content-moderation15.higherincomejobs.com Open in urlscan Pro
54.234.58.86 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://secure-tracking.clck2trck.com/SH4j
Effective URL:
https://content-moderation15.higherincomejobs.com/continue?cid=2644&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s%3D&ckfw=cmFrQ1hWampqb21Zd2lJV...
Submission: On October 15 via manual (October 15th 2024, 4:34:38 pm UTC) from IN — Scanned from US

Summary HTTP 107 Redirects Behaviour Indicators

Summary

This website contacted 39 IPs in 3 countries across 28 domains to perform 107 HTTP transactions. The main IP is 54.234.58.86, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is content-moderation15.higherincomejobs.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 24th 2024. Valid for: a year.

This is the only time content-moderation15.higherincomejobs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.209.98.139 44.209.98.139	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.41.218.136 52.41.218.136	16509 (AMAZON-02) (AMAZON-02)
2 2	44.219.73.243 44.219.73.243	14618 (AMAZON-AES) (AMAZON-AES)
1 13	54.234.58.86 54.234.58.86	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81f::2008	15169 (GOOGLE) (GOOGLE)
1	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
32	2600:9000:211... 2600:9000:211c:ce00:1:dc01:1140:21	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
1	104.21.234.145 104.21.234.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	31.13.80.12 31.13.80.12	32934 (FACEBOOK) (FACEBOOK)
3	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:27b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.164.124.11 18.164.124.11	16509 (AMAZON-02) (AMAZON-02)
1 3	108.138.106.60 108.138.106.60	16509 (AMAZON-02) (AMAZON-02)
1	13.226.34.70 13.226.34.70	16509 (AMAZON-02) (AMAZON-02)
2	3.84.63.60 3.84.63.60	14618 (AMAZON-AES) (AMAZON-AES)
2	142.251.40.131 142.251.40.131	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c19::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
7	98.83.69.223 98.83.69.223	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:24f... 2600:9000:24f1:800:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.173.132.75 18.173.132.75	16509 (AMAZON-02) (AMAZON-02)
2 2	98.83.183.61 98.83.183.61	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:ed:... 2600:1f18:ed:550f:e84c:d74f:90af:3244	14618 (AMAZON-AES) (AMAZON-AES)
1	142.251.41.8 142.251.41.8	15169 (GOOGLE) (GOOGLE)
1	3.83.198.13 3.83.198.13	14618 (AMAZON-AES) (AMAZON-AES)
1	108.139.47.63 108.139.47.63	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f13:d01... 2600:1f13:d01:902:207d:8d0c:8bbb:cbcd	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f10... 2a03:2880:f10e:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	3.168.96.193 3.168.96.193	16509 (AMAZON-02) (AMAZON-02)
1	199.38.167.130 199.38.167.130	54312 (ROCKETFUEL) (ROCKETFUEL)
2	52.207.9.238 52.207.9.238	14618 (AMAZON-AES) (AMAZON-AES)
1	18.208.35.132 18.208.35.132	14618 (AMAZON-AES) (AMAZON-AES)
1	18.164.124.56 18.164.124.56	16509 (AMAZON-02) (AMAZON-02)
2	44.207.172.140 44.207.172.140	14618 (AMAZON-AES) (AMAZON-AES)
1	3.218.77.133 3.218.77.133	14618 (AMAZON-AES) (AMAZON-AES)
3	34.207.37.41 34.207.37.41	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.65.238 142.250.65.238	15169 (GOOGLE) (GOOGLE)
107	39

1 44.209.98.139 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-98-139.compute-1.amazonaws.com

secure-tracking.clck2trck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.41.218.136 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-218-136.us-west-2.compute.amazonaws.com

global.clicktrackurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.219.73.243 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-219-73-243.compute-1.amazonaws.com

rdr.apptrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.apptrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 54.234.58.86 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-58-86.compute-1.amazonaws.com

www.higherincomejobs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content-moderation15.higherincomejobs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.32.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2600:9000:211c:ce00:1:dc01:1140:21 (United States)

ASN16509 (AMAZON-02, US)

d1mr0pnhlzkpc5.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.234.145 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.lr-in.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.80.12 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-yyz1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:27b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.124.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-11.jfk50.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.106.60 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-60.jfk50.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-70.ewr53.r.cloudfront.net

plugin-cdn.alphaintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.84.63.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-84-63-60.compute-1.amazonaws.com

api.tnapplications.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.131 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c19::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 98.83.69.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-83-69-223.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f1:800:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.132.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-75.jfk52.r.cloudfront.net

cdn.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.83.183.61 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-83-183-61.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550f:e84c:d74f:90af:3244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.41.8 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.83.198.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-83-198-13.compute-1.amazonaws.com

telemetry.partners.prod.minionplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.47.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-63.jfk50.r.cloudfront.net

cdn.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f13:d01:902:207d:8d0c:8bbb:cbcd (Boardman, United States)

ASN16509 (AMAZON-02, US)

capi.higherincomejobs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f10e:83:face:b00c:0:25de (Toronto, Canada)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.168.96.193 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-96-193.jfk52.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)

