employee-screening.org Open in urlscan Pro
162.253.54.78 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://employee-screening.org/
Submission: On August 30 via automatic, source certstream-suspicious (August 30th 2020, 1:09:52 am UTC)

Summary HTTP 25 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 6 domains to perform 25 HTTP transactions. The main IP is 162.253.54.78, located in Canada and belongs to AS33028, CA. The main domain is employee-screening.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 30th 2020. Valid for: 3 months.

This is the only time employee-screening.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	162.253.54.78 162.253.54.78	33028 (AS33028) (AS33028)
2	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
25	4

12 162.253.54.78 (Canada)

ASN33028 (AS33028, CA)
PTR: compute-162-253-54-78.ca-ymq-1.vexxhost.net

employee-screening.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	employee-screening.org employee-screening.org	79 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	142 KB
4	doubleclick.net googleads.g.doubleclick.net
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	890 B
1	google.de adservice.google.de	890 B
25	6

	Domain	Requested by
12	employee-screening.org	employee-screening.org
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	pagead2.googlesyndication.com	employee-screening.org pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
25	7

This site contains links to these domains. Also see Links.

Domain
www.employee-screening.org

Subject Issuer	Validity	Valid
*.baltimore-plumbing.com Let's Encrypt Authority X3	`2020-08-30` - `2020-11-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://employee-screening.org/
Frame ID: B285B2396255F50118AFECB34FD21744
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200826/r20190131/zrt_lookup.html
Frame ID: C4C606CE03D40D6EA1195B262D05DD74
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7659144104460700&output=html&h=280&slotname=9735479648&adk=2694479662&adf=2228478200&w=336&lmt=1578778123&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Femployee-screening.org%2F&flash=0&wgl=1&adsid=NT&dt=1598749774866&bpp=18&bdt=54&idt=126&shv=r20200826&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1441199957245&frm=20&pv=2&ga_vid=1320306440.1598749775&ga_sid=1598749775&ga_hid=1349139751&ga_fc=0&iag=0&icsg=682&dssz=7&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=425&ady=926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530622%2C44723322%2C21066467%2C21066923%2C21066807&oid=3&pvsid=2704978318719923&pem=821&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GL04gnISTS&p=https%3A//employee-screening.org&dtd=150
Frame ID: E26E0F5ECE53F69AF43D1E761FF26F49
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7659144104460700&output=html&h=600&slotname=3688946045&adk=1901520341&adf=2702258891&w=160&lmt=1578778123&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=https%3A%2F%2Femployee-screening.org%2F&flash=0&wgl=1&adsid=NT&dt=1598749774884&bpp=3&bdt=72&idt=145&shv=r20200826&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=1441199957245&frm=20&pv=1&ga_vid=1320306440.1598749775&ga_sid=1598749775&ga_hid=1349139751&ga_fc=0&iag=0&icsg=2730&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=999&ady=597&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530622%2C44723322%2C21066467%2C21066923%2C21066807&oid=3&pvsid=2704978318719923&pem=821&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=U6baJhr09l&p=https%3A//employee-screening.org&dtd=149
Frame ID: 5BC7765D36BD18E0AD25BCD7183F1DB2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7659144104460700&output=html&adk=1812271804&adf=3025194257&lmt=1578778123&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Femployee-screening.org%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1598749774888&bpp=1&bdt=76&idt=148&shv=r20200826&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C160x600&nras=1&correlator=1441199957245&frm=20&pv=1&ga_vid=1320306440.1598749775&ga_sid=1598749775&ga_hid=1349139751&ga_fc=0&iag=0&icsg=2730&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530622%2C44723322%2C21066467%2C21066923%2C21066807&oid=3&pvsid=2704978318719923&pem=821&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=155
Frame ID: D89D26DAEA4E18A5D0E3AEDD8BDB03BF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 5E4D99BBB855BB71C2E1E3D89A0C23A9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

DreamWeaver (Editors) Expand

Overall confidence: 100%
Detected patterns

html /<!--[^>]*(?:InstanceBeginEditable|Dreamweaver([^>]+)target|DWLayoutDefaultTable)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

25
Requests

100 %
HTTPS

75 %
IPv6

6
Domains

7
Subdomains

4
IPs

2
Countries

250 kB
Transfer

524 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.employee-screening.org/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
employee-screening.org/ 8 KB
8 KB 531ms
139ms Document
text/html 162.253.54.78
AS33028

