urlscan.io logo urlscan.io
SecurityTrails logo

jobsqo.com Open in urlscan Pro
173.208.229.245  Public Scan

Go To Rescan Add Verdict Report
URL: https://jobsqo.com/levo.org/
Submission: On January 20 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 7 domains to perform 37 HTTP transactions. The main IP is 173.208.229.245, located in United States and belongs to WII, US. The main domain is jobsqo.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 15th 2022. Valid for: a year.
This is the only time jobsqo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    173.208.229.245 (United States)

ASN32097 (WII, US)
PTR: pod103.unisonserver.com
jobsqo.com
5    34.192.33.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-33-107.compute-1.amazonaws.com
levocu.financialhost.org
1    2600:9000:2570:1600:1d:fe78:dc80:93a1 (United States)

ASN16509 (AMAZON-02, US)
p-livechat-main.financialhost.org
1    54.231.167.1 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
botcopy-prod-html-loader.s3.amazonaws.com
8    2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    13.226.175.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-175-8.mxp64.r.cloudfront.net
contactcenter-p-main.financialhost.org
3    143.204.215.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-69.fra53.r.cloudfront.net
widget.botcopy.com
1    2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2600:1f18:41d6:7400:949b:17a7:fe84:2728 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
cognito-identity.us-east-1.amazonaws.com
6    143.204.215.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-105.fra53.r.cloudfront.net
api.botcopy.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
10 financialhost.org
levocu.financialhost.org
p-livechat-main.financialhost.org — Cisco Umbrella Rank: 810459
contactcenter-p-main.financialhost.org — Cisco Umbrella Rank: 601666
1 MB
9 botcopy.com
widget.botcopy.com — Cisco Umbrella Rank: 140921
api.botcopy.com — Cisco Umbrella Rank: 151334
712 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 22
region1.google-analytics.com — Cisco Umbrella Rank: 2439
40 KB
5 amazonaws.com
botcopy-prod-html-loader.s3.amazonaws.com — Cisco Umbrella Rank: 544041
cognito-identity.us-east-1.amazonaws.com — Cisco Umbrella Rank: 1855
9 KB
2 jobsqo.com
jobsqo.com
3 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
76 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
37 7
Domain Requested by
8 www.google-analytics.com jobsqo.com
www.google-analytics.com
widget.botcopy.com
6 api.botcopy.com widget.botcopy.com
5 levocu.financialhost.org jobsqo.com
4 cognito-identity.us-east-1.amazonaws.com widget.botcopy.com
4 contactcenter-p-main.financialhost.org p-livechat-main.financialhost.org
3 widget.botcopy.com jobsqo.com
widget.botcopy.com
2 jobsqo.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com p-livechat-main.financialhost.org
1 fonts.googleapis.com widget.botcopy.com
1 botcopy-prod-html-loader.s3.amazonaws.com jobsqo.com
1 p-livechat-main.financialhost.org jobsqo.com
37 12

This site contains links to these domains. Also see Links.

Domain
levocu.financialhost.org
policies.google.com
Subject Issuer Validity Valid
jobsqo.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-15 -
2023-09-15		 a year crt.sh
*.financialhost.org
Go Daddy Secure Certificate Authority - G2		 2022-12-19 -
2024-01-20		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2022-09-21 -
2023-08-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
botcopy.com
Amazon		 2022-07-26 -
2023-08-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
cognito-identity.us-east-1.amazonaws.com
Amazon		 2022-06-07 -
2023-07-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://jobsqo.com/levo.org/
Frame ID: CC95DD7AD1B2E18F8DC7DBDC0B8E8C5E
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LEVOCU

Page URL History Show full URLs

  1. https://jobsqo.com/levo.org HTTP 301
    https://jobsqo.com/levo.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