20838041p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.207.9.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-9-238.compute-1.amazonaws.com

people.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.208.35.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-35-132.compute-1.amazonaws.com

events.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.124.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-56.jfk50.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.207.172.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-172-140.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.218.77.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-77-133.compute-1.amazonaws.com

fpc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.207.37.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-207-37-41.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.238 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	cloudfront.net d1mr0pnhlzkpc5.cloudfront.net d2m2wsoho8qq12.cloudfront.net Failed	857 KB
14	higherincomejobs.com 1 redirects www.higherincomejobs.com — Cisco Umbrella Rank: 366079 content-moderation15.higherincomejobs.com capi.higherincomejobs.com — Cisco Umbrella Rank: 402991	151 KB
9	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 9642 cdn.pushnami.com — Cisco Umbrella Rank: 16416 psp.pushnami.com — Cisco Umbrella Rank: 22665 fpc.pushnami.com — Cisco Umbrella Rank: 239653 trc.pushnami.com — Cisco Umbrella Rank: 10338	80 KB
7	leadid.com create.leadid.com — Cisco Umbrella Rank: 14045	4 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net — Cisco Umbrella Rank: 192	150 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	5 KB
4	boomtrain.com cdn.boomtrain.com — Cisco Umbrella Rank: 4633 people.api.boomtrain.com — Cisco Umbrella Rank: 4990 events.api.boomtrain.com — Cisco Umbrella Rank: 7044	31 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	375 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 554 i6.liadm.com — Cisco Umbrella Rank: 3445	2 KB
3	rezync.com 1 redirects live.rezync.com — Cisco Umbrella Rank: 1167	9 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 348	15 KB
2	gstatic.com fonts.gstatic.com	36 KB
2	tnapplications.com api.tnapplications.com — Cisco Umbrella Rank: 53926	15 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	150 KB
2	apptrck.com 2 redirects rdr.apptrck.com — Cisco Umbrella Rank: 272440 x.apptrck.com — Cisco Umbrella Rank: 277174	1 KB
1	rfihub.com 20838041p.rfihub.com — Cisco Umbrella Rank: 305719
1	minionplatform.com telemetry.partners.prod.minionplatform.com — Cisco Umbrella Rank: 114820	107 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 4780	6 KB
1	google.com analytics.google.com — Cisco Umbrella Rank: 147
1	alphaintent.com plugin-cdn.alphaintent.com — Cisco Umbrella Rank: 287800	1 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 22294	38 KB
1	lr-in.com cdn.lr-in.com — Cisco Umbrella Rank: 28021	175 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 89	20 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 307	33 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
1	clicktrackurl.com 1 redirects global.clicktrackurl.com — Cisco Umbrella Rank: 281561	339 B
1	clck2trck.com 1 redirects secure-tracking.clck2trck.com	2 KB
107	28

	Domain	Requested by
32	d1mr0pnhlzkpc5.cloudfront.net	content-moderation15.higherincomejobs.com d1mr0pnhlzkpc5.cloudfront.net
12	content-moderation15.higherincomejobs.com	d1mr0pnhlzkpc5.cloudfront.net
7	create.leadid.com	d1mr0pnhlzkpc5.cloudfront.net
4	www.facebook.com	content-moderation15.higherincomejobs.com
4	www.google-analytics.com	www.googletagmanager.com d1mr0pnhlzkpc5.cloudfront.net content-moderation15.higherincomejobs.com
4	www.googletagmanager.com	content-moderation15.higherincomejobs.com www.googletagmanager.com www.google-analytics.com
3	trc.pushnami.com	d1mr0pnhlzkpc5.cloudfront.net
3	live.rezync.com	1 redirects d1mr0pnhlzkpc5.cloudfront.net content-moderation15.higherincomejobs.com
3	bat.bing.com	content-moderation15.higherincomejobs.com bat.bing.com
2	psp.pushnami.com	d1mr0pnhlzkpc5.cloudfront.net
2	people.api.boomtrain.com	d1mr0pnhlzkpc5.cloudfront.net
2	i.liadm.com	2 redirects
2	stats.g.doubleclick.net	www.googletagmanager.com d1mr0pnhlzkpc5.cloudfront.net
2	fonts.gstatic.com	fonts.googleapis.com
2	api.tnapplications.com	d1mr0pnhlzkpc5.cloudfront.net
2	api.pushnami.com	d1mr0pnhlzkpc5.cloudfront.net api.pushnami.com
2	connect.facebook.net	d1mr0pnhlzkpc5.cloudfront.net connect.facebook.net
2	securepubads.g.doubleclick.net	www.googletagservices.com
1	fpc.pushnami.com	d1mr0pnhlzkpc5.cloudfront.net
1	events.api.boomtrain.com	d1mr0pnhlzkpc5.cloudfront.net
1	20838041p.rfihub.com	c1.rfihub.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	capi.higherincomejobs.com	d1mr0pnhlzkpc5.cloudfront.net
1	cdn.pushnami.com	api.pushnami.com
1	telemetry.partners.prod.minionplatform.com	api.tnapplications.com
1	i6.liadm.com	content-moderation15.higherincomejobs.com
1	cdn.boomtrain.com	content-moderation15.higherincomejobs.com
1	c1.rfihub.net	content-moderation15.higherincomejobs.com
1	td.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	d1mr0pnhlzkpc5.cloudfront.net
1	plugin-cdn.alphaintent.com	d1mr0pnhlzkpc5.cloudfront.net
1	create.lidstatic.com	d1mr0pnhlzkpc5.cloudfront.net
1	cdn.lr-in.com	d1mr0pnhlzkpc5.cloudfront.net
1	www.googleadservices.com	content-moderation15.higherincomejobs.com
1	www.googletagservices.com	content-moderation15.higherincomejobs.com
1	fonts.googleapis.com	content-moderation15.higherincomejobs.com
1	www.higherincomejobs.com	1 redirects
1	x.apptrck.com	1 redirects
1	rdr.apptrck.com	1 redirects
1	global.clicktrackurl.com	1 redirects
1	secure-tracking.clck2trck.com	1 redirects
107	41

