urlscan.io logo urlscan.io
SecurityTrails logo

higherincomejobs.com Open in urlscan Pro
3.83.210.27  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://supporthigherincomejobs.com/
Effective URL: https://higherincomejobs.com/404
Submission: On August 29 via automatic, source certstream-suspicious — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 2 countries across 16 domains to perform 46 HTTP transactions. The main IP is 3.83.210.27, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is higherincomejobs.com. The Cisco Umbrella rank of the primary domain is 213816.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 24th 2024. Valid for: a year.
This is the only time higherincomejobs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    162.245.236.109 (United States)

ASN27323 (SERVERSTADIUM, US)
supporthigherincomejobs.com
4    3.83.210.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-83-210-27.compute-1.amazonaws.com
higherincomejobs.com
2    2607:f8b0:4006:80f::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2607:f8b0:4006:80f::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    142.251.40.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net
www.googleadservices.com
4    2600:9000:211c:a200:1:dc01:1140:21 (United States)

ASN16509 (AMAZON-02, US)
d1mr0pnhlzkpc5.cloudfront.net
4    2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
4    142.250.65.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
securepubads.g.doubleclick.net
2    104.21.234.144 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.lr-in.com
2    31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net
connect.facebook.net
2    2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4006:806::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4006:81c::200e (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c0b::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    142.251.35.163 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f3.1e100.net
www.google.ca
1    142.250.81.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f8.1e100.net
www.googletagmanager.com
1    2600:1f13:d01:900:2841:d3f3:3f97:71f3 (Boardman, United States)

ASN16509 (AMAZON-02, US)
capi.higherincomejobs.com
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
7 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
td.doubleclick.net — Cisco Umbrella Rank: 481
533 B
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
363 KB
5 higherincomejobs.com
higherincomejobs.com — Cisco Umbrella Rank: 213816
capi.higherincomejobs.com — Cisco Umbrella Rank: 363284
19 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 534
15 KB
4 cloudfront.net
d1mr0pnhlzkpc5.cloudfront.net
276 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236 Failed
149 KB
2 lr-in.com
cdn.lr-in.com — Cisco Umbrella Rank: 52298
176 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 176
19 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 353
32 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
1 google.ca
www.google.ca — Cisco Umbrella Rank: 9677
63 B
1 google.com
analytics.google.com — Cisco Umbrella Rank: 238
1 gstatic.com
fonts.gstatic.com
19 KB
1 supporthigherincomejobs.com
supporthigherincomejobs.com
296 B
46 16
Domain Requested by
6 www.googletagmanager.com higherincomejobs.com
www.googletagmanager.com
www.google-analytics.com
4 securepubads.g.doubleclick.net www.googletagservices.com
d1mr0pnhlzkpc5.cloudfront.net
4 bat.bing.com higherincomejobs.com
bat.bing.com
4 d1mr0pnhlzkpc5.cloudfront.net higherincomejobs.com
d1mr0pnhlzkpc5.cloudfront.net
4 higherincomejobs.com d1mr0pnhlzkpc5.cloudfront.net
2 www.facebook.com higherincomejobs.com
2 stats.g.doubleclick.net www.googletagmanager.com
d1mr0pnhlzkpc5.cloudfront.net
2 www.google-analytics.com www.googletagmanager.com
d1mr0pnhlzkpc5.cloudfront.net
2 connect.facebook.net d1mr0pnhlzkpc5.cloudfront.net
connect.facebook.net
2 cdn.lr-in.com d1mr0pnhlzkpc5.cloudfront.net
2 www.googleadservices.com higherincomejobs.com
2 www.googletagservices.com higherincomejobs.com
2 fonts.googleapis.com higherincomejobs.com
1 capi.higherincomejobs.com d1mr0pnhlzkpc5.cloudfront.net
1 www.google.ca higherincomejobs.com
1 td.doubleclick.net www.googletagmanager.com
1 analytics.google.com d1mr0pnhlzkpc5.cloudfront.net
1 fonts.gstatic.com fonts.googleapis.com
1 supporthigherincomejobs.com 1 redirects
46 19

This site contains no links.