37
Requests

97 %
HTTPS

50 %
IPv6

7
Domains

12
Subdomains

13
IPs

3
Countries

2125 kB
Transfer

4245 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://jobsqo.com/levo.org HTTP 301
    https://jobsqo.com/levo.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
jobsqo.com/levo.org/
Redirect Chain
  • https://jobsqo.com/levo.org
  • https://jobsqo.com/levo.org/
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jobsqo.com/levo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.208.229.245 , United States, ASN32097 (WII, US),
Reverse DNS
pod103.unisonserver.com
Software
LiteSpeed /
Resource Hash
212fb47b143e9cdb2a02625edafda3bf262a1f45c28760fc92a4fb70fc128dc8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Fri, 20 Jan 2023 17:33:30 GMT
server
LiteSpeed
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
707
content-security-policy
upgrade-insecure-requests;
content-type
text/html
date
Fri, 20 Jan 2023 17:33:30 GMT
location
https://jobsqo.com/levo.org/
server
LiteSpeed
Default_5rTVJABMXj81_Default.bndl
levocu.financialhost.org/Themes/OrpheusDefaultTheme/Styles/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://levocu.financialhost.org/Themes/OrpheusDefaultTheme/Styles/Default_5rTVJABMXj81_Default.bndl?v=ZnIFqDdKR7A2O6jJVTNgoswC4KLo4jWAssDj-YT4lno1%22
Requested by
Host: jobsqo.com
URL: https://jobsqo.com/levo.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.192.33.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-33-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d6f35d17a128e0fe3ec0c851b9981225204b8a171cb987ef356f9b7553b28623
Security Headers
Name Value
Content-Security-Policy connect-src 'self' wss://levocu.financialhost.org wss://*.twilio.com https://maps.geo.us-east-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://api.botcopy.com https://*.velaro.com https://*.orpheusdev.net https://*.mfmnow.com https://*.financialhost.org https://*.livetest-financialhost.org https://*.test-financialhost.org https://*.dev-financialhost.org wss://*.orpheusdev.net wss://*.test-financialhost.org wss://*.financialhost.org wss://*.livetest-financialhost.org wss://*.dev-financialhost.org
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jobsqo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 17:33:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
connect-src 'self' wss://levocu.financialhost.org wss://*.twilio.com https://maps.geo.us-east-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://api.botcopy.com https://*.velaro.com https://*.orpheusdev.net https://*.mfmnow.com https://*.financialhost.org https://*.livetest-financialhost.org https://*.test-financialhost.org https://*.dev-financialhost.org wss://*.orpheusdev.net wss://*.test-financialhost.org wss://*.financialhost.org wss://*.livetest-financialhost.org wss://*.dev-financialhost.org
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
P3P
CP="ALL ADM DEV PSAo COM OUR OTRo IND ONL"
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1151
Expires
-1
Mobile_Default_xtHDspGhEo41_Default.bndl
levocu.financialhost.org/Themes/OrpheusDefaultTheme/Styles/ 		121 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://levocu.financialhost.org/Themes/OrpheusDefaultTheme/Styles/Mobile_Default_xtHDspGhEo41_Default.bndl?v=zxuMQcnaBlbqxQFe4JCkRNnuVyuCGMN9-wuUEwxcNxk1%22
Requested by
Host: jobsqo.com
URL: https://jobsqo.com/levo.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.192.33.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-33-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4a45582911c984fe9ae005f3d5e93c3859518987eb293f7b99ffa0f9d70c2abe
Security Headers
Name Value
Content-Security-Policy connect-src 'self' wss://levocu.financialhost.org wss://*.twilio.com https://maps.geo.us-east-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://api.botcopy.com https://*.velaro.com https://*.orpheusdev.net https://*.mfmnow.com https://*.financialhost.org https://*.livetest-financialhost.org https://*.test-financialhost.org https://*.dev-financialhost.org wss://*.orpheusdev.net wss://*.test-financialhost.org wss://*.financialhost.org wss://*.livetest-financialhost.org wss://*.dev-financialhost.org
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jobsqo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 17:33:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
connect-src 'self' wss://levocu.financialhost.org wss://*.twilio.com https://maps.geo.us-east-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://api.botcopy.com https://*.velaro.com https://*.orpheusdev.net https://*.mfmnow.com https://*.financialhost.org https://*.livetest-financialhost.org https://*.test-financialhost.org https://*.dev-financialhost.org wss://*.orpheusdev.net wss://*.test-financialhost.org wss://*.financialhost.org wss://*.livetest-financialhost.org wss://*.dev-financialhost.org
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
P3P
CP="ALL ADM DEV PSAo COM OUR OTRo IND ONL"
Cache-Control
no-cache
Connection
keep-alive
Content-Length
29122
Expires
-1
bundle.js
p-livechat-main.financialhost.org/dist/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://p-livechat-main.financialhost.org/dist/bundle.js
Requested by
Host: jobsqo.com
URL: https://jobsqo.com/levo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2570:1600:1d:fe78:dc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48d10234fb804ac00c0b897223beb6a01ac8387c96ac9df2bcce2b63ba4adf80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jobsqo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 17:33:32 GMT
x-amz-meta-cache-control
no-cache, no-store, must-revalidate
via
1.1 8e27a1df0bfacc96034bdffd33a051aa.cloudfront.net (CloudFront)
last-modified
Thu, 01 Dec 2022 09:08:59 GMT
server
AmazonS3
x-amz-cf-pop
BCN50-P2
etag
"377a2074a965157ac2f45d19afb12fc2"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/x-javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
1268936
x-amz-cf-id
78pW-6GPtaneFwQvsHvsAKgc1Uj1ZIStctlbkyyfG9UUxgVq3Y7seQ==
Logo.png
levocu.financialhost.org/Media/Default/Logo/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://levocu.financialhost.org/Media/Default/Logo/Logo.png
Requested by
Host: jobsqo.com
URL: https://jobsqo.com/levo.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.192.33.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-33-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
77c8ca9e87e397c5ed7b0d35b8c31130f11e1ac889f9d9743cffda7ea7478cdf
Security Headers
Name Value
Content-Security-Policy connect-src 'self' wss://levocu.financialhost.org wss://*.twilio.com https://maps.geo.us-east-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://api.botcopy.com https://*.velaro.com https://*.orpheusdev.net https://*.mfmnow.com https://*.financialhost.org https://*.livetest-financialhost.org https://*.test-financialhost.org https://*.dev-financialhost.org wss://*.orpheusdev.net wss://*.test-financialhost.org wss://*.financialhost.org wss://*.livetest-financialhost.org wss://*.dev-financialhost.org