This site contains no links.

Subject Issuer	Validity	Valid
higherincomejobs.com Amazon RSA 2048 M02	`2024-05-24` - `2025-06-22`	a year	crt.sh
upload.video.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.googleadservices.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
lr-in.com WE1	`2024-09-02` - `2024-12-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-24` - `2024-10-22`	3 months	crt.sh
lidstatic.com E6	`2024-09-20` - `2024-12-19`	3 months	crt.sh
*.pushnami.com Amazon RSA 2048 M02	`2024-02-03` - `2025-03-03`	a year	crt.sh
*.rezync.com Amazon RSA 2048 M03	`2024-09-23` - `2025-10-20`	a year	crt.sh
*.alphaintent.com Amazon RSA 2048 M02	`2024-07-21` - `2025-08-19`	a year	crt.sh
api.tnapplications.com R10	`2024-10-14` - `2025-01-12`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
create.leadid.com Amazon RSA 2048 M03	`2024-07-20` - `2025-08-18`	a year	crt.sh
*.rfihub.net Amazon RSA 2048 M03	`2024-09-30` - `2025-10-29`	a year	crt.sh
*.boomtrain.com Amazon RSA 2048 M02	`2024-01-10` - `2025-02-07`	a year	crt.sh
telemetry.partners.prod.minionplatform.com R11	`2024-10-13` - `2025-01-11`	3 months	crt.sh
capi.higherincomejobs.com R11	`2024-09-07` - `2024-12-06`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2024-04-08` - `2025-04-27`	a year	crt.sh
*.api.boomtrain.com Amazon RSA 2048 M02	`2024-08-16` - `2025-09-13`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://content-moderation15.higherincomejobs.com/continue?cid=2644&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s%3D&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s%3D&q=content+moderation&request_id=670e9992662f4&s1=227805&s2=982&s3=102be141051f766b6b8c767fa66ab1&s4=&s5=&tsid=963478d1fa0c43b7b46e383672e84251
Frame ID: 35E783B045BE88FD7D5EFD032041539C
Requests: 99 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-91XJ5ELN91&gacid=673236929.1729010070&gtm=45je4a90v9123573987z872637325za200zb72637325&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685&z=733006569
Frame ID: 9087BBE8EB9E396A527B4968FB8665AD
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=040F245C-41AD-F23C-E44F-B4681486C4AB&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.1&lck=0D8C5854-10CA-BA75-C372-81F59192CAEC&lac=EA6AAB64-8359-877C-0967-8318B8082814
Frame ID: D7584332B9B7932EDD786BC8DBC75DA4
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=4FFB5904-AF5E-C39E-3A83-60C572AD5E4C&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.1&lck=0D8C5854-10CA-BA75-C372-81F59192CAEC&lac=EA6AAB64-8359-877C-0967-8318B8082814
Frame ID: C764AC783D0777C3969EA5E8D8846C89
Requests: 1 HTTP requests in this frame

Frame: https://20838041p.rfihub.com/ca.html?ver=9&rb=45712&ca=20838041&_o=45712&_t=20838041&source=higherincomejobs&keywords=Content%20Moderation&location=90012&organization=&login=26cbf1ac-bbc5-4cb9-b34a-f22de1be4cd9&userid=52ccddb6-cd3c-4227-a1b0-ff01abaae986%3A1729010069.726768&pe=https%3A%2F%2Fcontent-moderation15.higherincomejobs.com%2Fcontinue%3Fz%3DOTYzNDc4ZDFmYTBjNDNiN2I0NmUzODM2NzJlODQyNTElM0Fqb3JuYXlhUmVpbml0PXRydWUmYnA9eiZjaWQ9MjY0NCZja2Z3PWNtRnJRMWhXYW1wcWIyMVpkMmxKVmtSM1NFRlNZMloyWjBGalNWcE5TMHMlM0QmY3VycmVudF9wYWdlPXBhbl9kc3BfZXhtbF9hcGlfcHJpX2IlM0FkNzE3NzQwMTczMDFiNGI5NTg3YTUzOTU1NTQ4NWJiOSZmaWQ9eE85RzB5VkpoM0Z0MXNueEpIcWwmam9iX2NvdW50JTNBY29udGVudG1vZGVyYXRpb249MjM5MyZqb3JuYXlhX3NhdmVyX2tleT1lZHVfam9ybmF5YV90b2tlbiZvX3V1aWR2ND1vX2NiYjE2YWVmZDJiMjRiN2Y4ZDZmZDYzZGQzNzU0ZjUzJnBhdGhfcmFua2luZ19pZD00MjA4JnByaWxhbmQ9MCZxdGhlbWU9Q29udGVudCUyME1vZGVyYXRpb24mcmVxdWVzdF9pZD02NzBlOTk5MjY2MmY0JnMxPTIyNzgwNSZzMj05ODImczM9MTAyYmUxNDEwNTFmNzY2YjZiOGM3NjdmYTY2YWIxJnM0PSZzNT0mc2VxPTkyMTgzJnN2cHJlPXRydWUmdGltZT0xNzI5MDEwMDY5OTE0JnRzaWQ9OTYzNDc4ZDFmYTBjNDNiN2I0NmUzODM2NzJlODQyNTEmdWlkPTI2Y2JmMWFjLWJiYzUtNGNiOS1iMzRhLWYyMmRlMWJlNGNkOQ&pf=&ra=5303507776005112
Frame ID: AD88BC8FE94D3B6F53395A73F4FCB471
Requests: 1 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 2521C547C5E3D152E9494143B13E4DDA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Higher Income Jobs