General

Check archive.org

Show headers Download Go to

Full URL: https://employee-screening.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.253.54.78 , Canada, ASN33028 (AS33028, CA),
Reverse DNS: compute-162-253-54-78.ca-ymq-1.vexxhost.net
Software: Apache /
Resource Hash: 43e5006b02d736a08f2ea027ac28bc1af6b45023b15fb207976dcebc5bc48b77

Request headers

Host: employee-screening.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 01:09:34 GMT
Server: Apache
Last-Modified: Sat, 11 Jan 2020 21:28:43 GMT
Accept-Ranges: bytes
Content-Length: 7851
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK sitelogo.gif
employee-screening.org/ 2 KB
2 KB 146ms
144ms Image
image/gif 162.253.54.78
AS33028

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employee-screening.org/sitelogo.gif
Requested by: Host: employee-screening.org
URL: https://employee-screening.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.253.54.78 , Canada, ASN33028 (AS33028, CA),
Reverse DNS: compute-162-253-54-78.ca-ymq-1.vexxhost.net
Software: Apache /
Resource Hash: e9933b064e2e9f5f094c87ca448fb1a5d9732caacc16f61bdc1fad8a297dce23

Request headers

Referer: https://employee-screening.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 01:09:34 GMT
Last-Modified: Tue, 29 Oct 2019 18:02:02 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1794

GET
H/1.1 200
OK explanation.gif
employee-screening.org/ 2 KB
2 KB 418ms
139ms Image
image/gif 162.253.54.78
AS33028

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employee-screening.org/explanation.gif
Requested by: Host: employee-screening.org
URL: https://employee-screening.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.253.54.78 , Canada, ASN33028 (AS33028, CA),
Reverse DNS: compute-162-253-54-78.ca-ymq-1.vexxhost.net
Software: Apache /
Resource Hash: 5ad3dfb71d00a493edfc4ce0372555fae1dab809a9104fba0a30d9b8e5fb6b2d

Request headers

Referer: https://employee-screening.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 01:09:35 GMT
Last-Modified: Tue, 29 Oct 2019 18:02:01 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1720

GET
H/1.1 200
OK multitop.gif
employee-screening.org/ 175 B
416 B 428ms
139ms Image
image/gif 162.253.54.78
AS33028

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employee-screening.org/multitop.gif
Requested by: Host: employee-screening.org
URL: https://employee-screening.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.253.54.78 , Canada, ASN33028 (AS33028, CA),
Reverse DNS: compute-162-253-54-78.ca-ymq-1.vexxhost.net
Software: Apache /
Resource Hash: 3636eb811fc84a3149aecd6498d976b75f706802efb58b3ab075ed3d29c82458

Request headers

Referer: https://employee-screening.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 01:09:35 GMT
Last-Modified: Tue, 29 Oct 2019 18:02:00 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 175

GET
H/1.1 200
OK jobresume.jpg
employee-screening.org/ 54 KB
54 KB 437ms
145ms Image
image/jpeg 162.253.54.78
AS33028

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employee-screening.org/jobresume.jpg
Requested by: Host: employee-screening.org
URL: https://employee-screening.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.253.54.78 , Canada, ASN33028 (AS33028, CA),
Reverse DNS: compute-162-253-54-78.ca-ymq-1.vexxhost.net
Software: Apache /
Resource Hash: 021c0ec7fef1495297892374904d0d7d7bac1b3d6c726beab80d4fb24c6d5901

Request headers

Referer: https://employee-screening.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 01:09:35 GMT
Last-Modified: Tue, 29 Oct 2019 18:01:54 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 54980

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 126 KB
44 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: employee-screening.org
URL: https://employee-screening.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3cc3d4e9d09e8b001ee014c36ce948a2646d407e8ecf49b07a315060769134a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://employee-screening.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 30 Aug 2020 01:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 44783
x-xss-protection: 0
server: cafe
etag: 15476532164680559219
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 30 Aug 2020 01:09:34 GMT

GET
H/1.1 200
OK line.gif
employee-screening.org/ 67 B
307 B 545ms
135ms Image
image/gif 162.253.54.78
AS33028