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jobsqo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 17:33:31 GMT
Content-Security-Policy
connect-src 'self' wss://levocu.financialhost.org wss://*.twilio.com https://maps.geo.us-east-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://api.botcopy.com https://*.velaro.com https://*.orpheusdev.net https://*.mfmnow.com https://*.financialhost.org https://*.livetest-financialhost.org https://*.test-financialhost.org https://*.dev-financialhost.org wss://*.orpheusdev.net wss://*.test-financialhost.org wss://*.financialhost.org wss://*.livetest-financialhost.org wss://*.dev-financialhost.org
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Last-Modified
Mon, 02 May 2022 14:24:45 GMT
Server
nginx
ETag
"80b4d65e305ed81:0"
Content-Type
image/png
P3P
CP="ALL ADM DEV PSAo COM OUR OTRo IND ONL"
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4490
h_BrAijMQbk1_Default.bndl
levocu.financialhost.org/bundle/script/Unspecified/ 		0
0
Equal
levocu.financialhost.org/Media/Default/Logo/ 		0
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://levocu.financialhost.org/Media/Default/Logo/Equal
Requested by
Host: jobsqo.com
URL: https://jobsqo.com/levo.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.192.33.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-33-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jobsqo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 17:33:31 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="ALL ADM DEV PSAo COM OUR OTRo IND ONL"
NCUA.jpg%22
levocu.financialhost.org/Media/Default/Logo/ 		0
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://levocu.financialhost.org/Media/Default/Logo/NCUA.jpg%22
Requested by
Host: jobsqo.com
URL: https://jobsqo.com/levo.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.192.33.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-33-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jobsqo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 17:33:31 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="ALL ADM DEV PSAo COM OUR OTRo IND ONL"
botcopyLoader.js
botcopy-prod-html-loader.s3.amazonaws.com/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://botcopy-prod-html-loader.s3.amazonaws.com/botcopyLoader.js
Requested by
Host: jobsqo.com
URL: https://jobsqo.com/levo.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.167.1 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e7b6c8389bdb5e1d094d5f63200f10e126e0c224fd7748751cb5d8bd6f0c44d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jobsqo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 17:33:32 GMT
Last-Modified
Thu, 09 Dec 2021 07:33:39 GMT
Server
AmazonS3
x-amz-request-id
V4M75DSS56GKYR4F
ETag
"292619c6b4669868d7be8f7a50b6807f"
Content-Type
application/javascript
Cache-Control
max-age=600
Accept-Ranges
bytes
Content-Length
6399
x-amz-id-2
7dUNkOb4Pwoq3NEe8em95/NGIL2dfPWUWdytTReOgqd1nVLLjnSVG2KC83XxkefhQwCzeteAMOo=
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: jobsqo.com
URL: https://jobsqo.com/levo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jobsqo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 16:21:47 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4304
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20085
expires
Fri, 20 Jan 2023 18:21:47 GMT
collect
www.google-analytics.com/j/ 		2 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2055168911&t=pageview&_s=1&dl=https%3A%2F%2Fjobsqo.com%2Flevo.org%2F&ul=en-us&de=UTF-8&dt=LEVOCU&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAAEADAAAAACAUI~&jid=408279280&gjid=1446925159&cid=702315406.1674236012&tid=UA-67286047-89&_gid=343902986.1674236012&_r=1&_slc=1&z=150752986
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://jobsqo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 17:33:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://jobsqo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2055168911&t=pageview&_s=1&dl=https%3A%2F%2Fjobsqo.com%2Flevo.org%2F&ul=en-us&de=UTF-8&dt=LEVOCU&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAAEADAAAAACAUI~&jid=408279280&gjid=1446925159&cid=702315406.1674236012&tid=UA-67286047-36&_gid=343902986.1674236012&_r=1&_slc=1&z=150752986
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://jobsqo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 17:33:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://jobsqo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
contactcenter-p-main.financialhost.org/contactcenter/v1/livechat/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://contactcenter-p-main.financialhost.org/contactcenter/v1/livechat/settings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-8.mxp64.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-ast-applicationcontext,x-ast-applicationorigin,x-ast-clientapplicationid,x-tenant-id
Access-Control-Request-Method
POST
Origin
https://jobsqo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-AST-ContactCenter-Auth-Token,X-Tenant-Id,X-AST-ApplicationContext,X-AST-ApplicationOrigin,X-AST-ClientApplicationId,X-AST-SessionId,X-AST-ApplicationOrigin
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Fri, 20 Jan 2023 17:33:32 GMT
via
1.1 e7bb40fae65694ea199c059324c79b1c.cloudfront.net (CloudFront)
x-amz-apigw-id
fDWA9FH5IAMFfjA=
x-amz-cf-id
oklMSBbCHIlqpZmn06Oavo-oYjC6warofaEC4VECSkIuSUJ9lrObUg==
x-amz-cf-pop
MXP64-C3
x-amzn-requestid
aa7ab059-4e2b-4ad0-ba6a-54198ec76e5a
x-cache
Miss from cloudfront
status
contactcenter-p-main.financialhost.org/contactcenter/v1/livechat/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://contactcenter-p-main.financialhost.org/contactcenter/v1/livechat/status
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-8.mxp64.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-ast-applicationcontext,x-ast-applicationorigin,x-ast-clientapplicationid,x-tenant-id
Access-Control-Request-Method
POST
Origin
https://jobsqo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-AST-ContactCenter-Auth-Token,X-Tenant-Id,X-AST-ApplicationContext,X-AST-ApplicationOrigin,X-AST-ClientApplicationId,X-AST-SessionId,X-AST-ApplicationOrigin
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Fri, 20 Jan 2023 17:33:32 GMT
via
1.1 e7bb40fae65694ea199c059324c79b1c.cloudfront.net (CloudFront)
x-amz-apigw-id
fDWA_F4tIAMFn8w=
x-amz-cf-id
hGY4wy_oewtkBie5XE3MEnXONXAi3xgGj5O7U0rtbklvQ1xKRYDRWQ==
x-amz-cf-pop
MXP64-C3
x-amzn-requestid
54842a8d-29a6-4619-b5f8-0674bdf330d6
x-cache
Miss from cloudfront
settings
contactcenter-p-main.financialhost.org/contactcenter/v1/livechat/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://contactcenter-p-main.financialhost.org/contactcenter/v1/livechat/settings
Requested by
Host: p-livechat-main.financialhost.org
URL: https://p-livechat-main.financialhost.org/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-8.mxp64.r.cloudfront.net
Software
/
Resource Hash
0322ea1c722fd396658b5f8bce4e1d6bcbf8048860ec867f2b69084dea4fa63a