Subject Issuer Validity Valid
higherincomejobs.com
Amazon RSA 2048 M02		 2024-05-24 -
2025-06-22		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.googleadservices.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
lr-in.com
WE1		 2024-07-05 -
2024-10-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-07 -
2024-09-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.ca
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
capi.higherincomejobs.com
R11		 2024-07-09 -
2024-10-07		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://higherincomejobs.com/404
Frame ID: A491D8102EA3EDAB02FA2E5FD4150F88
Requests: 44 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-91XJ5ELN91&gacid=487859389.1724917689&gtm=45je48r0v9123573987z872637325za200zb72637325&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=171679174
Frame ID: 6623A9B9DEC6E678AFB1E35F50B9C773
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Higher Income Jobs

Page URL History Show full URLs

  1. https://supporthigherincomejobs.com/ HTTP 301
    https://higherincomejobs.com/ Page URL
  2. https://higherincomejobs.com/404 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

46
Requests

93 %
HTTPS

60 %
IPv6

16
Domains

19
Subdomains

20
IPs

2
Countries

1096 kB
Transfer

6405 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://supporthigherincomejobs.com/ HTTP 301
    https://higherincomejobs.com/ Page URL
  2. https://higherincomejobs.com/404 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://supporthigherincomejobs.com/ HTTP 301
  • https://higherincomejobs.com/

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
higherincomejobs.com/
Redirect Chain
  • https://supporthigherincomejobs.com/
  • https://higherincomejobs.com/
9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://higherincomejobs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.83.210.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-83-210-27.compute-1.amazonaws.com
Software
/
Resource Hash
4b7fc720cbb95aa41f4a080c5ab158da47d9b0a1fd251262d992d6d717a10992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=utf-8
date
Thu, 29 Aug 2024 07:48:08 GMT
pragma
no-cache

Redirect headers

Connection
Keep-Alive
Content-Length
237
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 29 Aug 2024 07:48:07 GMT
Keep-Alive
timeout=5, max=100
Location
https://higherincomejobs.com/
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
css2
fonts.googleapis.com/ 		34 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto+Slab:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Nunito+Sans:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Requested by
Host: higherincomejobs.com
URL: https://higherincomejobs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
808859f62792c7c0882b959029db50b0addbf37986643059f419d0ed535d1689
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Aug 2024 07:48:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 29 Aug 2024 07:48:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Aug 2024 07:48:08 GMT
gpt.js
www.googletagservices.com/tag/js/ 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: higherincomejobs.com
URL: https://higherincomejobs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02e8cb49901b79a19a9ab8618c35baae0db989c65cc4c97d1d7b01da3054c343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:48:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32133
x-xss-protection
0
server
cafe
etag
713 / 19964 / m202408260101 / config-hash: 10696397873877224034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 29 Aug 2024 07:48:08 GMT
js
www.googletagmanager.com/gtag/ 		242 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1026588409
Requested by
Host: higherincomejobs.com
URL: https://higherincomejobs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:48:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87602
x-xss-protection
0
last-modified
Thu, 29 Aug 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Aug 2024 07:48:08 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: higherincomejobs.com
URL: https://higherincomejobs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:48:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19785
x-xss-protection
0
server
cafe
etag
433489359376319800
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 29 Aug 2024 07:48:08 GMT
xmain.4cf1d8b6.js
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 		913 KB
272 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.4cf1d8b6.js
Requested by
Host: higherincomejobs.com
URL: https://higherincomejobs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:a200:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14f5788582344b0279738f738174d3de7c2291131e0ad16af44985bcdb46456e

