modified
Tue, 31 Aug 2021 11:00:10 GMT
server
ECAcc (frc/8F06)
etag
0x8D96C6E802E2863
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
91f06f31-f01e-0027-6011-9f6876000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1036800
x-ms-version
2009-09-19
expires
Wed, 15 Sep 2021 14:16:38 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Requested by
Host: www.resumehelp.com
URL: https://www.resumehelp.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 17:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30211
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Aug 2022 17:32:20 GMT
app.min.js
cdnprod3.resumehelp.com/distjs/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnprod3.resumehelp.com/distjs/app.min.js?v=1670
Requested by
Host: www.resumehelp.com
URL: https://www.resumehelp.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E9B) /
Resource Hash
0cd6bd563433e022232c012b8de600a68054fe3bc3ab49c1b166d8b3ac6dfdf7

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 03 Sep 2021 14:16:38 GMT
content-encoding
gzip
content-md5
dHibGvnm9dyB/b63CdNbgw==
age
191203
x-cache
HIT
content-length
5147
x-ms-lease-status
unlocked
last-modified
Tue, 31 Aug 2021 11:00:06 GMT
server
ECAcc (frc/8E9B)
etag
0x8D96C6E7DD4D862
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
24f4d573-f01e-006a-3511-9fa79a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1036800
x-ms-version
2009-09-19
expires
Wed, 15 Sep 2021 14:16:38 GMT
signin.min.js
cdnprod3.resumehelp.com/distjs/user/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnprod3.resumehelp.com/distjs/user/signin.min.js?v=1670
Requested by
Host: www.resumehelp.com
URL: https://www.resumehelp.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA9) /
Resource Hash
01d212818025437d7bcdb3d352db256fe4a5975c700334999f918982b0ca3fc4

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 03 Sep 2021 14:16:38 GMT
content-encoding
gzip
content-md5
mTBt3bclpHJOg33puLTQ0g==
age
187534
x-cache
HIT
content-length
1449
x-ms-lease-status
unlocked
last-modified
Tue, 31 Aug 2021 11:00:07 GMT
server
ECAcc (frc/8FA9)
etag
0x8D96C6E7ECA12A2
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
3e153bb3-d01e-006d-6819-9fcbf9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1036800
x-ms-version
2009-09-19
expires
Wed, 15 Sep 2021 14:16:38 GMT
validation.min.js
cdnprod3.resumehelp.com/distjs/common/ 		2 KB
810 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnprod3.resumehelp.com/distjs/common/validation.min.js?v=1670
Requested by
Host: www.resumehelp.com
URL: https://www.resumehelp.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E93) /
Resource Hash
7153d867eadf9cbca2f924ca63ad10d195ae75f97faaf04e613a8d8a27909c8e

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 03 Sep 2021 14:16:38 GMT
content-encoding
gzip
content-md5
rYmPS/cXCipGkEIy8aJ/Gg==
age
190061
x-cache
HIT
content-length
682
x-ms-lease-status
unlocked
last-modified
Tue, 31 Aug 2021 11:00:06 GMT
server
ECAcc (frc/8E93)
etag
0x8D96C6E7E0C9429
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
cdf35b79-501e-005c-1c13-9f2aea000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1036800
x-ms-version
2009-09-19
expires
Wed, 15 Sep 2021 14:16:38 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.resumehelp.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 16:33:03 GMT
x-content-type-options
nosniff
age
510215
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:17 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Aug 2022 16:33:03 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.resumehelp.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 11:01:27 GMT
x-content-type-options
nosniff
age
11711
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Sep 2022 11:01:27 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.resumehelp.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 14:37:31 GMT
x-content-type-options
nosniff
age
257947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Aug 2022 14:37:31 GMT
fa-regular-400.woff2
cdnprod4.resumehelp.com/fonts/webfonts/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnprod4.resumehelp.com/fonts/webfonts/fa-regular-400.woff2
Requested by
Host: cdnprod4.resumehelp.com
URL: https://cdnprod4.resumehelp.com/distcss/base.min.css?v=1670
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F1E) /
Resource Hash
96d353680a4b4c7879028bc5cebabce51d46f61bcceaf68d98f7f32efeb0b5a3