Page URL History Show full URLs

http://secure-tracking.clck2trck.com/SH4j HTTP 307
https://secure-tracking.clck2trck.com/SH4j HTTP 302
https://global.clicktrackurl.com/?c=2644&cid=2644&source=content%20moderation&s1=227805&s3=102be141051f766b6b... HTTP 302
https://rdr.apptrck.com/ep?cid=2644&q=content+moderation&request_id=670e9992662f4&s1=227805&s2=982&s... HTTP 302
https://x.apptrck.com/ep2?cid=2644&q=content+moderation&request_id=670e9992662f4&s1=227805&s2=982&... HTTP 302
https://www.higherincomejobs.com/continue?cid=2644&q=content+moderation&request_id=670e9992662f4&s1=227805&s2... HTTP 301
https://content-moderation15.higherincomejobs.com/continue?cid=2644&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s%3D&ckfw=c... Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

Page Statistics

107
Requests

97 %
HTTPS

33 %
IPv6

28
Domains

41
Subdomains

39
IPs

3
Countries

2175 kB
Transfer

5814 kB
Size

49
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://secure-tracking.clck2trck.com/SH4j HTTP 307
https://secure-tracking.clck2trck.com/SH4j HTTP 302
https://global.clicktrackurl.com/?c=2644&cid=2644&source=content%20moderation&s1=227805&s3=102be141051f766b6b8c767fa66ab1&s2=982 HTTP 302
https://rdr.apptrck.com/ep?cid=2644&q=content+moderation&request_id=670e9992662f4&s1=227805&s2=982&s3=102be141051f766b6b8c767fa66ab1&s4=&s5= HTTP 302
https://x.apptrck.com/ep2?cid=2644&q=content+moderation&request_id=670e9992662f4&s1=227805&s2=982&s3=102be141051f766b6b8c767fa66ab1&s4=&s5=&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s= HTTP 302
https://www.higherincomejobs.com/continue?cid=2644&q=content+moderation&request_id=670e9992662f4&s1=227805&s2=982&s3=102be141051f766b6b8c767fa66ab1&s4=&s5=&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s=&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s= HTTP 301
https://content-moderation15.higherincomejobs.com/continue?cid=2644&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s%3D&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s%3D&q=content+moderation&request_id=670e9992662f4&s1=227805&s2=982&s3=102be141051f766b6b8c767fa66ab1&s4=&s5=&tsid=963478d1fa0c43b7b46e383672e84251 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&k=lionly&cache_buster=1729010069832 HTTP 302
https://i.liadm.com/s/64581?bidder_id=200442&bidder_uuid=52ccddb6-cd3c-4227-a1b0-ff01abaae986%3A1729010069.726768&_=1729010069.9323962 HTTP 303
https://i.liadm.com/s/64581?bidder_id=200442&bidder_uuid=52ccddb6-cd3c-4227-a1b0-ff01abaae986:1729010069.726768&_=1729010069.9323962&_li_chk=true&previous_uuid=1b246e63c3c745c8b38888c197581acf HTTP 303
https://i6.liadm.com/s/64581?bidder_id=200442&bidder_uuid=52ccddb6-cd3c-4227-a1b0-ff01abaae986:1729010069.726768&_=1729010069.9323962

107 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request continue Show response
content-moderation15.higherincomejobs.com/
Redirect Chain

http://secure-tracking.clck2trck.com/SH4j
https://secure-tracking.clck2trck.com/SH4j
https://global.clicktrackurl.com/?c=2644&cid=2644&source=content%20moderation&s1=227805&s3=102be141051f766b6b8c767fa66ab1&s2=982
https://rdr.apptrck.com/ep?cid=2644&q=content+moderation&request_id=670e9992662f4&s1=227805&s2=982&s3=102be141051f766b6b8c767fa66ab1&s4=&s5=
https://x.apptrck.com/ep2?cid=2644&q=content+moderation&request_id=670e9992662f4&s1=227805&s2=982&s3=102be141051f766b6b8c767fa66ab1&s4=&s5=&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s=
https://www.higherincomejobs.com/continue?cid=2644&q=content+moderation&request_id=670e9992662f4&s1=227805&s2=982&s3=102be141051f766b6b8c767fa66ab1&s4=&s5=&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0Fj...
https://content-moderation15.higherincomejobs.com/continue?cid=2644&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s%3D&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s%3D&q=content+moderation&requ...