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 17:29:36 GMT
x-amz-meta-cache-control
max-age=31536000
content-encoding
gzip
via
1.1 81f6e2ac3fa39dd60cef7bf9b26cb306.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
224313
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
278058
last-modified
Mon, 26 Aug 2024 17:29:32 GMT
server
AmazonS3
etag
"ed60098ccf2967d5d61a0f3ff04a2239"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Rwl4fn5VNglZJpngc2mWou-wUUMMPh-2tzD-u0V2Nune8mEx_XmBYg==
gtm.js
www.googletagmanager.com/ 		225 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P79FD5
Requested by
Host: higherincomejobs.com
URL: https://higherincomejobs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:48:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81357
x-xss-protection
0
last-modified
Thu, 29 Aug 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Aug 2024 07:48:08 GMT
bat.js
bat.bing.com/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: higherincomejobs.com
URL: https://higherincomejobs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 29 Aug 2024 07:48:08 GMT
last-modified
Sat, 13 Jul 2024 20:42:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A1E7300923004C0CBDFEE3B4511F09CB Ref B: YMQ01EDGE0814 Ref C: 2024-08-29T07:48:08Z
etag
"044982565d5da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14183
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/ 		479 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
698
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
152842
x-xss-protection
0
server
cafe
etag
9007519824101205236
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 29 Aug 2025 07:36:30 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		227 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=higherincomejobs.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:48:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103
x-xss-protection
0
expires
Thu, 29 Aug 2024 07:48:08 GMT
logger-1.min.js
cdn.lr-in.com/ 		126 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lr-in.com/logger-1.min.js
Requested by
Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.4cf1d8b6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:48:08 GMT
strict-transport-security
max-age=31556926
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-yyz4566-YYZ
last-modified
Wed, 28 Aug 2024 20:55:42 GMT
server
cloudflare
x-timer
S1724878550.113504,VS0,VE80
etag
W/"ef1a85ad7a406ad693319ab4ea1d6062bcd59cbab77933953abda29ac7b1270a-br"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W31OLpK3zJO1fg%2BVFqoJxkSmA3cCFeT%2BjWAYq4E2TRpd0ywC%2B04sBmJ%2FcL9hkktBsr8IGt49uYY1%2BZI6GgErkFsryD41C4DlCFNl7vzH%2FNJvEAjsTlHD72yzxEABKniL"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8baaefe1acf9aafe-YYZ
x-cache-hits
1
fbevents.js
connect.facebook.net/en_US/ 		0
0
events
higherincomejobs.com/api/1/ 		453 B
535 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://higherincomejobs.com/api/1/events?campaign_id=104&fei=3&fid=xO5PaT82omybx8UGjD9H&frontend_layout_id=1886&path_ranking_id=404&tsid=2136cba8bd3342b881b804da508aad24&type=DOT&uid=
Requested by
Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.4cf1d8b6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.83.210.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-83-210-27.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 29 Aug 2024 07:48:08 GMT
content-length
453
content-type
application/json; charset=UTF-8
Primary Request 404
higherincomejobs.com/ 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://higherincomejobs.com/404
Requested by
Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.4cf1d8b6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.83.210.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-83-210-27.compute-1.amazonaws.com
Software
/
Resource Hash
866887409359ec237a45ce7aeb736b82495a19b4f6431b1de888c2ca94ba666e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=utf-8
date
Thu, 29 Aug 2024 07:48:08 GMT
pragma
no-cache
27003823.js
bat.bing.com/p/action/ 		0
0
css2
fonts.googleapis.com/ 		34 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto+Slab:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Nunito+Sans:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Requested by
Host: higherincomejobs.com
URL: https://higherincomejobs.com/404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
808859f62792c7c0882b959029db50b0addbf37986643059f419d0ed535d1689
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Aug 2024 07:48:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 29 Aug 2024 07:48:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Aug 2024 07:48:08 GMT
gpt.js
www.googletagservices.com/tag/js/ 		102 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: higherincomejobs.com
URL: https://higherincomejobs.com/404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02e8cb49901b79a19a9ab8618c35baae0db989c65cc4c97d1d7b01da3054c343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:48:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32133
x-xss-protection
0
server
cafe
etag
713 / 19964 / m202408260101 / config-hash: 10696397873877224034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 29 Aug 2024 07:48:08 GMT
js
www.googletagmanager.com/gtag/ 		242 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1026588409
Requested by
Host: higherincomejobs.com
URL: https://higherincomejobs.com/404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b23de9a884e49e5d516dd4a27568c123134dd7b4db1bbe318c5eb3e049b85381
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:48:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87602
x-xss-protection
0
last-modified
Thu, 29 Aug 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Aug 2024 07:48:08 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		54 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: higherincomejobs.com
URL: https://higherincomejobs.com/404
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
9c3187cd50fdd5f1b582b5404be00291957e7e3548b9a7cad613eb7e6a15a926
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:48:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19785
x-xss-protection
0
server
cafe
etag
433489359376319800
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 29 Aug 2024 07:48:08 GMT
xmain.4cf1d8b6.js
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 		913 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.4cf1d8b6.js
Requested by
Host: higherincomejobs.com
URL: https://higherincomejobs.com/404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:a200:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14f5788582344b0279738f738174d3de7c2291131e0ad16af44985bcdb46456e