Request headers

Origin
https://www.resumehelp.com
Referer
https://cdnprod4.resumehelp.com/distcss/base.min.css?v=1670
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 03 Sep 2021 14:16:38 GMT
content-md5
Y1XrLuwubbWGe3nu2xd6Iw==
age
191198
x-cache
HIT
content-length
5680
x-ms-lease-status
unlocked
last-modified
Tue, 31 Aug 2021 11:00:06 GMT
server
ECAcc (frc/8F1E)
etag
0x8D96C6E7DBE17FD
content-type
application/font-woff2
access-control-allow-origin
*
x-ms-request-id
cb77e721-401e-006f-1b11-9f7541000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1036800
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Wed, 15 Sep 2021 14:16:38 GMT
platform.js
apis.google.com/js/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: cdnprod3.resumehelp.com
URL: https://cdnprod3.resumehelp.com/distjs/app.min.js?v=1670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ccf992272ca07210a1730647f576070cb2f84d25fb83cda6841fc8149a9c75c2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GF280cbRqLCE9JSN2o5CWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 14:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"328ceb56a412d80ce2a0e35ff577142d"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-GF280cbRqLCE9JSN2o5CWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Fri, 03 Sep 2021 14:16:38 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/hBgFpsIDwQZCp2RvTBs9pBA4lAgCf7d5/ 		366 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/hBgFpsIDwQZCp2RvTBs9pBA4lAgCf7d5/analytics.min.js
Requested by
Host: cdnprod3.resumehelp.com
URL: https://cdnprod3.resumehelp.com/distjs/app.min.js?v=1670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13ad1adc4e756066815b3bf985128ad1739479df079b582eff0ccf54adae6bea

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
obfvJb8TSaCIKYiIuUsvT3huglwkiGmM
content-encoding
br
etag
W/"9b0c4fb7a40ee02e714e903f2c7e4206"
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Mon, 30 Aug 2021 21:47:06 GMT
server
AmazonS3
date
Fri, 03 Sep 2021 14:16:38 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-id
Btwx9wdFj0e4U3J55aWzuQkbcnxeU-x6y-oNhzQQr_BEgDw-GXLzHg==
gtm.js
www.googletagmanager.com/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KDF4Z7
Requested by
Host: cdnprod3.resumehelp.com
URL: https://cdnprod3.resumehelp.com/distjs/app.min.js?v=1670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
42af7ef226144f1c69950329bb0083da469c183ab47e94e8acc613d486458013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 14:16:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43475
x-xss-protection
0
last-modified
Fri, 03 Sep 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 03 Sep 2021 14:16:38 GMT
Norton
www.resumehelp.com/app/ Frame BBD1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.resumehelp.com/app/Norton
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.228.84.35 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
093e15e3e105a4f8bcec11723f92e1a5dc1d420d67e0c68da85e61ada4e0ee26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.resumehelp.com
:scheme
https
:path
/app/Norton
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.resumehelp.com/user/login
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uip=%7b%22ip%22%3a%22185.236.201.226%22%2c%22c_c%22%3a%22CH%22%2c%22r_c%22%3a%22ZH%22%2c%22city%22%3a%22Zurich%22%2c%22zip%22%3a%228010%22%2c%22ct_c%22%3a%22EU%22%7d; sgid=fcd6f883-9586-4cac-a056-8c748ed2dc6e; visit_utms=#####; bgid=0e78b101-ae43-4747-9366-a762d9542dee; dvc=d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.resumehelp.com/user/login

Response headers

cache-control
private
content-length
982
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; redirectHttpToHttps
date
Fri, 03 Sep 2021 14:16:38 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDF4Z7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
2659
date
Fri, 03 Sep 2021 13:32:19 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 03 Sep 2021 15:32:19 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-784142493
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDF4Z7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
04f4b6629233a3e497711e155d0404f36c3ce827890f8a01d74e57c0b4f71e02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 14:16:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39265
x-xss-protection
0
last-modified
Fri, 03 Sep 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 03 Sep 2021 14:16:38 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=524101569&t=pageview&_s=1&dl=https%3A%2F%2Fwww.resumehelp.com%2Fuser%2Flogin&ul=en-us&de=UTF-8&dt=Login%20%7C%20ResumeHelp&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=844297888&gjid=42484832&cid=326460859.1630678598&tid=UA-45869953-5&_gid=1814885960.1630678598&_r=1&gtm=2wg910KDF4Z7&z=962695151
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Sep 2021 14:16:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.resumehelp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-784142493
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
1adc98973162d5aec9e27c220cbdb0092fb8d04d190e56ce089711e5609e5b25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 14:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14083
x-xss-protection
0
server
cafe
etag
13177423305000407383
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 14:16:38 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.UYHeVG_mX5s.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPDcESMLF74mIvk5CKxuCjzYIf5XA/ 		138 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.UYHeVG_mX5s.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPDcESMLF74mIvk5CKxuCjzYIf5XA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
417a593ea7200afcd86cbb04b96a05793311a477c34c760f299f2186574d9975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 14:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
604195
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47448
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 18:17:31 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 14:26:43 GMT
p
api.segment.io/v1/ 		21 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/hBgFpsIDwQZCp2RvTBs9pBA4lAgCf7d5/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.200.110.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-110-219.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.resumehelp.com
date
Fri, 03 Sep 2021 14:16:38 GMT
content-length
21
vary
Origin
content-type
application/json
blueshift.js
cdn.getblueshift.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getblueshift.com/blueshift.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/hBgFpsIDwQZCp2RvTBs9pBA4lAgCf7d5/analytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d48bba452ea39da370d7427cd3e52da7edc72d2f4f7fce5ac5b75caab213d918

