bonsempregos.site Open in urlscan Pro
2606:4700:3030::681b:901b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://compartilhandopremios.club/previdencia
Effective URL:
https://bonsempregos.site/previdencia/
Submission: On March 30 via manual (March 30th 2020, 3:38:39 pm UTC) from BR

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 10 domains to perform 30 HTTP transactions. The main IP is 2606:4700:3030::681b:901b, located in United States and belongs to CLOUDFLARENET, US. The main domain is bonsempregos.site.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 27th 2020. Valid for: 6 months.

This is the only time bonsempregos.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	2606:4700:303... 2606:4700:3032::6818:785e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 21	2606:4700:303... 2606:4700:3030::681b:901b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
30	8

3 2606:4700:3032::6818:785e (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

compartilhandopremios.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:3030::681b:901b (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

bonsempregos.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	bonsempregos.site 2 redirects bonsempregos.site	262 KB
3	compartilhandopremios.club 2 redirects compartilhandopremios.club	830 B
2	google-analytics.com www.google-analytics.com	18 KB
2	googlesyndication.com pagead2.googlesyndication.com	123 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	imgur.com i.imgur.com	46 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
1	onesignal.com cdn.onesignal.com	3 KB
0	platinium.best Failed www.platinium.best Failed
30	10

	Domain	Requested by
21	bonsempregos.site	2 redirects bonsempregos.site
3	compartilhandopremios.club	2 redirects
2	www.google-analytics.com	www.googletagmanager.com
2	pagead2.googlesyndication.com	bonsempregos.site pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	i.imgur.com	bonsempregos.site
1	www.googletagmanager.com	bonsempregos.site
1	cdn.onesignal.com	bonsempregos.site
0	www.platinium.best Failed	bonsempregos.site
30	10

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-26` - `2020-10-09`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
ssl898578.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-03-20` - `2020-09-26`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh

This page contains 1 frames:

Frame: https://www.platinium.best/?sl=4836766-b8096&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID}
Frame ID: 00D3DDE1027434047DCB4F11A449C2FF
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://compartilhandopremios.club/previdencia HTTP 301
http://compartilhandopremios.club/previdencia/ HTTP 301
https://compartilhandopremios.club/previdencia/ Page URL
https://bonsempregos.site/previdencia HTTP 301
http://bonsempregos.site/previdencia/ HTTP 301
https://bonsempregos.site/previdencia/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

30
Requests

97 %
HTTPS

86 %
IPv6

10
Domains

10
Subdomains

8
IPs

2
Countries

480 kB
Transfer

845 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://compartilhandopremios.club/previdencia HTTP 301
http://compartilhandopremios.club/previdencia/ HTTP 301
https://compartilhandopremios.club/previdencia/ Page URL
https://bonsempregos.site/previdencia HTTP 301
http://bonsempregos.site/previdencia/ HTTP 301
https://bonsempregos.site/previdencia/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://compartilhandopremios.club/previdencia HTTP 301
http://compartilhandopremios.club/previdencia/ HTTP 301
https://compartilhandopremios.club/previdencia/

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
compartilhandopremios.club/previdencia/
Redirect Chain

https://compartilhandopremios.club/previdencia
http://compartilhandopremios.club/previdencia/
https://compartilhandopremios.club/previdencia/

154 B
175 B

15ms
15ms

Document
text/html

2606:4700:3032::6818:785e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://compartilhandopremios.club/previdencia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:785e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b87127f5597d5c198e1198d375abb95a8f7420ee5718efd60e630cbf3e99fb0a

Request headers

:method: GET
:authority: compartilhandopremios.club
:scheme: https
:path: /previdencia/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dab50cfea7c3a7db93858918a79c4b1d61585582686
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Mon, 30 Mar 2020 15:38:06 GMT
content-type: text/html
last-modified: Mon, 30 Mar 2020 13:42:38 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57c2ea6e5d38324c-FRA
content-encoding: br

Redirect headers

Date: Mon, 30 Mar 2020 15:38:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 30 Mar 2020 16:38:06 GMT
Location: https://compartilhandopremios.club/previdencia/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 57c2ea6e3b5fdfc7-FRA