Request headers

x-tenant-id
LEVOCU
accept-language
de-DE,de;q=0.9
X-AST-ApplicationContext
ofm
X-AST-ClientApplicationId
livechat
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Accept
application/json, text/plain, */*
X-AST-ApplicationOrigin
https://jobsqo.com/levo.org/
Referer
https://jobsqo.com/

Response headers

date
Fri, 20 Jan 2023 17:33:32 GMT
via
1.1 e7bb40fae65694ea199c059324c79b1c.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C3
x-amzn-trace-id
Root=1-63cad06c-5aabc1d12ee96df90cde572a;Sampled=0
x-amzn-requestid
4c57d440-657d-4c94-a1f3-fc223f9a384c
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
fDWA-HM-oAMFRVA=
content-length
4176
x-amz-cf-id
hOvjBi6k4W4ejSLnplL9L1em1Q73Afq4i5xYkCUc2bwpRx2uavUM0w==
status
contactcenter-p-main.financialhost.org/contactcenter/v1/livechat/ 		17 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://contactcenter-p-main.financialhost.org/contactcenter/v1/livechat/status
Requested by
Host: p-livechat-main.financialhost.org
URL: https://p-livechat-main.financialhost.org/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-8.mxp64.r.cloudfront.net
Software
/
Resource Hash
b048d78dba59f875411acc761b163b1d34f6b652773eec07e2225efed0a28ca7

Request headers

x-tenant-id
LEVOCU
accept-language
de-DE,de;q=0.9
X-AST-ApplicationContext
ofm
X-AST-ClientApplicationId
livechat
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Accept
application/json, text/plain, */*
X-AST-ApplicationOrigin
https://jobsqo.com/levo.org/
Referer
https://jobsqo.com/