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 03 Sep 2021 13:21:36 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 16 Aug 2021 21:35:46 GMT
Server
AmazonS3
Age
3302
ETag
"250477885b6aefaadaf146b9f311ccd0"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
X-Amz-Cf-Pop
FRA56-P2
Accept-Ranges
bytes
Content-Length
1971
X-Amz-Cf-Id
giuJTHSl-N3w6Pp4qsjk8o6FfO6LVH_2qgsIuWv0xl2CLuc7YcgWfA==
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/hBgFpsIDwQZCp2RvTBs9pBA4lAgCf7d5/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 14:09:24 GMT
content-encoding
gzip
age
434
x-guploader-uploadid
ADPycdts0ilIyngbsRd8XTrxF9vWM5MXw5yI9juEP5jogq-g7N0BNMFO5SD7GQmzkl4lkDoAXOEdI93bdrG53Gi6kgE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
25572
last-modified
Thu, 28 Jan 2021 18:21:54 GMT
server
UploadServer
etag
"765779983eed1c9fc2821b4507eea08b"
vary
Accept-Encoding
x-goog-hash
crc32c=kP//+g==, md5=dld5mD7tHJ/CghtFB+6giw==
x-goog-generation
1611858114590219
access-control-allow-origin
*
cache-control
public,max-age=600
x-goog-stored-content-length
25572
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 03 Sep 2021 14:19:24 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/784142493/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784142493/?random=1630678598304&cv=9&fst=1630678598304&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.resumehelp.com%2Fuser%2Flogin&tiba=Login%20%7C%20ResumeHelp&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab30317fb86cf68ee52bf105f45747d55b515222398c09ec3caf8929cefaf9f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Sep 2021 14:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1032
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/784142493/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784142493/?random=1630678598306&cv=9&fst=1630678598306&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&ig=1&data=event%3Dpage_view%3BuserId%3D&frm=0&url=https%3A%2F%2Fwww.resumehelp.com%2Fuser%2Flogin&tiba=Login%20%7C%20ResumeHelp&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
848fccf1fd7f82cd6753be2c6ef9404b1dab714a6189c4fd88d7685c3612d19d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Sep 2021 14:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1035
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
seal.min.js
seal.digicert.com/seals/cascade/ Frame BBD1 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://seal.digicert.com/seals/cascade/seal.min.js
Requested by
Host: www.resumehelp.com
URL: https://www.resumehelp.com/app/Norton
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-186-64.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
277b0281ce8610bb77c2a8332c8544d26fa6ae6c6a29dd9418a3805d92a6ac14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 03 Sep 2021 14:16:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 02 Sep 2021 21:55:01 GMT
Server
nginx
ETag
W/"1df4-5cb0a3c0ab740"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
iframe
accounts.google.com/o/oauth2/ Frame AA6B 		513 B
925 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.UYHeVG_mX5s.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPDcESMLF74mIvk5CKxuCjzYIf5XA/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8a5baf1640fa2d8099a00b39f8aba88bd37eb26cd1da42473491c97ac88ece68
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AtDDlLm8FSGsyENX+QmYfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.resumehelp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=222=XoY0m-FWdigbUAM0O6rVgYceFaoDe7INpsAlQducuhwvPix8FJrUrvJBv28e7xd0_gEL8fDThdSzAktwZ4WHcc2enhX-Z-lqhEBCQDpBSGSQTNVtVukeqCFCIzApewUlpRMx1RHVIj2SkmxUpJa_Rfk5P-f61X0yv6yg_p4zkvU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.resumehelp.com/