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 17:29:36 GMT
x-amz-meta-cache-control
max-age=31536000
content-encoding
gzip
via
1.1 81f6e2ac3fa39dd60cef7bf9b26cb306.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
224313
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
278058
last-modified
Mon, 26 Aug 2024 17:29:32 GMT
server
AmazonS3
etag
"ed60098ccf2967d5d61a0f3ff04a2239"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Rwl4fn5VNglZJpngc2mWou-wUUMMPh-2tzD-u0V2Nune8mEx_XmBYg==
gtm.js
www.googletagmanager.com/ 		225 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P79FD5
Requested by
Host: higherincomejobs.com
URL: https://higherincomejobs.com/404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b3d1aeffa64bfb458bb80b6945ee4d25ad1c874d43a33297e909ef2216c18f56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:48:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81357
x-xss-protection
0
last-modified
Thu, 29 Aug 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Aug 2024 07:48:08 GMT
bat.js
bat.bing.com/ 		49 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: higherincomejobs.com
URL: https://higherincomejobs.com/404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 29 Aug 2024 07:48:08 GMT
last-modified
Sat, 13 Jul 2024 20:42:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A1E7300923004C0CBDFEE3B4511F09CB Ref B: YMQ01EDGE0814 Ref C: 2024-08-29T07:48:08Z
etag
"044982565d5da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14183
logger-1.min.js
cdn.lr-in.com/ 		877 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lr-in.com/logger-1.min.js
Requested by
Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.4cf1d8b6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74f19856dc2787761ada1428e290b1c3f6af4c4d093870f9a57c76876b4e6eaa
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:48:08 GMT
strict-transport-security
max-age=31556926
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-yyz4566-YYZ
last-modified
Wed, 28 Aug 2024 20:55:42 GMT
server
cloudflare
x-timer
S1724878550.113504,VS0,VE80
etag
W/"ef1a85ad7a406ad693319ab4ea1d6062bcd59cbab77933953abda29ac7b1270a-br"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IPUGECaGJTZkzbJDdhTKgQwHxHoyl9jqJFCTZGM%2BGr879KZuy9CYln4vD6wuoE139xPiekszA3HPzLs24olFXmh7bND7FxbSPPeB4kjqvavmpk1ub0vM9TR9wKJ5OGyT"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8baaefe30d74aafe-YYZ
x-cache-hits
1
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.4cf1d8b6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 29 Aug 2024 07:48:08 GMT
document-policy
force-load-at-top
x-fb-server-load
29
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58936
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=74, mss=1232, tbw=66954, tp=63, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
X/30M0odXKpbBhev25kbvIaHXJPh3LQ1aGv9rnBcQBiEIoWQzjvRxx1NeFfL/sC2QIYLdria8E+vc2swzye6lQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
events
higherincomejobs.com/api/1/ 		453 B
535 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://higherincomejobs.com/api/1/events?campaign_id=104&fei=3&fid=xO5PaT82omybx8UGjD9H&frontend_layout_id=1886&path_ranking_id=404&tsid=9b5e6348db02413ea34306858216196c&type=DOT&uid=
Requested by
Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.4cf1d8b6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.83.210.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-83-210-27.compute-1.amazonaws.com
Software
/
Resource Hash
bf0cd09e85f6eaba1710b37aec47bddff7f8f66a64b3f7791fd5f04f71565ddb