73 KB
74 KB

221ms
205ms

Document
text/html

54.234.58.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content-moderation15.higherincomejobs.com/continue?cid=2644&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s%3D&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s%3D&q=content+moderation&request_id=670e9992662f4&s1=227805&s2=982&s3=102be141051f766b6b8c767fa66ab1&s4=&s5=&tsid=963478d1fa0c43b7b46e383672e84251
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.234.58.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-58-86.compute-1.amazonaws.com
Software: /
Resource Hash: afb434269dc377b3737e4af82f3f61170895eb1b7944d50bcfa10bf1423f2256

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=utf-8
date: Tue, 15 Oct 2024 16:34:27 GMT
pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 389
content-type: text/html; charset=utf-8
date: Tue, 15 Oct 2024 16:34:27 GMT
location: https://content-moderation15.higherincomejobs.com/continue?cid=2644&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s%3D&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s%3D&q=content+moderation&request_id=670e9992662f4&s1=227805&s2=982&s3=102be141051f766b6b8c767fa66ab1&s4=&s5=&tsid=963478d1fa0c43b7b46e383672e84251
pragma: no-cache

GET
H2 200 css2
fonts.googleapis.com/ 34 KB
2 KB 451ms
166ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto+Slab:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Nunito+Sans:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Requested by

Host: content-moderation15.higherincomejobs.com
URL: https://content-moderation15.higherincomejobs.com/continue?cid=2644&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s%3D&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s%3D&q=content+moderation&request_id=670e9992662f4&s1=227805&s2=982&s3=102be141051f766b6b8c767fa66ab1&s4=&s5=&tsid=963478d1fa0c43b7b46e383672e84251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

808859f62792c7c0882b959029db50b0addbf37986643059f419d0ed535d1689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 15 Oct 2024 16:34:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 16:34:28 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 15 Oct 2024 16:34:28 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 104 KB
33 KB 526ms
233ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

065e1b300b9413c7263fa38d6610f105e93cde3eee1324fb4f6388e7b5522a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 955 / 20011 / m202410100101 / config-hash: 14137312326677500497
x-content-type-options: nosniff
expires: Tue, 15 Oct 2024 16:34:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 15 Oct 2024 16:34:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 32924
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
89 KB 454ms
171ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1026588409

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21acad604e3bfeb9b69eb8a12247f489ea71ed7d0abf5a1f92d81b857ebdffef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 15 Oct 2024 16:34:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 16:34:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 15 Oct 2024 16:11:09 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90200
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 56 KB
20 KB 386ms
229ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

a45a89a6c73aed50bd56b6d31374f39778c1006d883c0de36a79e2111659a050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 11723272464307787475
x-content-type-options: nosniff
expires: Tue, 15 Oct 2024 16:34:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 15 Oct 2024 16:34:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 20722
x-xss-protection: 0
server: cafe

GET
H2 200 xmain.828b609e.js Show response
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 915 KB
273 KB 464ms
151ms Script
application/javascript 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Requested by: Host: content-moderation15.higherincomejobs.com
URL: https://content-moderation15.higherincomejobs.com/continue?cid=2644&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s%3D&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s%3D&q=content+moderation&request_id=670e9992662f4&s1=227805&s2=982&s3=102be141051f766b6b8c767fa66ab1&s4=&s5=&tsid=963478d1fa0c43b7b46e383672e84251
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a560a6c09b84eaf06c0d214cceeaf19d914c31e76b6cea75e3b0de8ee1f9f7cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "2329d20cd6f6dbb121904799281f4bd5"
age: 90674
x-cache: Hit from cloudfront
x-amz-cf-id: SMORKVjq4AtjoBKKUQ5K09tz4fTczz16B-4MPWdv2EZIYmpe3ViKzg==
date: Mon, 14 Oct 2024 15:23:15 GMT
content-type: application/javascript
last-modified: Mon, 14 Oct 2024 15:23:11 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 278549
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 233 KB
83 KB 646ms
363ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P79FD5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad8f4a00316a8558f67aa16a212a79a8ac8a58a6965cab24de30a61983069c47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 15 Oct 2024 16:34:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 16:34:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 15 Oct 2024 16:11:09 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 84210
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 333ms
104ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c3be590171c0375d497714a608a5c4cd4e90e124e1c0cff1807cd8adb156e64b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "01973e1111cdb1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 363C66C0A3E14C95B56CB8B7EE8BF236 Ref B: LAX311000108007 Ref C: 2024-10-15T16:34:28Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14538
date: Tue, 15 Oct 2024 16:34:27 GMT
content-type: application/javascript
last-modified: Fri, 11 Oct 2024 19:15:06 GMT
vary: Accept-Encoding