GET
H2

200

Primary Request / Show response
bonsempregos.site/previdencia/
Redirect Chain

https://bonsempregos.site/previdencia
http://bonsempregos.site/previdencia/
https://bonsempregos.site/previdencia/

21 KB
7 KB

28ms
28ms

Document
text/html

2606:4700:3030::681b:901b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bonsempregos.site/previdencia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:901b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba37989810e15394d7dfe9160c953f1a65b5af53ef31f03f75c7fb1a8b9a05ef

Request headers

:method: GET
:authority: bonsempregos.site
:scheme: https
:path: /previdencia/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d55a7cb03d08c6efb3bf7f8e4fb82f23e1585582687
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://compartilhandopremios.club/previdencia/

Response headers

status: 200
date: Mon, 30 Mar 2020 15:38:07 GMT
content-type: text/html
last-modified: Fri, 27 Mar 2020 20:01:47 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57c2ea765fdec2f9-FRA
content-encoding: br

Redirect headers

Date: Mon, 30 Mar 2020 15:38:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 30 Mar 2020 16:38:07 GMT
Location: https://bonsempregos.site/previdencia/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 57c2ea763af0dfc3-FRA

GET /
www.platinium.best/ 0
0

GET
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 108 KB
38 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39155
x-xss-protection: 0
server: cafe
etag: 18020887556007674622
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 30 Mar 2020 15:38:07 GMT

GET
H2 200 OneSignalSDK.js
cdn.onesignal.com/sdks/ 8 KB
3 KB 29ms
13ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 1448
etag: W/"f242ff15a186d9d5dc1c33cc46f2d4a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 57c2ea76aae5dff7-FRA
expires: Tue, 31 Mar 2020 03:38:07 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 75 KB
28 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-135653682-1

Requested by

Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28643
x-xss-protection: 0
last-modified: Mon, 30 Mar 2020 15:06:57 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Mar 2020 15:38:07 GMT