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employee-screening.org/line.gif
Requested by: Host: employee-screening.org
URL: https://employee-screening.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.253.54.78 , Canada, ASN33028 (AS33028, CA),
Reverse DNS: compute-162-253-54-78.ca-ymq-1.vexxhost.net
Software: Apache /
Resource Hash: 0aa6bc3d04c61096ceca16d301d757b24f0f5cd1515809ee67a6587e3fd643bb

Request headers

Referer: https://employee-screening.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 01:09:35 GMT
Last-Modified: Tue, 29 Oct 2019 18:02:29 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 67

GET
H/1.1 200
OK sp45.gif
employee-screening.org/ 52 B
292 B 551ms
137ms Image
image/gif 162.253.54.78
AS33028

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employee-screening.org/sp45.gif
Requested by: Host: employee-screening.org
URL: https://employee-screening.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.253.54.78 , Canada, ASN33028 (AS33028, CA),
Reverse DNS: compute-162-253-54-78.ca-ymq-1.vexxhost.net
Software: Apache /
Resource Hash: eb8acd1204a5d169af64015fdbaafc570a96cc1534aeee9a8b503c625ef8f413

Request headers

Referer: https://employee-screening.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 01:09:35 GMT
Last-Modified: Tue, 29 Oct 2019 18:02:30 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 52

GET
H/1.1 200
OK sp176.gif
employee-screening.org/ 59 B
300 B 388ms
138ms Image
image/gif 162.253.54.78
AS33028

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employee-screening.org/sp176.gif
Requested by: Host: employee-screening.org
URL: https://employee-screening.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.253.54.78 , Canada, ASN33028 (AS33028, CA),
Reverse DNS: compute-162-253-54-78.ca-ymq-1.vexxhost.net
Software: Apache /
Resource Hash: be54253f8fcae644a4f7c9fa93b6b865951aa92771dcf88b9883f27098842622

Request headers

Referer: https://employee-screening.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 01:09:35 GMT
Last-Modified: Tue, 29 Oct 2019 18:02:30 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 59

GET
H/1.1 200
OK intelius150.gif
employee-screening.org/ 4 KB
4 KB 385ms
137ms Image
image/gif 162.253.54.78
AS33028

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employee-screening.org/intelius150.gif
Requested by: Host: employee-screening.org
URL: https://employee-screening.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.253.54.78 , Canada, ASN33028 (AS33028, CA),
Reverse DNS: compute-162-253-54-78.ca-ymq-1.vexxhost.net
Software: Apache /
Resource Hash: e3e6b0cefbab0c880a80d044452d1c773d3a383921911f2a78a974e69b9e70c8

Request headers

Referer: https://employee-screening.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 01:09:35 GMT
Last-Modified: Tue, 29 Oct 2019 18:01:50 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3965

GET
H/1.1 200
OK universalsquare.gif
employee-screening.org/ 7 KB
8 KB 262ms
141ms Image
image/gif 162.253.54.78
AS33028

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employee-screening.org/universalsquare.gif
Requested by: Host: employee-screening.org
URL: https://employee-screening.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.253.54.78 , Canada, ASN33028 (AS33028, CA),
Reverse DNS: compute-162-253-54-78.ca-ymq-1.vexxhost.net
Software: Apache /
Resource Hash: a6c2829d93b4e22a8a88760f3976c92bdc21d1ded43ec00e525cf935321c785d

Request headers

Referer: https://employee-screening.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 01:09:35 GMT
Last-Modified: Tue, 29 Oct 2019 18:01:49 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7484

GET
H/1.1 200
OK multibottom.gif
employee-screening.org/ 228 B
469 B 139ms
139ms Image
image/gif 162.253.54.78
AS33028

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employee-screening.org/multibottom.gif
Requested by: Host: employee-screening.org
URL: https://employee-screening.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.253.54.78 , Canada, ASN33028 (AS33028, CA),
Reverse DNS: compute-162-253-54-78.ca-ymq-1.vexxhost.net
Software: Apache /
Resource Hash: bd3d23c476b0289ef9b05e67992d48310cd77e91b14bd5cebd7970b56cb619ff

Request headers

Referer: https://employee-screening.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 01:09:35 GMT
Last-Modified: Tue, 29 Oct 2019 18:02:29 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 228

GET
H/1.1 200
OK downdivision.gif
employee-screening.org/ 54 B
295 B 390ms
138ms Image
image/gif 162.253.54.78
AS33028