GET
H2 200 27003823.js Show response
bat.bing.com/p/action/ 371 B
418 B 104ms
103ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27003823.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0e0c8cedb72a7e5a3080203509132486e267e5d1b0c5c6eae78ac16f7928ff01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2006A868DE04494EBB85211948365D85 Ref B: LAX311000108007 Ref C: 2024-10-15T16:34:28Z
x-cache: CONFIG_NOCACHE
date: Tue, 15 Oct 2024 16:34:27 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/ 481 KB
149 KB 416ms
139ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

f98d5fca3c93eb8086952c200e59dc21fc7b2ad893b5680cec00f4b7f2a38215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 3420270987438694644
age: 1127
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 16:15:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 15 Oct 2024 16:15:42 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 152663
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 252 B
147 B 496ms
221ms XHR
application/json 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=content-moderation15.higherincomejobs.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

1104d251ebe92b59be960e20190e6a62cdf7ee9f4297750867d2f7009dec1efb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 15 Oct 2024 16:34:29 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 122
date: Tue, 15 Oct 2024 16:34:29 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 logger-1.min.js Show response
cdn.lr-in.com/ 854 KB
175 KB 199ms
89ms Script
text/javascript 104.21.234.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-in.com/logger-1.min.js

Requested by

Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.145 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bfcdf3cfdc7b8e9094130b000e23336b8b6a37a445809ebf9ad70e9bc1012a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1187f56a9b8cc55fdbbc35c5221b2b95a45bba9cd1211369559c0b8c2f6ce3e6-br"
age: 171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oum1NJOT2lqHHB398Ep8iYOH1C1%2FlTpu%2FgS8L1bRGSQbs1ynSRvpkOtLajZ3bHjYC9w3VNz3DgrobFcepsqxB3tAq4j7POs%2FAlJd6Fdybt8d4tTHojpdmYc2GhNEE2uk"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: MISS
server-timing: cfExtPri
date: Tue, 15 Oct 2024 16:34:29 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 15 Oct 2024 15:14:52 GMT
x-served-by: cache-sjc1000085-SJC
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding
strict-transport-security: max-age=31556926
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729005389.079092,VS0,VE92
cross-origin-resource-policy: cross-origin
cf-ray: 8d313784bf8eab83-SJC-PIG
access-control-allow-origin: *
server: cloudflare

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 227 KB
58 KB 275ms
132ms Script
application/x-javascript 31.13.80.12
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-yyz1.fbcdn.net

Software

Resource Hash

91aff3588efba0074124bbd204b45de0da882a853f29a1d73f7ec132291c5651

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 15 Oct 2024 16:34:29 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=129, rtx=0, c=24, mss=1232, tbw=8180, tp=13, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: rvHQQXP3/7E23zR5ufSzWZkoqy8A/XSUx+i6UOmDVgjYcspOP6yA524CydAUFj3NgedBuONLHLbtiF/c8vFYxQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59352
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 events Show response
content-moderation15.higherincomejobs.com/api/1/ 492 B
574 B 142ms
141ms Fetch
application/json 54.234.58.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content-moderation15.higherincomejobs.com/api/1/events?campaign_id=104&fei=3&fid=xO9G0yVJh3Ft1snxJHql&frontend_layout_id=1886&path_ranking_id=4208&tsid=963478d1fa0c43b7b46e383672e84251&type=DOT&uid=26cbf1ac-bbc5-4cb9-b34a-f22de1be4cd9
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.234.58.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-58-86.compute-1.amazonaws.com
Software: /
Resource Hash: cc12aa32760c7faeb0e9a4fdde62861c7f308be0f53370e917a2695da17d82ee

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

date: Tue, 15 Oct 2024 16:34:29 GMT
content-type: application/json; charset=UTF-8
content-length: 492

GET
H2 200 x4007.8c6a657f.chunk.js Show response
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 62 KB
19 KB 139ms
138ms Script
application/javascript 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/x4007.8c6a657f.chunk.js
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0de5cfa787277d47b0b9cc3db70ead2c4ed29b05b4cf9b7b397c4193b2aff122