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 29 Aug 2024 07:48:08 GMT
content-length
453
content-type
application/json; charset=UTF-8
x404.c354936e.chunk.js
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 		219 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d1mr0pnhlzkpc5.cloudfront.net/static/js/x404.c354936e.chunk.js
Requested by
Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.4cf1d8b6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:a200:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9bbd3486a559c1f520a6831d66d77bc506c8f77fe76e384325cb562399980e9f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 09 Jun 2024 15:25:26 GMT
x-amz-meta-cache-control
max-age=31536000
content-encoding
gzip
via
1.1 81f6e2ac3fa39dd60cef7bf9b26cb306.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
6970963
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
207
last-modified
Fri, 07 Jun 2024 18:32:00 GMT
server
AmazonS3
etag
"d4acaae83254c62b2fdbccd53c49eb04"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
-5xqc7VTTo9NvNLYcb7rg89d0AUnqmtkUE5q6lcRarYTKUmmwd7Teg==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/ 		479 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
083e2c896a1125c9122ae8e75e0297d77602f86508c18522d001e3448817a748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
698
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
152842
x-xss-protection
0
server
cafe
etag
9007519824101205236
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 29 Aug 2025 07:36:30 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		227 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=higherincomejobs.com
Requested by
Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.4cf1d8b6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
eda614ce65dee76b9d25bf95e78861f3476954c34669ec88d6fe9dbfe6d6a94b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:48:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103
x-xss-protection
0
expires
Thu, 29 Aug 2024 07:48:08 GMT
27003823.js
bat.bing.com/p/action/ 		334 B
377 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/27003823.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c64cddc349202defdca8bcf51d8a905d5f8810cc76f08c1e6561800f1dd5708a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Thu, 29 Aug 2024 07:48:08 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BAFCE5C25E4F45909306255EF6EF78B0 Ref B: YMQ01EDGE0814 Ref C: 2024-08-29T07:48:08Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=1800
js
www.googletagmanager.com/gtag/ 		288 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-91XJ5ELN91&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P79FD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc2b80920cce9fdd63127f737bc96839a1ea0dcf7659db60949a92defe8ca0ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:48:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100241
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 29 Aug 2024 07:48:09 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P79FD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 29 Aug 2024 07:43:35 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
274
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 29 Aug 2024 09:43:35 GMT
35789e95-ad45-45a9-ba9d-80c3b7970636
https://higherincomejobs.com/ Frame 		0
0
0
bat.bing.com/action/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=27003823&Ver=2&mid=78d51342-d406-4b2f-b3cf-813b41538be2&sid=08c4f11065db11efbef8736ba30dea05&vid=08c4ee8065db11ef8bbbfd2596134c7f&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Higher%20Income%20Jobs&p=https%3A%2F%2Fhigherincomejobs.com%2F404%3Fz%3DYnA9eiZwYXRoX3JhbmtpbmdfaWQ9NDA0JnNlcT01Mjk5NSZ0aW1lPTE3MjQ5MTc2ODg4NTEmdHNpZD05YjVlNjM0OGRiMDI0MTNlYTM0MzA2ODU4MjE2MTk2Yw&r=&lt=397&evt=pageLoad&sv=1&cdb=AQAQ&rn=2301
Requested by
Host: higherincomejobs.com
URL: https://higherincomejobs.com/404?z=YnA9eiZwYXRoX3JhbmtpbmdfaWQ9NDA0JnNlcT01Mjk5NSZ0aW1lPTE3MjQ5MTc2ODg4NTEmdHNpZD05YjVlNjM0OGRiMDI0MTNlYTM0MzA2ODU4MjE2MTk2Yw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 29 Aug 2024 07:48:08 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DAE5335230804DECB6B8DFC659994501 Ref B: YMQ01EDGE0814 Ref C: 2024-08-29T07:48:09Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto+Slab:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Nunito+Sans:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://higherincomejobs.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 20:46:30 GMT
x-content-type-options
nosniff
age
558099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Aug 2025 20:46:30 GMT
639476436215740
connect.facebook.net/signals/config/ 		296 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/639476436215740?v=2.9.166&r=stable&domain=higherincomejobs.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
f4fc1174379c96c5351f20e27200809c173a8fff5e88fea25b2f0c5a742532ab
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 29 Aug 2024 07:48:09 GMT
document-policy
force-load-at-top
x-fb-server-load
33
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=78, mss=1232, tbw=127450, tp=116, tpl=0, uplat=354, ullat=0
pragma
public
x-fb-debug
rWbzNHiAvbXBFmls60rXRHU/MviwIna+ZptXvgcWRWmFq7MT7X/jXSsc6VffmRMx/82GLqYCmnx12RulAA2nAg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-91XJ5ELN91&gtm=45je48r0v9123573987z872637325za200zb72637325&_p=1724917688765&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=487859389.1724917689&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1724917689&sct=1&seg=0&dl=https%3A%2F%2Fhigherincomejobs.com%2F404%3Fz%3DYnA9eiZwYXRoX3JhbmtpbmdfaWQ9NDA0JnNlcT01Mjk5NSZ0aW1lPTE3MjQ5MTc2ODg4NTEmdHNpZD05YjVlNjM0OGRiMDI0MTNlYTM0MzA2ODU4MjE2MTk2Yw&dt=Higher%20Income%20Jobs&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=799
Requested by
Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.4cf1d8b6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 07:48:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://higherincomejobs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-91XJ5ELN91&cid=487859389.1724917689&gtm=45je48r0v9123573987z872637325za200zb72637325&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-91XJ5ELN91&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 07:48:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://higherincomejobs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rul