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employee-screening.org/downdivision.gif
Requested by: Host: employee-screening.org
URL: https://employee-screening.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.253.54.78 , Canada, ASN33028 (AS33028, CA),
Reverse DNS: compute-162-253-54-78.ca-ymq-1.vexxhost.net
Software: Apache /
Resource Hash: 79725fa9719456fb12a10ee1789023d6c102907ca948dfe931a335ec7b53e04f

Request headers

Referer: https://employee-screening.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 01:09:35 GMT
Last-Modified: Tue, 29 Oct 2019 18:02:28 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 54

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
890 B 37ms
15ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=employee-screening.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://employee-screening.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Aug 2020 01:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 35ms
14ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=employee-screening.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://employee-screening.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Aug 2020 01:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200826/r20190131/ 227 KB
85 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200826/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c1d20826994c67c1265ef889d958473b445fafb58adbdf4496c033ba0512c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://employee-screening.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 30 Aug 2020 01:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87089
x-xss-protection: 0
server: cafe
etag: 1151439128444404900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Aug 2020 01:09:34 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200826/r20190131/ Frame C4C6 0
0 9ms
9ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200826/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200826/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://employee-screening.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://employee-screening.org/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 26 Aug 2020 18:38:56 GMT
expires: Wed, 09 Sep 2020 18:38:56 GMT
content-type: text/html; charset=UTF-8
etag: 1003971328536524430
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4617
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 282638
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame E26E 0
0 378ms
378ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7659144104460700&output=html&h=280&slotname=9735479648&adk=2694479662&adf=2228478200&w=336&lmt=1578778123&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Femployee-screening.org%2F&flash=0&wgl=1&adsid=NT&dt=1598749774866&bpp=18&bdt=54&idt=126&shv=r20200826&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1441199957245&frm=20&pv=2&ga_vid=1320306440.1598749775&ga_sid=1598749775&ga_hid=1349139751&ga_fc=0&iag=0&icsg=682&dssz=7&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=425&ady=926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530622%2C44723322%2C21066467%2C21066923%2C21066807&oid=3&pvsid=2704978318719923&pem=821&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GL04gnISTS&p=https%3A//employee-screening.org&dtd=150

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200826/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7659144104460700&output=html&h=280&slotname=9735479648&adk=2694479662&adf=2228478200&w=336&lmt=1578778123&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Femployee-screening.org%2F&flash=0&wgl=1&adsid=NT&dt=1598749774866&bpp=18&bdt=54&idt=126&shv=r20200826&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1441199957245&frm=20&pv=2&ga_vid=1320306440.1598749775&ga_sid=1598749775&ga_hid=1349139751&ga_fc=0&iag=0&icsg=682&dssz=7&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=425&ady=926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530622%2C44723322%2C21066467%2C21066923%2C21066807&oid=3&pvsid=2704978318719923&pem=821&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GL04gnISTS&p=https%3A//employee-screening.org&dtd=150
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://employee-screening.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://employee-screening.org/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 30 Aug 2020 01:09:35 GMT
server: cafe
content-length: 22000
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 30-Aug-2020 01:24:35 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 30 Aug 2020 01:09:35 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200826/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cd7f36d0527b2542d797a58ec0954f677c68f89af81251ae7a064bb84ac366a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://employee-screening.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 30 Aug 2020 01:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1598614337952014"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27470
x-xss-protection: 0
expires: Sun, 30 Aug 2020 01:09:35 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5BC7 0
0 209ms
208ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7659144104460700&output=html&h=600&slotname=3688946045&adk=1901520341&adf=2702258891&w=160&lmt=1578778123&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=https%3A%2F%2Femployee-screening.org%2F&flash=0&wgl=1&adsid=NT&dt=1598749774884&bpp=3&bdt=72&idt=145&shv=r20200826&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=1441199957245&frm=20&pv=1&ga_vid=1320306440.1598749775&ga_sid=1598749775&ga_hid=1349139751&ga_fc=0&iag=0&icsg=2730&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=999&ady=597&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530622%2C44723322%2C21066467%2C21066923%2C21066807&oid=3&pvsid=2704978318719923&pem=821&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=U6baJhr09l&p=https%3A//employee-screening.org&dtd=149