Response headers

date
Fri, 20 Jan 2023 17:33:32 GMT
via
1.1 e7bb40fae65694ea199c059324c79b1c.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C3
x-amzn-trace-id
Root=1-63cad06c-78d285ea771aa9aa1a3f8038;Sampled=0
x-amzn-requestid
b9919379-3e62-4727-bb17-a89f666faa12
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
fDWBDE2FIAMFZ5A=
content-length
17
x-amz-cf-id
isTc7fWXqhA1WjVFrdvXpgMWN6A-IE8TKCX3zOCOqnfldz3VBvJtoQ==
injection.js
widget.botcopy.com/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.botcopy.com/js/injection.js
Requested by
Host: jobsqo.com
URL: https://jobsqo.com/levo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-69.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9565eae4701b8219852b868f42336da9bb2c9e5fc4f970e0018e9800faebd17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jobsqo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 17:30:27 GMT
content-encoding
gzip
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
last-modified
Thu, 19 Jan 2023 14:31:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
186
etag
W/"d17a42f64cb987dc0311edcb3d8ffef1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=300
x-amz-cf-id
WGcy5PmtF7Ix0hLyzoPr4nA_CLI54Zf6j0Oyc9nQd7svI0BY61idGw==
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=2055168911&t=timing&_s=2&dl=https%3A%2F%2Fjobsqo.com%2Flevo.org%2F&ul=en-us&de=UTF-8&dt=LEVOCU&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2076&pdt=1&dns=0&rrt=509&srt=122&tcp=0&dit=1252&clt=2049&_gst=1242&_gbt=1425&_u=YGBAAEADAAAAACAUI~&jid=&gjid=&cid=702315406.1674236012&tid=UA-67286047-89&_gid=343902986.1674236012&z=988965917
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jobsqo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 10:43:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
24614
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=2055168911&t=timing&_s=2&dl=https%3A%2F%2Fjobsqo.com%2Flevo.org%2F&ul=en-us&de=UTF-8&dt=LEVOCU&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2076&pdt=1&dns=0&rrt=509&srt=122&tcp=0&dit=1252&clt=2049&_gst=1242&_gbt=1425&_u=YGBAAEADAAAAACAUI~&jid=&gjid=&cid=702315406.1674236012&tid=UA-67286047-36&_gid=343902986.1674236012&z=988965917
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jobsqo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 10:43:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
24614
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
master.css
widget.botcopy.com/static/css/ 		131 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget.botcopy.com/static/css/master.css
Requested by
Host: widget.botcopy.com
URL: https://widget.botcopy.com/js/injection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-69.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
29c8fe1f52046bfcc8abf9ad4a9d55aba65644fd484c90f265fb5f8d2e14fe52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jobsqo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 17:31:06 GMT
content-encoding
gzip
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
last-modified
Thu, 19 Jan 2023 14:31:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
154
etag
W/"2a24e23e37d38f9cdf781ab3c86bb349"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=300
x-amz-cf-id
u4q-M1mcEUbNsCEIYcvvdI3p_PzKJauAEnuai9VbGRoSwPths3IZwA==
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: widget.botcopy.com
URL: https://widget.botcopy.com/js/injection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jobsqo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Jan 2023 17:33:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 16:02:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Jan 2023 17:33:32 GMT
master.js
widget.botcopy.com/static/js/ 		2 MB
684 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.botcopy.com/static/js/master.js
Requested by
Host: widget.botcopy.com
URL: https://widget.botcopy.com/js/injection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-69.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
67fc380d803d1198ba645916e73dd850945299c8d0c84127d74de78a440ef65b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jobsqo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 17:30:27 GMT
content-encoding
gzip
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
last-modified
Thu, 19 Jan 2023 14:31:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
186
etag
W/"a4399ccb29f129e94289ac0ab9c127e5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=300
x-amz-cf-id
jpv5wtodkzI7BuAOkbvn3WDS4jkK0pWL6H7YMgs9KL1iHNPWlQz3cg==
/
cognito-identity.us-east-1.amazonaws.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7400:949b:17a7:fe84:2728 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://jobsqo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Fri, 20 Jan 2023 17:33:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amzn-requestid
ce2c8076-fe41-4a82-847c-3702a49a9950
/
cognito-identity.us-east-1.amazonaws.com/ 		63 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Requested by
Host: widget.botcopy.com
URL: https://widget.botcopy.com/static/js/master.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7400:949b:17a7:fe84:2728 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
9a8736606cb15cb28c8407de41f90f2c217b4f8757d16e5daab5963ceee79eee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Amz-Content-Sha256
e2264445f40aeb27e135436b31a16423127c055ca91db5e0292cbbed4e2fe483
Referer
https://jobsqo.com/
X-Amz-Target
AWSCognitoIdentityService.GetId
accept-language
de-DE,de;q=0.9
X-Amz-User-Agent
aws-sdk-js/2.1103.0 callback
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Fri, 20 Jan 2023 17:33:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
b2d2f5d3-f03d-41f9-87ff-2b56a6f087e2
content-length
63
content-type
application/x-amz-json-1.1
62d83d73b7cb6c0009ccedd6
api.botcopy.com/bots/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.botcopy.com/bots/62d83d73b7cb6c0009ccedd6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-105.fra53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
botid
Access-Control-Request-Method
GET
Origin
https://jobsqo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*,Access-Control-Allow-Headers,Access-Control-Allow-Origin,Authorization,botId,widgetVersion,Content-Type,Startlower,Text,X-Amz-Date,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Fri, 20 Jan 2023 17:33:32 GMT
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
x-amz-apigw-id
fDWBCF3AIAMFmgA=
x-amz-cf-id
0ul4ygLb1b5eo8ezQZQxZYOq_QWs-DfZvO7qz8MnHF4tSP7HIaHO9Q==
x-amz-cf-pop
FRA53-C1
x-amzn-requestid
617117b9-aad7-450e-8f96-dd6ae35da4ef
x-cache
Miss from cloudfront
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: widget.botcopy.com
URL: https://widget.botcopy.com/static/js/master.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jobsqo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 16:21:47 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4305
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20085
expires
Fri, 20 Jan 2023 18:21:47 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=2055168911&t=pageview&_s=3&dl=https%3A%2F%2Fjobsqo.com%2Flevo.org%2F&dp=%2Flevo.org%2F&ul=en-us&de=UTF-8&dt=LEVOCU&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEADAAAAACAUI~&jid=&gjid=&cid=702315406.1674236012&tid=UA-67286047-89&_gid=343902986.1674236012&z=1758196150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jobsqo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 10:43:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
24614
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=2055168911&t=pageview&_s=3&dl=https%3A%2F%2Fjobsqo.com%2Flevo.org%2F&dp=%2Flevo.org%2F&ul=en-us&de=UTF-8&dt=LEVOCU&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEADAAAAACAUI~&jid=&gjid=&cid=702315406.1674236012&tid=UA-67286047-36&_gid=343902986.1674236012&z=1758196150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jobsqo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 10:43:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
24614
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
62d83d73b7cb6c0009ccedd6
api.botcopy.com/bots/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.botcopy.com/bots/62d83d73b7cb6c0009ccedd6
Requested by
Host: widget.botcopy.com
URL: https://widget.botcopy.com/static/js/master.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-105.fra53.r.cloudfront.net
Software
/
Resource Hash
7d5c13e01ea26786138bfa7f3358dcc52de2a0b8a347f30e14f5175f2f8312bc