GET
H2 200 jquery-2.2.4.min.js
bonsempregos.site/previdencia/index_files/ 84 KB
29 KB 19ms
18ms Script
application/javascript 2606:4700:3030::681b:901b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bonsempregos.site/previdencia/index_files/jquery-2.2.4.min.js
Requested by: Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:901b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Mar 2020 20:01:55 GMT
server: cloudflare
age: 3390
etag: W/"5e7e5bb3-14e4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 57c2ea769865c2f9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 styles.css
bonsempregos.site/previdencia/index_files/ 8 KB
2 KB 17ms
16ms Stylesheet
text/css 2606:4700:3030::681b:901b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bonsempregos.site/previdencia/index_files/styles.css
Requested by: Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:901b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Mar 2020 20:01:59 GMT
server: cloudflare
age: 3390
etag: W/"5e7e5bb7-2121"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=315360000
cf-ray: 57c2ea769862c2f9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 customb4f3b4f3b4f3.js
bonsempregos.site/previdencia/index_files/ 4 KB
1 KB 18ms
17ms Script
application/javascript 2606:4700:3030::681b:901b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bonsempregos.site/previdencia/index_files/customb4f3b4f3b4f3.js
Requested by: Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:901b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Mar 2020 20:01:54 GMT
server: cloudflare
age: 3390
etag: W/"5e7e5bb2-11db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 57c2ea769866c2f9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20cgbEG.jpg
i.imgur.com/ 46 KB
46 KB 66ms
23ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/20cgbEG.jpg
Requested by: Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
age: 580383
x-cache: HIT, HIT
status: 200
content-length: 47013
x-served-by: cache-bwi5136-BWI, cache-fra19179-FRA
last-modified: Mon, 28 Oct 2019 13:59:46 GMT
server: cat factory 1.0
x-timer: S1585582688.856010,VS0,VE1
etag: "a25c135240921f2cd6f5e7a5080d9ec6"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 spinner.gif
bonsempregos.site/previdencia/index_files/ 55 KB
55 KB 16ms
16ms Image
image/gif 2606:4700:3030::681b:901b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonsempregos.site/previdencia/index_files/spinner.gif
Requested by: Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:901b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Mar 2020 20:01:58 GMT
server: cloudflare
age: 3390
etag: "5e7e5bb6-dc3b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 57c2ea76e98dc2f9-FRA
content-length: 56379
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comment1.jpg
bonsempregos.site/previdencia/index_files/ 3 KB
3 KB 12ms
11ms Image
image/jpeg 2606:4700:3030::681b:901b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonsempregos.site/previdencia/index_files/comment1.jpg
Requested by: Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:901b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Mar 2020 20:01:49 GMT
server: cloudflare
age: 3390
etag: "5e7e5bad-d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 57c2ea7709d7c2f9-FRA
content-length: 3418
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comment2.jpg
bonsempregos.site/previdencia/index_files/ 4 KB
4 KB 15ms
15ms Image
image/jpeg 2606:4700:3030::681b:901b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonsempregos.site/previdencia/index_files/comment2.jpg
Requested by: Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:901b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Mar 2020 20:01:50 GMT
server: cloudflare
age: 3390
etag: "5e7e5bae-f03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 57c2ea772a27c2f9-FRA
content-length: 3843
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comment3.jpg
bonsempregos.site/previdencia/index_files/ 3 KB
3 KB 13ms
13ms Image
image/jpeg 2606:4700:3030::681b:901b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonsempregos.site/previdencia/index_files/comment3.jpg
Requested by: Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:901b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Mar 2020 20:01:50 GMT
server: cloudflare
age: 3390
etag: "5e7e5bae-c31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 57c2ea773a72c2f9-FRA
content-length: 3121
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comment4.jpg
bonsempregos.site/previdencia/index_files/ 3 KB
3 KB 16ms
16ms Image
image/jpeg 2606:4700:3030::681b:901b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonsempregos.site/previdencia/index_files/comment4.jpg
Requested by: Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:901b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Mar 2020 20:01:51 GMT
server: cloudflare
age: 3390
etag: "5e7e5baf-a9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 57c2ea774ab0c2f9-FRA
content-length: 2714
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comment5.jpg
bonsempregos.site/previdencia/index_files/ 4 KB
4 KB 17ms
17ms Image
image/jpeg 2606:4700:3030::681b:901b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonsempregos.site/previdencia/index_files/comment5.jpg
Requested by: Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:901b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Mar 2020 20:01:51 GMT
server: cloudflare
age: 3390
etag: "5e7e5baf-10ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 57c2ea775ac0c2f9-FRA
content-length: 4330
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comment6.jpg
bonsempregos.site/previdencia/index_files/ 2 KB
2 KB 11ms
11ms Image
image/jpeg 2606:4700:3030::681b:901b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonsempregos.site/previdencia/index_files/comment6.jpg
Requested by: Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:901b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Mar 2020 20:01:52 GMT
server: cloudflare
age: 3390
etag: "5e7e5bb0-740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 57c2ea776aefc2f9-FRA
content-length: 1856
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comment7.jpg
bonsempregos.site/previdencia/index_files/ 5 KB
5 KB 12ms
11ms Image
image/jpeg 2606:4700:3030::681b:901b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonsempregos.site/previdencia/index_files/comment7.jpg
Requested by: Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:901b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Mar 2020 20:01:52 GMT
server: cloudflare
age: 3390
etag: "5e7e5bb0-14ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 57c2ea777afbc2f9-FRA
content-length: 5357
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comment8.jpg
bonsempregos.site/previdencia/index_files/ 3 KB
3 KB 14ms
13ms Image
image/jpeg 2606:4700:3030::681b:901b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonsempregos.site/previdencia/index_files/comment8.jpg
Requested by: Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:901b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Mar 2020 20:01:53 GMT
server: cloudflare
age: 3390
etag: "5e7e5bb1-d79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 57c2ea777b25c2f9-FRA
content-length: 3449
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comment9.jpg
bonsempregos.site/previdencia/index_files/ 4 KB
4 KB 13ms
13ms Image
image/jpeg 2606:4700:3030::681b:901b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonsempregos.site/previdencia/index_files/comment9.jpg
Requested by: Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:901b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Mar 2020 20:01:53 GMT
server: cloudflare
age: 3390
etag: "5e7e5bb1-e70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 57c2ea778b3ac2f9-FRA
content-length: 3696
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comment10.jpg
bonsempregos.site/previdencia/index_files/ 2 KB
2 KB 15ms
14ms Image
image/jpeg 2606:4700:3030::681b:901b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonsempregos.site/previdencia/index_files/comment10.jpg
Requested by: Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:901b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Mar 2020 20:01:49 GMT
server: cloudflare
age: 3390
etag: "5e7e5bad-959"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 57c2ea779b64c2f9-FRA
content-length: 2393
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comment11.jpg
bonsempregos.site/previdencia/index_files/ 6 KB
6 KB 32ms
32ms Image
image/jpeg 2606:4700:3030::681b:901b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonsempregos.site/previdencia/index_files/comment11.jpg
Requested by: Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:901b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Mar 2020 20:01:49 GMT
server: cloudflare
age: 3390
etag: "5e7e5bad-1613"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 57c2ea77ab85c2f9-FRA
content-length: 5651
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 EoZE3Gl.png
bonsempregos.site/previdencia/index_files/ 120 KB
120 KB 17ms
16ms Image
image/png 2606:4700:3030::681b:901b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonsempregos.site/previdencia/index_files/EoZE3Gl.png
Requested by: Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:901b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Mar 2020 20:01:55 GMT
server: cloudflare
age: 3390
etag: "5e7e5bb3-1e098"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 57c2ea77ab9cc2f9-FRA
content-length: 123032
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 404 iks.png
bonsempregos.site/previdencia/index_files/ 16 B
16 B 23ms
22ms Image
text/html 2606:4700:3030::681b:901b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonsempregos.site/previdencia/index_files/iks.png
Requested by: Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:901b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.4
Resource Hash