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "fd9513936d5572097f4d1d2fd75174fa"
age: 1575035
x-cache: Hit from cloudfront
x-amz-cf-id: V3yQGeaGJg2InrLJNitdJojLPL0V-jrSts2vbtIR4g4icFJfHIHAjQ==
date: Fri, 27 Sep 2024 11:03:55 GMT
content-type: application/javascript
last-modified: Wed, 25 Sep 2024 18:55:53 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 18850
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 x2613.4ee4e908.chunk.js Show response
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 4 KB
2 KB 140ms
139ms Script
application/javascript 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/x2613.4ee4e908.chunk.js
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: abe175831281f4de4d3d86c8be4dbfcc72d847243cbf626722e144081908e40b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "ba652354a0c00d032b77492be08cec25"
age: 1269962
x-cache: Hit from cloudfront
x-amz-cf-id: WGXLHvMqQdnTtvvUWRamYhy6y3LuS0ONfuWdKwCJ_1l9rAsowbx4kw==
date: Mon, 30 Sep 2024 23:48:28 GMT
content-type: application/javascript
last-modified: Mon, 30 Sep 2024 21:25:22 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 1777
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 x1905.202445b7.chunk.js Show response
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 21 KB
8 KB 142ms
142ms Script
application/javascript 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/x1905.202445b7.chunk.js
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79d3210a6b0f9c35d57ca7c21f9211f6da6cc9445dbe7e469ac6810606ae30d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "0ce6552ae791586f1397a97d740c85b9"
age: 1842730
x-cache: Hit from cloudfront
x-amz-cf-id: 9pAZIekqyOrbSeQsOG-kbN5niF--3r-Qwtmo-H4STkA62PzXF338lQ==
date: Tue, 24 Sep 2024 08:42:20 GMT
content-type: application/javascript
last-modified: Tue, 24 Sep 2024 04:11:33 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 7408
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 x9603.38fd060c.chunk.js Show response
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 19 KB
8 KB 145ms
145ms Script
application/javascript 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/x9603.38fd060c.chunk.js
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c35e956d1ae6c3bc7eec4618b3141f6502328d6f070190a5eba6d24d7ec689ec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "3467e86f1a3ef6210041acaf67386165"
age: 1575035
x-cache: Hit from cloudfront
x-amz-cf-id: 4sfNi-X4Bkow3kO4cfPPHrUvae4SedYLwEzX2SefntvQlH9I6RI1-w==
date: Fri, 27 Sep 2024 11:03:55 GMT
content-type: application/javascript
last-modified: Wed, 25 Sep 2024 18:55:54 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 7508
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 x1474.229a26d7.chunk.js Show response
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 26 KB
9 KB 146ms
146ms Script
application/javascript 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/x1474.229a26d7.chunk.js
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1494faf50051c89248f10bf85c9128d8ea3366ef18ceb4a50fbf8803628709e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "0acd2474b312d8962dc04247d22e709d"
age: 436844
x-cache: Hit from cloudfront
x-amz-cf-id: X-8cTlLdvtX0cF3b20Lq9jkPoLZUxI8mVwKLyV0JVUruAJkt3OJwMA==
date: Thu, 10 Oct 2024 15:13:46 GMT
content-type: application/javascript
last-modified: Thu, 10 Oct 2024 15:13:41 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 8326
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 xojp.afbc5a0f.chunk.js Show response
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 80 KB
24 KB 149ms
149ms Script
application/javascript 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xojp.afbc5a0f.chunk.js
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 630e1f9afa37c28c38cd07af567ee062c109e0c20b1f494af8624771636e36de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "292bf91c04befe8695873af2c113acbb"
age: 503990
x-cache: Hit from cloudfront
x-amz-cf-id: UzaSn6shQdGTNDX6KZbU3foe1l4KCvQXwPVs8BSor0YzaTlMLc1N2Q==
date: Wed, 09 Oct 2024 20:34:40 GMT
content-type: application/javascript
last-modified: Wed, 09 Oct 2024 20:34:36 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 23750
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 204 0
bat.bing.com/action/ 0
360 B 104ms
103ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27003823&Ver=2&mid=f9e3b8bf-6994-4021-ba9c-b15e785eb240&bo=1&sid=5960e6808b1311efa010456b55ba5fc6&vid=59613f608b1311efb8286f1e0463f4d2&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Higher%20Income%20Jobs&p=https%3A%2F%2Fcontent-moderation15.higherincomejobs.com%2Fcontinue%3Fz%3DYnA9eiZjaWQ9MjY0NCZja2Z3PWNtRnJRMWhXYW1wcWIyMVpkMmxKVmtSM1NFRlNZMloyWjBGalNWcE5TMHMlM0QmcGF0aF9yYW5raW5nX2lkPTQyMDgmcXRoZW1lPUNvbnRlbnQlMjBNb2RlcmF0aW9uJnJlcXVlc3RfaWQ9NjcwZTk5OTI2NjJmNCZzMT0yMjc4MDUmczI9OTgyJnMzPTEwMmJlMTQxMDUxZjc2NmI2YjhjNzY3ZmE2NmFiMSZzND0mczU9JnRpbWU9MTcyOTAxMDA2OTEzNiZ0c2lkPTk2MzQ3OGQxZmEwYzQzYjdiNDZlMzgzNjcyZTg0MjUx&r=&lt=3510&evt=pageLoad&sv=1&cdb=AQAQ&rn=884200

Requested by

Host: content-moderation15.higherincomejobs.com
URL: https://content-moderation15.higherincomejobs.com/continue?z=YnA9eiZjaWQ9MjY0NCZja2Z3PWNtRnJRMWhXYW1wcWIyMVpkMmxKVmtSM1NFRlNZMloyWjBGalNWcE5TMHMlM0QmcGF0aF9yYW5raW5nX2lkPTQyMDgmcXRoZW1lPUNvbnRlbnQlMjBNb2RlcmF0aW9uJnJlcXVlc3RfaWQ9NjcwZTk5OTI2NjJmNCZzMT0yMjc4MDUmczI9OTgyJnMzPTEwMmJlMTQxMDUxZjc2NmI2YjhjNzY3ZmE2NmFiMSZzND0mczU9JnRpbWU9MTcyOTAxMDA2OTEzNiZ0c2lkPTk2MzQ3OGQxZmEwYzQzYjdiNDZlMzgzNjcyZTg0MjUx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D80C2BEAC665432E80F4B2C8A09E3EDC Ref B: LAX311000108007 Ref C: 2024-10-15T16:34:29Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 15 Oct 2024 16:34:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
101 KB 178ms
177ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-91XJ5ELN91&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P79FD5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