Request headers

Accept
application/json, text/plain, */*
Referer
https://jobsqo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
botId
62d83d73b7cb6c0009ccedd6

Response headers

date
Fri, 20 Jan 2023 17:33:33 GMT
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amzn-requestid
9a0a89fa-707f-40f7-9a7b-f4c5edce93c5
x-amzn-remapped-connection
keep-alive
x-cache
Miss from cloudfront
x-amz-apigw-id
fDWBEEseoAMF_wQ=
content-length
4150
x-amzn-trace-id
Root=1-63cad06d-382bac5866e38e206d76a250;Sampled=0
vary
origin,accept-encoding
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://jobsqo.com
accept
application/json
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
api-version
1.1.383
x-amzn-remapped-date
Fri, 20 Jan 2023 17:33:33 GMT
x-amz-cf-id
sr89-_Xooh7hcqWz0ynCIC5duUOBmdPC4wVHnZdjtyKRKFPa3yfzLQ==
/
cognito-identity.us-east-1.amazonaws.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Requested by
Host: widget.botcopy.com
URL: https://widget.botcopy.com/static/js/master.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7400:949b:17a7:fe84:2728 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
8bb7f6d526bf5d05f88c51058128b59767fe309615d70efc053c86022f210837
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Amz-Content-Sha256
9a8736606cb15cb28c8407de41f90f2c217b4f8757d16e5daab5963ceee79eee
Referer
https://jobsqo.com/
X-Amz-Target
AWSCognitoIdentityService.GetCredentialsForIdentity
accept-language
de-DE,de;q=0.9
X-Amz-User-Agent
aws-sdk-js/2.1103.0 callback
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Fri, 20 Jan 2023 17:33:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
9f3b09e9-61cb-49c4-8ca3-286a298d2a55
content-length
1776
content-type
application/x-amz-json-1.1
/
cognito-identity.us-east-1.amazonaws.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7400:949b:17a7:fe84:2728 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://jobsqo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Fri, 20 Jan 2023 17:33:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amzn-requestid
a437f4c6-19d9-45c2-b840-e745559e0c0d
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TSZHBQRS55
Requested by
Host: p-livechat-main.financialhost.org
URL: https://p-livechat-main.financialhost.org/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4f0aa3165747f8e5a818efe60c2915bd80a29cdf894e08eb2ee6211f806bbc39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jobsqo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 17:33:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77824
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Jan 2023 17:33:33 GMT
lang
api.botcopy.com/bots/ 		2 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.botcopy.com/bots/lang
Requested by
Host: widget.botcopy.com
URL: https://widget.botcopy.com/static/js/master.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-105.fra53.r.cloudfront.net
Software
/
Resource Hash
959a45d44e6fcf58361ed004681556fe50129f2109e817dec098c00c9e5d2578