td.doubleclick.net/td/ga/ Frame 6623 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-91XJ5ELN91&gacid=487859389.1724917689&gtm=45je48r0v9123573987z872637325za200zb72637325&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=171679174
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-91XJ5ELN91&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 07:48:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-91XJ5ELN91&cid=487859389.1724917689&gtm=45je48r0v9123573987z872637325za200zb72637325&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=1949138177
Requested by
Host: higherincomejobs.com
URL: https://higherincomejobs.com/404?z=YnA9eiZwYXRoX3JhbmtpbmdfaWQ9NDA0JnNlcT01Mjk5NSZ0aW1lPTE3MjQ5MTc2ODg4NTEmdHNpZD05YjVlNjM0OGRiMDI0MTNlYTM0MzA2ODU4MjE2MTk2Yw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.163 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 07:48:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=299520772&t=pageview&_s=1&dl=https%3A%2F%2Fhigherincomejobs.com%2F404%3Fz%3DYnA9eiZwYXRoX3JhbmtpbmdfaWQ9NDA0JnNlcT01Mjk5NSZ0aW1lPTE3MjQ5MTc2ODg4NTEmdHNpZD05YjVlNjM0OGRiMDI0MTNlYTM0MzA2ODU4MjE2MTk2Yw&ul=en-ca&de=UTF-8&dt=Higher%20Income%20Jobs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAABAAAAAC~&jid=1414065710&gjid=201730510&cid=487859389.1724917689&tid=UA-68956649-5&_gid=363204095.1724917689&_slc=1&gtm=45He48r0n71P79FD5v72637325za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&z=2087096517
Requested by
Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.4cf1d8b6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6634e5f3d095b1756a466564b7b722ecc40f7287ca213d4e5ad9988b741f617c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 07:48:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://higherincomejobs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-68956649-5&cid=487859389.1724917689&jid=1414065710&gjid=201730510&_gid=363204095.1724917689&_u=YCDAgAABAAAAAG~&z=607471097
Requested by
Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.4cf1d8b6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 29 Aug 2024 07:48:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://higherincomejobs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		292 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-91XJ5ELN91&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f7b9ef9c447d6b956986b60ba17fc70818e33df72d8fb01bf118915d20e660ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:48:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102031
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 29 Aug 2024 07:48:09 GMT
fdc2c8146ea7db52a3ecb7e109e4c3786f69e185bed38f90f3aebde454eaaa5c
capi.higherincomejobs.com/events/ 		19 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.higherincomejobs.com/events/fdc2c8146ea7db52a3ecb7e109e4c3786f69e185bed38f90f3aebde454eaaa5c
Requested by
Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.4cf1d8b6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f13:d01:900:2841:d3f3:3f97:71f3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8ba5bbe155ecb6f2c7841363d52038e29cd7d9ba549ef83e5d7b700a3a51dfb9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://higherincomejobs.com
date
Thu, 29 Aug 2024 07:48:09 GMT
content-encoding
gzip
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
content-length
45
vary
origin
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=639476436215740&ev=PageView&dl=https%3A%2F%2Fhigherincomejobs.com%2F404%3Fz%3DYnA9eiZwYXRoX3JhbmtpbmdfaWQ9NDA0JnNlcT01Mjk5NSZ0aW1lPTE3MjQ5MTc2ODg4NTEmdHNpZD05YjVlNjM0OGRiMDI0MTNlYTM0MzA2ODU4MjE2MTk2Yw&rl=&if=false&ts=1724917689620&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4126&fbp=fb.1.1724917689617.794909325352739492&eid=ob3_plugin-set_58fb0bff73fdfce9799813f6de4eb81431039d773b4c964a1184e86fb24d3d8b&ler=empty&cdl=API_unavailable&it=1724917689159&coo=false&rqm=GET
Requested by
Host: higherincomejobs.com
URL: https://higherincomejobs.com/404?z=YnA9eiZwYXRoX3JhbmtpbmdfaWQ9NDA0JnNlcT01Mjk5NSZ0aW1lPTE3MjQ5MTc2ODg4NTEmdHNpZD05YjVlNjM0OGRiMDI0MTNlYTM0MzA2ODU4MjE2MTk2Yw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1297, tbw=2833, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 29 Aug 2024 07:48:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=639476436215740&ev=PageView&dl=https%3A%2F%2Fhigherincomejobs.com%2F404%3Fz%3DYnA9eiZwYXRoX3JhbmtpbmdfaWQ9NDA0JnNlcT01Mjk5NSZ0aW1lPTE3MjQ5MTc2ODg4NTEmdHNpZD05YjVlNjM0OGRiMDI0MTNlYTM0MzA2ODU4MjE2MTk2Yw&rl=&if=false&ts=1724917689620&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4126&fbp=fb.1.1724917689617.794909325352739492&eid=ob3_plugin-set_58fb0bff73fdfce9799813f6de4eb81431039d773b4c964a1184e86fb24d3d8b&ler=empty&cdl=API_unavailable&it=1724917689159&coo=false&rqm=FGET
Requested by
Host: higherincomejobs.com
URL: https://higherincomejobs.com/404?z=YnA9eiZwYXRoX3JhbmtpbmdfaWQ9NDA0JnNlcT01Mjk5NSZ0aW1lPTE3MjQ5MTc2ODg4NTEmdHNpZD05YjVlNjM0OGRiMDI0MTNlYTM0MzA2ODU4MjE2MTk2Yw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Thu, 29 Aug 2024 07:48:09 GMT
document-policy
force-load-at-top
x-fb-server-load
44
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7408465064407148221", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=17, mss=1297, tbw=3151, tp=-1, tpl=-1, uplat=46, ullat=0
pragma
no-cache
x-fb-debug
MH2GD96mvMsAApdG+l7DaZ3RA+p3eCO738aFs3Hon4VE9kRJmyRKaHFLNfReDpmmCkrZvMBQM8jpi7MV8w69zg==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7408465064407148221"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
hij.ico
d1mr0pnhlzkpc5.cloudfront.net/ 		18 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d1mr0pnhlzkpc5.cloudfront.net/hij.ico?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:a200:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91105ad1c4a2d8f873227bb7f4215e05ef982b9fe1a02d62dc4f23ccf8c78cbd