Response headers

content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 03 Sep 2021 14:16:38 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-AtDDlLm8FSGsyENX+QmYfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.resumehelp.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 14:31:21 GMT
x-content-type-options
nosniff
age
517517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Aug 2022 14:31:21 GMT
/
www.google.com/pagead/1p-user-list/784142493/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/784142493/?random=1630678598306&cv=9&fst=1630677600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dpage_view%3BuserId%3D&frm=0&url=https%3A%2F%2Fwww.resumehelp.com%2Fuser%2Flogin&tiba=Login%20%7C%20ResumeHelp&async=1&fmt=3&is_vtc=1&random=475001111&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Sep 2021 14:16:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/784142493/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/784142493/?random=1630678598306&cv=9&fst=1630677600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dpage_view%3BuserId%3D&frm=0&url=https%3A%2F%2Fwww.resumehelp.com%2Fuser%2Flogin&tiba=Login%20%7C%20ResumeHelp&async=1&fmt=3&is_vtc=1&random=475001111&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Sep 2021 14:16:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/784142493/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/784142493/?random=1630678598304&cv=9&fst=1630677600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.resumehelp.com%2Fuser%2Flogin&tiba=Login%20%7C%20ResumeHelp&async=1&fmt=3&is_vtc=1&random=4081205353&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Sep 2021 14:16:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/784142493/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/784142493/?random=1630678598304&cv=9&fst=1630677600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.resumehelp.com%2Fuser%2Flogin&tiba=Login%20%7C%20ResumeHelp&async=1&fmt=3&is_vtc=1&random=4081205353&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Sep 2021 14:16:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api-js.mixpanel.com/track/ 		1 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?ip=1&_=1630678598350
Requested by
Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.25.190.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
date
Fri, 03 Sep 2021 14:16:38 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.resumehelp.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
alt-svc
clear
content-length
1
4172457829-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame AA6B 		116 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/4172457829-idpiframe.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b7e6f2bcc8414315f6758234e5c93075673eab353d4f50161a386cefb352704
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 10:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40512
x-xss-protection
0
last-modified
Fri, 27 Aug 2021 00:29:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Sep 2022 10:49:53 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame AA6B 		14 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.resumehelp.com&client_id=926120555361-kdhncgktg3n6ocuudoket9sg3i0t60m9.apps.googleusercontent.com
Requested by
Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/4172457829-idpiframe.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-Requested-With
XmlHttpRequest

Response headers

date
Fri, 03 Sep 2021 14:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Fri, 03 Sep 2021 15:16:38 GMT
/
seal.digicert.com/seals/cascade/ Frame BBD1 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://seal.digicert.com/seals/cascade/?tag=_fTDz3y4&referer=www.resumehelp.com&format=png&lang=en&an=min
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-186-64.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
235371dc600b7af64ae4cb18d2d4c8cb031ea71070dda334220a547f2572eb99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 03 Sep 2021 14:16:38 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 03 Sep 2021 00:00:00 +0000
Server
nginx
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-control
max-age=86400
Connection
keep-alive
Content-Length
4359
X-XSS-Protection
1; mode=block, 1; mode=block
Expires
Sat, 04 Sep 2021 04:30:48 +0000
unity.gif
api.getblueshift.com/ 		42 B
992 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.getblueshift.com/unity.gif?t=1630678599&e=pageload&r=&z=700822&x=a5376bc03794ca55404134c73d390e06&k=c627bd7d-ffde-4a0e-a1f5-1522407ae52f&u=https%3A%2F%2Fwww.resumehelp.com%2Fuser%2Flogin&Portal=ResumeHelp&Platform=Web&Login_Status=FALSE&Visitor_Type=Returning&url=https%3A%2F%2Fwww.resumehelp.com%2Fuser%2Flogin&path=%2Fuser%2Flogin&referrer=&search=&title=Login%20%7C%20ResumeHelp&_bsft_source=segment.com&anonymousId=2e6e63fc-13cf-43c7-bddd-4b5fc774cfbb&category=&name=
Requested by
Host: cdn.getblueshift.com
URL: https://cdn.getblueshift.com/blueshift.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.5.227 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-5-227.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.resumehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 14:16:39 GMT
x-content-type-options
nosniff
access-control-allow-origin
*
content-transfer-encoding
binary
content-disposition
inline; filename="unity.gif"
x-xss-protection
1; mode=block
x-request-id
d20f645c-f49d-49b1-8745-cda1a39ad651
x-runtime
0.013948
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS, HEAD
content-type
image/gif
pragma
no-cache
access-control-expose-headers
ETag
cache-control
no-cache, no-store
access-control-allow-headers
*,x-requested-with,Content-Type,If-Modified-Since,If-None-Match
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| RB3 function| $ function| jQuery function| lazyloadImages function| onSignIn object| analytics object| dataLayer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| gtag object| gapi object| ___jsl object| blueshift string| _blueshiftid object| mixpanel function| normalize function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| osapi string| req string| v object| xhr