Request headers

Accept
application/json, text/plain, */*
Referer
https://jobsqo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
botId
62d83d73b7cb6c0009ccedd6

Response headers

date
Fri, 20 Jan 2023 17:33:33 GMT
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
2
x-amz-cf-pop
FRA53-C1
x-amzn-requestid
c6f7ffc4-e332-4806-a2c4-405ef3842f84
x-amzn-remapped-connection
keep-alive
x-cache
Miss from cloudfront
x-amz-apigw-id
fDWBLE_vIAMFhFA=
content-length
2
x-amzn-trace-id
Root=1-63cad06d-4ddf93201c583a1027bc66fa;Sampled=0
vary
origin
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
text/html; charset=utf-8
access-control-allow-origin
https://jobsqo.com
accept
application/json
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
api-version
1.1.383
accept-ranges
bytes
x-amzn-remapped-date
Fri, 20 Jan 2023 17:33:33 GMT
x-amz-cf-id
bQ-96P4hIzh8xP-TSjDhIUBWNx31-I67zCVsu4kZxTM9j69DlJJYGg==
lang
api.botcopy.com/bots/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.botcopy.com/bots/lang
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-105.fra53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
botid
Access-Control-Request-Method
GET
Origin
https://jobsqo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*,Access-Control-Allow-Headers,Access-Control-Allow-Origin,Authorization,botId,widgetVersion,Content-Type,Startlower,Text,X-Amz-Date,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Fri, 20 Jan 2023 17:33:33 GMT
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
x-amz-apigw-id
fDWBIHoGoAMF28Q=
x-amz-cf-id
v5L921cRZgLYdxrR_5dnrCvyVf1Jm6g7oHOCJvIxA8tJZZe9xteqbw==
x-amz-cf-pop
FRA53-C1
x-amzn-requestid
4abad42d-16ef-4bf5-ad62-ad95e135521d
x-cache
Miss from cloudfront
collect
region1.google-analytics.com/g/ 		0
343 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TSZHBQRS55&gtm=2oe1i0&_p=2055168911&cid=702315406.1674236012&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674236013&sct=1&seg=0&dl=https%3A%2F%2Fjobsqo.com%2Flevo.org%2F&dt=LEVOCU&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSZHBQRS55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jobsqo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 17:33:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://jobsqo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62d83d73b7cb6c0009ccedd6
api.botcopy.com/session/bot/ 		376 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.botcopy.com/session/bot/62d83d73b7cb6c0009ccedd6
Requested by
Host: widget.botcopy.com
URL: https://widget.botcopy.com/static/js/master.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-105.fra53.r.cloudfront.net
Software
/
Resource Hash
3801cdb8e021de168f2036bdd1de0f7d2729cd4b54dba00e1e09748293ff125e

Request headers

Accept
application/json, text/plain, */*
Referer
https://jobsqo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
botId
62d83d73b7cb6c0009ccedd6
Content-Type
application/json

Response headers

date
Fri, 20 Jan 2023 17:33:34 GMT
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
376
x-amz-cf-pop
FRA53-C1
x-amzn-requestid
778b312f-a440-4bff-b74e-2e1feaf83a06
x-amzn-remapped-connection
keep-alive
x-cache
Miss from cloudfront
x-amz-apigw-id
fDWBPHqroAMFQsA=
content-length
376
x-amzn-trace-id
Root=1-63cad06e-2d33fd9b028964622da33c1e;Sampled=0
vary
origin
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://jobsqo.com
accept
application/json
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
api-version
1.1.383
x-amzn-remapped-date
Fri, 20 Jan 2023 17:33:34 GMT
x-amz-cf-id
ExMBxY0yd2a0FkZ5kiACTZtbM7qg0b3BMYc6fE7sm9lggViL5kkPWw==
62d83d73b7cb6c0009ccedd6
api.botcopy.com/session/bot/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.botcopy.com/session/bot/62d83d73b7cb6c0009ccedd6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-105.fra53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
botid,content-type
Access-Control-Request-Method
POST
Origin
https://jobsqo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*,Access-Control-Allow-Headers,Access-Control-Allow-Origin,Authorization,botId,widgetVersion,Content-Type,Startlower,Text,X-Amz-Date,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Fri, 20 Jan 2023 17:33:33 GMT
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
x-amz-apigw-id
fDWBMGfzIAMFlXg=
x-amz-cf-id
Ilhe6ifaL3OsjbCb-ENv7eD2cLstONMRUmU8KAuqNXMcUvb2L7NG2w==
x-amz-cf-pop
FRA53-C1
x-amzn-requestid
9a5336fa-b49b-461b-a8ab-8709b17149ac
x-cache
Miss from cloudfront