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 11:22:17 GMT
x-amz-meta-cache-control
max-age=31536000
content-encoding
gzip
via
1.1 81f6e2ac3fa39dd60cef7bf9b26cb306.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
2406353
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3062
last-modified
Wed, 31 Jul 2024 21:08:34 GMT
server
AmazonS3
etag
"1e246721a12675029f3274305933fa82"
content-type
image/vnd.microsoft.icon
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
PY7S99BZOAVT86uyYAo-8ULZB0agbkTZ4xgxrKQEFG1RuPOUfhxZVA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
connect.facebook.net
URL
https://connect.facebook.net/en_US/fbevents.js
Domain
bat.bing.com
URL
https://bat.bing.com/p/action/27003823.js
Domain
higherincomejobs.com
URL
blob:https://higherincomejobs.com/35789e95-ad45-45a9-ba9d-80c3b7970636

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| layout object| dataLayer object| googletag object| uetq function| gtag object| webpackChunkui_composite object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill number| 2f1acc6c3a606b082e5eef5e54414ffb function| _lrMutationObserver function| _lr_surl_cb object| __SDKCONFIG__ object| __SENTRY__ object| context function| fbq function| _fbq object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| UET function| UET_init function| UET_push object| ueto_11f390f8cc function| GooglemKTybQhCsO function| google_trackConversion string| GoogleAnalyticsObject function| ga function| _LRLogger boolean| _lr_loaded object| google_reactive_ads_global_state object| gaGlobal object| gaplugins object| gaData