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200826/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7659144104460700&output=html&h=600&slotname=3688946045&adk=1901520341&adf=2702258891&w=160&lmt=1578778123&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=https%3A%2F%2Femployee-screening.org%2F&flash=0&wgl=1&adsid=NT&dt=1598749774884&bpp=3&bdt=72&idt=145&shv=r20200826&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=1441199957245&frm=20&pv=1&ga_vid=1320306440.1598749775&ga_sid=1598749775&ga_hid=1349139751&ga_fc=0&iag=0&icsg=2730&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=999&ady=597&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530622%2C44723322%2C21066467%2C21066923%2C21066807&oid=3&pvsid=2704978318719923&pem=821&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=U6baJhr09l&p=https%3A//employee-screening.org&dtd=149
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://employee-screening.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://employee-screening.org/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 30 Aug 2020 01:09:35 GMT
server: cafe
content-length: 21683
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 30-Aug-2020 01:24:35 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 30 Aug 2020 01:09:35 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame D89D 0
0 15ms
15ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7659144104460700&output=html&adk=1812271804&adf=3025194257&lmt=1578778123&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Femployee-screening.org%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1598749774888&bpp=1&bdt=76&idt=148&shv=r20200826&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C160x600&nras=1&correlator=1441199957245&frm=20&pv=1&ga_vid=1320306440.1598749775&ga_sid=1598749775&ga_hid=1349139751&ga_fc=0&iag=0&icsg=2730&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530622%2C44723322%2C21066467%2C21066923%2C21066807&oid=3&pvsid=2704978318719923&pem=821&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=155

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200826/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7659144104460700&output=html&adk=1812271804&adf=3025194257&lmt=1578778123&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Femployee-screening.org%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1598749774888&bpp=1&bdt=76&idt=148&shv=r20200826&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C160x600&nras=1&correlator=1441199957245&frm=20&pv=1&ga_vid=1320306440.1598749775&ga_sid=1598749775&ga_hid=1349139751&ga_fc=0&iag=0&icsg=2730&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530622%2C44723322%2C21066467%2C21066923%2C21066807&oid=3&pvsid=2704978318719923&pem=821&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=155
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://employee-screening.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://employee-screening.org/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 30 Aug 2020 01:09:35 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 30-Aug-2020 01:24:35 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 30 Aug 2020 01:09:35 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 39ms
26ms XHR
application/json 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200826&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200826/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6523257f87be9822aa12c1aca1ee8e5b5c031039cf48218afd4c898e2ce55b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://employee-screening.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Aug 2020 01:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6177
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200826/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://employee-screening.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 30 Aug 2020 01:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Sun, 30 Aug 2020 01:09:35 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 5E4D 0
0 7ms
6ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://employee-screening.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://employee-screening.org/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Sun, 30 Aug 2020 00:00:35 GMT
expires: Mon, 30 Aug 2021 00:00:35 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4140
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
174 B 41ms
41ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200826&jk=2704978318719923&bg=!enmleWFYPAaImnrnE9MCAAAAXVIAAAAOCgHd0_lO6QNXoOLu_b79mOA8ytX9N4F7OFuDvJ2AabUHFU1kMWDG0NEsuqV38DrVwVPm43nTjoVNzMGpzwWCeYysn3na6eL-4wQhYF19gl9OYclLqobT7OUdS1XTxSrHSIHB1I4cZx6lW8zyUn2OsRtYma1qq0rHZZh9xOPsc03fGL5-0j4P1fbh4pljG0w6VW4MtBlAr3GTHoXddQCSoEPGtMD51s0TpMDVeVNjyOCLTC6qLYwrE4_xegEB5hkHtNlMjt2vM0RPn1biq1H8fsveTYOhmrPYpHpaykEvZtXRClUUFNVtw3kcYglpG-TP36vId2JyeO5Ql9AoQZkInZ0qKQ0YaK-fBqYw-yx0liwm8aZKSaek6DaSZRSv-wRt1chQGFttJx5TnxeZLhpkvEf3hoN-LEfIHIlhrYwuIsdh6V8uf3CsRYPczo95Cw_-_culfJksGrruZ4x1GKZnnBV6ogoRvrjLb5QLmpsWc9jdfSkPlKij-rpO8cTRob8-ie23trkVnlXdnD0DHMClbtzg-fJSBytsBox4EDFlKxi8Dbyb23rz8bjEEx6ydRHgN9FQMggc1g7xyhPASIFzpbgsaK3-INRDjMfYpDIqL_js6g4hR703CgEp9OsmBsnkmQGtScnrzN_PHsqpKLTvxLc4wVgOluA-O71JBi8-9aDYyfpaZwnYZjZrEYmEjlYnfYvQ834ZsO-SX7yToJuUhGZEQBZfcVF6vJQ8jjrg9HvHJROEQQL2Sa1LeDI_yjh5x0LJPDw284UvRzqQ1V-JUYEClHrhCM8MWNsM_nFqtdvyIpkfiQkI0MohN0RA8XZacrrTg-MmSMkAu6_Kdn8mfAwGZtisfthWONdAp23l7GOCOV_9JU-uNSx7-R6icY-qXptgUcK8ruOHWGIMQdbLR-eLr57nialSmkPSn5sp-qBDloSJh-oFACWIt-SL4B1VBQ11-jOfkuA9_QG4ILwNfOcBodE5_lYUpX2oxm3BWT_n5z8fEZpDI1Jt7NKGukCKrp3ZW9b5Oo7kJ7LXXOu6nJ-GnI_l4Ko2Lrtcj68tOQaD5zeuhSe2u896SsTCgfDrtLm-W6zcRLsMuYh6FCibwqv94jM3epmqI1aaGGkkUAAPJBZaAjgVqrFVT46m3egV6rnY8pCQ-FRD1y7lqU6K7HzwD0D4_inKKt0Bi4PpSnK_ZF7DthNkVkso3D95F3sz