5 Cookies

Domain/Path Name / Value
www.resumehelp.com/ Name: dvc
Value: d
www.resumehelp.com/ Name: visit_utms
Value: #####
.resumehelp.com/ Name: bgid
Value: 0e78b101-ae43-4747-9366-a762d9542dee
.resumehelp.com/ Name: sgid
Value: fcd6f883-9586-4cac-a056-8c748ed2dc6e
.resumehelp.com/ Name: uip
Value: %7b%22ip%22%3a%22185.236.201.226%22%2c%22c_c%22%3a%22CH%22%2c%22r_c%22%3a%22ZH%22%2c%22city%22%3a%22Zurich%22%2c%22zip%22%3a%228010%22%2c%22ct_c%22%3a%22EU%22%7d

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ajax.googleapis.com
api-js.mixpanel.com
api.getblueshift.com
api.segment.io
apis.google.com
cdn.getblueshift.com
cdn.mxpnl.com
cdn.segment.com
cdnprod3.resumehelp.com
cdnprod4.resumehelp.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
seal.digicert.com
ssl.gstatic.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.resumehelp.com
142.250.185.226
18.66.110.125
18.66.97.26
2600:1901:0:bc29::
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:800::2003
2a00:1450:4001:803::2003
2a00:1450:4001:803::200e
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2008
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::200d
2a00:1450:4001:829::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
35.190.25.25
52.228.84.35
52.40.5.227
54.200.110.219
63.33.186.64
01d212818025437d7bcdb3d352db256fe4a5975c700334999f918982b0ca3fc4
04f4b6629233a3e497711e155d0404f36c3ce827890f8a01d74e57c0b4f71e02
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
093e15e3e105a4f8bcec11723f92e1a5dc1d420d67e0c68da85e61ada4e0ee26
0cd6bd563433e022232c012b8de600a68054fe3bc3ab49c1b166d8b3ac6dfdf7
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13ad1adc4e756066815b3bf985128ad1739479df079b582eff0ccf54adae6bea
1adc98973162d5aec9e27c220cbdb0092fb8d04d190e56ce089711e5609e5b25
235371dc600b7af64ae4cb18d2d4c8cb031ea71070dda334220a547f2572eb99
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
277b0281ce8610bb77c2a8332c8544d26fa6ae6c6a29dd9418a3805d92a6ac14
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
417a593ea7200afcd86cbb04b96a05793311a477c34c760f299f2186574d9975
42af7ef226144f1c69950329bb0083da469c183ab47e94e8acc613d486458013
6542a230e1b1f3d11cec9d86e1cf73bfe25694b7e498117ef185ba90ec587a38
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
7153d867eadf9cbca2f924ca63ad10d195ae75f97faaf04e613a8d8a27909c8e
7b7e6f2bcc8414315f6758234e5c93075673eab353d4f50161a386cefb352704
848fccf1fd7f82cd6753be2c6ef9404b1dab714a6189c4fd88d7685c3612d19d
8a5baf1640fa2d8099a00b39f8aba88bd37eb26cd1da42473491c97ac88ece68
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
93332e456590ca218420e38ea69309ca0c304112eeb6331486fd9c4bebe0134f
96d353680a4b4c7879028bc5cebabce51d46f61bcceaf68d98f7f32efeb0b5a3
a39ea618f3c16c11d9300c1d714a4255a3a64d520eb5d2241c43f0b73cab76f6
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ab30317fb86cf68ee52bf105f45747d55b515222398c09ec3caf8929cefaf9f2
b80bb1b8cd4953db897490cc555ffbcc5c76a29c667489f07005ac299be4ed55
ccf992272ca07210a1730647f576070cb2f84d25fb83cda6841fc8149a9c75c2
d48bba452ea39da370d7427cd3e52da7edc72d2f4f7fce5ac5b75caab213d918
db01f54fa444a00c049538a3f68650826b76a9789fe03f999a37b6333cd23d3b
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62