12 Cookies

Domain/Path Name / Value
.capi.higherincomejobs.com/events/fdc2c8146ea7db52a3ecb7e109e4c3786f69e185bed38f90f3aebde454eaaa5c Name: cee
Value: edWBGR73tsRSNv4%2Bf0SErgTXPxruXC8vJCAkylKMK%2F0%3D.%7B%7D
.higherincomejobs.com/ Name: hijses
Value: aEVkYlhkS2VlY0R1VHJjYmtyRmdybXBSdlNoRmJHRm4=
.higherincomejobs.com/ Name: _uetsid
Value: 08c4f11065db11efbef8736ba30dea05
.higherincomejobs.com/ Name: _uetvid
Value: 08c4ee8065db11ef8bbbfd2596134c7f
.bing.com/ Name: MUID
Value: 04297A73B0A96047230C6E99B19261E6
.bat.bing.com/ Name: MR
Value: 0
.higherincomejobs.com/ Name: _ga_91XJ5ELN91
Value: GS1.1.1724917689.1.0.1724917689.60.0.0
.higherincomejobs.com/ Name: _ga
Value: GA1.2.487859389.1724917689
.higherincomejobs.com/ Name: _gid
Value: GA1.2.363204095.1724917689
.higherincomejobs.com/ Name: _dc_gtm_UA-68956649-5
Value: 1
.higherincomejobs.com/ Name: _fbp
Value: fb.1.1724917689617.794909325352739492
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
network error URL: https://capi.higherincomejobs.com/events/fdc2c8146ea7db52a3ecb7e109e4c3786f69e185bed38f90f3aebde454eaaa5c
Message:
Failed to load resource: the server responded with a status of 422 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
bat.bing.com
capi.higherincomejobs.com
cdn.lr-in.com
connect.facebook.net
d1mr0pnhlzkpc5.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
higherincomejobs.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
supporthigherincomejobs.com
td.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
bat.bing.com
connect.facebook.net
higherincomejobs.com
104.21.234.144
142.250.65.226
142.250.81.232
142.251.35.163
142.251.40.98
162.245.236.109
2600:1f13:d01:900:2841:d3f3:3f97:71f3
2600:9000:211c:a200:1:dc01:1140:21
2607:f8b0:4004:c0b::9d
2607:f8b0:4006:806::2003
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::2008
2607:f8b0:4006:80f::200a
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81e::2002
2607:f8b0:4006:824::200e
2620:1ec:33:1::10
2a03:2880:f112:182:face:b00c:0:25de
3.83.210.27
31.13.71.7
02e8cb49901b79a19a9ab8618c35baae0db989c65cc4c97d1d7b01da3054c343
083e2c896a1125c9122ae8e75e0297d77602f86508c18522d001e3448817a748
14f5788582344b0279738f738174d3de7c2291131e0ad16af44985bcdb46456e
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
4b7fc720cbb95aa41f4a080c5ab158da47d9b0a1fd251262d992d6d717a10992
6634e5f3d095b1756a466564b7b722ecc40f7287ca213d4e5ad9988b741f617c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74f19856dc2787761ada1428e290b1c3f6af4c4d093870f9a57c76876b4e6eaa
808859f62792c7c0882b959029db50b0addbf37986643059f419d0ed535d1689
866887409359ec237a45ce7aeb736b82495a19b4f6431b1de888c2ca94ba666e
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8ba5bbe155ecb6f2c7841363d52038e29cd7d9ba549ef83e5d7b700a3a51dfb9
91105ad1c4a2d8f873227bb7f4215e05ef982b9fe1a02d62dc4f23ccf8c78cbd
9bbd3486a559c1f520a6831d66d77bc506c8f77fe76e384325cb562399980e9f
9c3187cd50fdd5f1b582b5404be00291957e7e3548b9a7cad613eb7e6a15a926
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
b23de9a884e49e5d516dd4a27568c123134dd7b4db1bbe318c5eb3e049b85381
b3d1aeffa64bfb458bb80b6945ee4d25ad1c874d43a33297e909ef2216c18f56
bf0cd09e85f6eaba1710b37aec47bddff7f8f66a64b3f7791fd5f04f71565ddb
c64cddc349202defdca8bcf51d8a905d5f8810cc76f08c1e6561800f1dd5708a
cc2b80920cce9fdd63127f737bc96839a1ea0dcf7659db60949a92defe8ca0ef
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eda614ce65dee76b9d25bf95e78861f3476954c34669ec88d6fe9dbfe6d6a94b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4fc1174379c96c5351f20e27200809c173a8fff5e88fea25b2f0c5a742532ab
f7b9ef9c447d6b956986b60ba17fc70818e33df72d8fb01bf118915d20e660ca