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://employee-screening.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Aug 2020 01:09:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 12:05:53	Name: DSID Value: NO_DATA
			.doubleclick.net/	1970-01-19 21:27:25	Name: IDE Value: AHWqTUliltKdnbw_cGnu002FFpME6YBFCpG1fWRPnJk9-cxLOgNTSIPq5luqWvDM

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
employee-screening.org
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
162.253.54.78
2a00:1450:4001:80b::2001
2a00:1450:4001:81a::2002
2a00:1450:4001:81f::2002
021c0ec7fef1495297892374904d0d7d7bac1b3d6c726beab80d4fb24c6d5901
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0aa6bc3d04c61096ceca16d301d757b24f0f5cd1515809ee67a6587e3fd643bb
3636eb811fc84a3149aecd6498d976b75f706802efb58b3ab075ed3d29c82458
43e5006b02d736a08f2ea027ac28bc1af6b45023b15fb207976dcebc5bc48b77
4cd7f36d0527b2542d797a58ec0954f677c68f89af81251ae7a064bb84ac366a
5ad3dfb71d00a493edfc4ce0372555fae1dab809a9104fba0a30d9b8e5fb6b2d
6c1d20826994c67c1265ef889d958473b445fafb58adbdf4496c033ba0512c8c
79725fa9719456fb12a10ee1789023d6c102907ca948dfe931a335ec7b53e04f
a6523257f87be9822aa12c1aca1ee8e5b5c031039cf48218afd4c898e2ce55b6
a6c2829d93b4e22a8a88760f3976c92bdc21d1ded43ec00e525cf935321c785d
bd3d23c476b0289ef9b05e67992d48310cd77e91b14bd5cebd7970b56cb619ff
be54253f8fcae644a4f7c9fa93b6b865951aa92771dcf88b9883f27098842622
d3cc3d4e9d09e8b001ee014c36ce948a2646d407e8ecf49b07a315060769134a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e6b0cefbab0c880a80d044452d1c773d3a383921911f2a78a974e69b9e70c8
e9933b064e2e9f5f094c87ca448fb1a5d9732caacc16f61bdc1fad8a297dce23
eb8acd1204a5d169af64015fdbaafc570a96cc1534aeee9a8b503c625ef8f413

employee-screening.org Open in urlscan Pro 162.253.54.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

75 %IPv6

6 Domains

7 Subdomains

4 IPs

2 Countries

250 kBTransfer

524 kBSize

2 Cookies

1 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

2 Cookies

Indicators

employee-screening.org Open in urlscan Pro
162.253.54.78 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

75 %
IPv6

6
Domains

7
Subdomains

4
IPs

2
Countries

250 kB
Transfer

524 kB
Size

2
Cookies

25 HTTP transactions
0 data transactions