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-powered-by: PHP/7.4.4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 404
cache-control: max-age=14400
cf-ray: 57c2ea77cbe9c2f9-FRA

GET
H2 200 site-seguro.png
bonsempregos.site/previdencia/index_files/ 7 KB
7 KB 13ms
13ms Image
image/png 2606:4700:3030::681b:901b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonsempregos.site/previdencia/index_files/site-seguro.png
Requested by: Host: bonsempregos.site
URL: https://bonsempregos.site/previdencia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:901b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Mar 2020 20:01:58 GMT
server: cloudflare
age: 3390
etag: "5e7e5bb6-1b2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 57c2ea77dbebc2f9-FRA
content-length: 6959
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 integrator.js
adservice.google.de/adsid/ 109 B
171 B 17ms
17ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bonsempregos.site

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js
adservice.google.com/adsid/ 109 B
171 B 18ms
18ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bonsempregos.site

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200324/r20190131/ 225 KB
85 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200324/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 15:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 86411
x-xss-protection: 0
server: cafe
etag: 14090742720300430934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Mar 2020 15:38:07 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-135653682-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3572
date: Mon, 30 Mar 2020 14:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Mon, 30 Mar 2020 16:38:35 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 15ms
15ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=307475155&t=pageview&_s=1&dl=https%3A%2F%2Fbonsempregos.site%2Fprevidencia%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1037375070&gjid=990871337&cid=1963993615.1585582688&tid=UA-135653682-1&_gid=248914146.1585582688&_r=1&gtm=2ou3i0&z=1993343157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bonsempregos.site/previdencia/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 30 Mar 2020 15:38:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.platinium.best
URL: https://www.platinium.best/?sl=4836766-b8096&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID}

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bonsempregos.site
cdn.onesignal.com
compartilhandopremios.club
i.imgur.com
pagead2.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.platinium.best
www.platinium.best
151.101.12.193
2606:4700:3030::681b:901b
2606:4700:3032::6818:785e
2606:4700::6812:e134
2a00:1450:4001:817::200e
2a00:1450:4001:81b::2002
2a00:1450:4001:81d::2008
b87127f5597d5c198e1198d375abb95a8f7420ee5718efd60e630cbf3e99fb0a
ba37989810e15394d7dfe9160c953f1a65b5af53ef31f03f75c7fb1a8b9a05ef

bonsempregos.site Open in urlscan Pro 2606:4700:3030::681b:901b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

97 %HTTPS

86 %IPv6

10 Domains

10 Subdomains

8 IPs

2 Countries

480 kBTransfer

845 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bonsempregos.site Open in urlscan Pro
2606:4700:3030::681b:901b Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

97 %
HTTPS

86 %
IPv6

10
Domains

10
Subdomains

8
IPs

2
Countries

480 kB
Transfer

845 kB
Size

0
Cookies

30 HTTP transactions
0 data transactions