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
levocu.financialhost.org
URL
htts://levocu.financialhost.org/bundle/script/Unspecified/h_BrAijMQbk1_Default.bndl?v=Xv2qVBXmftGqLfVu8VcGhlt2_vlWH9WNIEXRftClVc41%22

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| Chorus string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __debug__ function| __enableDebug function| __disableDebug object| regeneratorRuntime object| platform function| IMask object| s object| Botcopy undefined| _ function| setImmediate function| clearImmediate function| P number| 2f1acc6c3a606b082e5eef5e54414ffb number| __mobxInstanceCount object| __mobxGlobals object| AWS function| gtag object| dataLayer object| google_tag_manager function| onYouTubeIframeAPIReady string| bcSID

4 Cookies

Domain/Path Name / Value
.jobsqo.com/ Name: _gid
Value: GA1.2.343902986.1674236012
.jobsqo.com/ Name: _gat
Value: 1
.jobsqo.com/ Name: _ga_TSZHBQRS55
Value: GS1.1.1674236013.1.0.1674236013.0.0.0
.jobsqo.com/ Name: _ga
Value: GA1.1.702315406.1674236012

3 Console Messages

Source Level URL
Text
network error URL: htts://levocu.financialhost.org/bundle/script/Unspecified/h_BrAijMQbk1_Default.bndl?v=Xv2qVBXmftGqLfVu8VcGhlt2_vlWH9WNIEXRftClVc41%22
Message:
Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network error URL: https://levocu.financialhost.org/Media/Default/Logo/NCUA.jpg%22
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://levocu.financialhost.org/Media/Default/Logo/Equal
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.botcopy.com
botcopy-prod-html-loader.s3.amazonaws.com
cognito-identity.us-east-1.amazonaws.com
contactcenter-p-main.financialhost.org
fonts.googleapis.com
jobsqo.com
levocu.financialhost.org
p-livechat-main.financialhost.org
region1.google-analytics.com
widget.botcopy.com
www.google-analytics.com
www.googletagmanager.com
levocu.financialhost.org
13.226.175.8
143.204.215.105
143.204.215.69
173.208.229.245
2001:4860:4802:32::36
2600:1f18:41d6:7400:949b:17a7:fe84:2728
2600:9000:2570:1600:1d:fe78:dc80:93a1
2a00:1450:4001:827::2008
2a00:1450:400d:806::200e
2a00:1450:400d:807::200a
34.192.33.107
54.231.167.1
0322ea1c722fd396658b5f8bce4e1d6bcbf8048860ec867f2b69084dea4fa63a
212fb47b143e9cdb2a02625edafda3bf262a1f45c28760fc92a4fb70fc128dc8
29c8fe1f52046bfcc8abf9ad4a9d55aba65644fd484c90f265fb5f8d2e14fe52
3801cdb8e021de168f2036bdd1de0f7d2729cd4b54dba00e1e09748293ff125e
48d10234fb804ac00c0b897223beb6a01ac8387c96ac9df2bcce2b63ba4adf80
4a45582911c984fe9ae005f3d5e93c3859518987eb293f7b99ffa0f9d70c2abe
4f0aa3165747f8e5a818efe60c2915bd80a29cdf894e08eb2ee6211f806bbc39
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
67fc380d803d1198ba645916e73dd850945299c8d0c84127d74de78a440ef65b
77c8ca9e87e397c5ed7b0d35b8c31130f11e1ac889f9d9743cffda7ea7478cdf
7d5c13e01ea26786138bfa7f3358dcc52de2a0b8a347f30e14f5175f2f8312bc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8bb7f6d526bf5d05f88c51058128b59767fe309615d70efc053c86022f210837
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
959a45d44e6fcf58361ed004681556fe50129f2109e817dec098c00c9e5d2578
9a8736606cb15cb28c8407de41f90f2c217b4f8757d16e5daab5963ceee79eee
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
b048d78dba59f875411acc761b163b1d34f6b652773eec07e2225efed0a28ca7
d6f35d17a128e0fe3ec0c851b9981225204b8a171cb987ef356f9b7553b28623
d9565eae4701b8219852b868f42336da9bb2c9e5fc4f970e0018e9800faebd17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b6c8389bdb5e1d094d5f63200f10e126e0c224fd7748751cb5d8bd6f0c44d7