174fb1c44b65908f398c40f693a6bc6f7aa09ffe194d1b346dab5a4a63fd0519

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 15 Oct 2024 16:34:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 16:34:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 103133
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 443ms
137ms Script
text/javascript 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P79FD5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 1705
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Tue, 15 Oct 2024 18:06:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 16:06:04 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

POST
H2 200 events Show response
content-moderation15.higherincomejobs.com/api/1/ 545 B
627 B 143ms
142ms Fetch
application/json 54.234.58.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content-moderation15.higherincomejobs.com/api/1/events?campaign_id=104&fei=3&fid=xO9G0yVJh3Ft1snxJHql&frontend_layout_id=1886&path_ranking_id=4208&tsid=963478d1fa0c43b7b46e383672e84251&type=LOADER&uid=26cbf1ac-bbc5-4cb9-b34a-f22de1be4cd9
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.234.58.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-58-86.compute-1.amazonaws.com
Software: /
Resource Hash: fb13b7f187c5278d7eedb6c6276658bfab1cb842cd4b1413d449613589babf30

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

date: Tue, 15 Oct 2024 16:34:29 GMT
content-type: application/json; charset=UTF-8
content-length: 545

GET
H2 200 0d8c5854-10ca-ba75-c372-81f59192caec.js Show response
create.lidstatic.com/campaign/ 118 KB
38 KB 283ms
84ms Script
text/javascript 2606:4700:10::6816:27b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/0d8c5854-10ca-ba75-c372-81f59192caec.js?snippet_version=2
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xojp.afbc5a0f.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b84ff59b63bcd83e7351e86483576ac9024194433c63be01dc7e1f4b62ce0003

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"3a7d44b4e0784fcd8053e90a15389208"
x-amz-version-id: S9bvgdlL2wV4TDWwAO0Gw6VxiTyAXNVE
age: 1428
date: Tue, 15 Oct 2024 16:34:29 GMT
content-type: text/javascript
last-modified: Thu, 10 Oct 2024 22:14:28 GMT
vary: Accept-Encoding
x-amz-id-2: DCDf1Kk+NWHV4+YjTOg12rwwsXL8orTj/sdRSL8S/U4gSjr0i2MYQ8+WBBk/nMHt1SNG+ijFq1FR9Hj1aIR8VQ==
x-amz-replication-status: COMPLETED
cache-control: max-age=1800
x-amz-request-id: VVS0XQDV3GGWB87Y
cf-ray: 8d313786bdd47c47-LAX
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 588fa6a3531cdb655ae73531 Show response
api.pushnami.com/scripts/v1/push/ 268 KB
65 KB 462ms
155ms Script
application/javascript 18.164.124.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/push/588fa6a3531cdb655ae73531
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/x1474.229a26d7.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-11.jfk50.r.cloudfront.net
Software: /
Resource Hash: 424590b75dbcb2db545171be28d569b249db105a6a460a76cb6197c4593164c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache
content-encoding: gzip
age: 208
via: 1.1 d07915e7a5c22513f7a2f462a7421cce.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 70LanVDzwj9kYxrfjSbVxAfxB0eAuFkuBttIoU7Rd_XLLuPGZSuotA==
date: Tue, 15 Oct 2024 16:31:01 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
x-amz-cf-pop: JFK50-P7

GET
H2 200 sync Show response
live.rezync.com/ 4 KB
5 KB 506ms
201ms Script
text/javascript 108.138.106.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&k=apptness-pixel-5518&p=ee3320b0fbabe90975c7d1023a605ea6&zmpID=higherincomejobs&custom1=higherincomejobs&custom2=Content%20Moderation&custom3=90012&custom4=&custom5=26cbf1ac-bbc5-4cb9-b34a-f22de1be4cd9&cache_buster=1729010069323
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/x1474.229a26d7.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-60.jfk50.r.cloudfront.net
Software: lighttpd/1.4.69 /
Resource Hash: 1411b5a02ed9abef22ee35a6aa823ab06bcc162564436ed10bc14fc4bc08fefa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

via: 1.1 84eb14fd35e56c52f969c1decfba148c.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 4119
x-amz-cf-id: _sgFTCRrcMA71KomXcKwJq6asuHhjs1vUaX6qlPB6VrAAaAiAiIDTw==
date: Tue, 15 Oct 2024 16:34:29 GMT
content-type: text/javascript
vary: Cookie
server: lighttpd/1.4.69
x-amz-cf-pop: JFK50-P3

POST
H2 200 events Show response
content-moderation15.higherincomejobs.com/api/1/ 532 B
614 B 154ms
130ms Fetch
application/json 54.234.58.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content-moderation15.higherincomejobs.com/api/1/events?campaign_id=104&fei=3&fid=xO9G0yVJh3Ft1snxJHql&frontend_layout_id=1886&path_ranking_id=4208&tsid=963478d1fa0c43b7b46e383672e84251&type=DOT&uid=26cbf1ac-bbc5-4cb9-b34a-f22de1be4cd9
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.234.58.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-58-86.compute-1.amazonaws.com
Software: /
Resource Hash: 08e44977542550325027cdc871a4be84fc3fefa9c88e8bdbea3da67c206ed821

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

date: Tue, 15 Oct 2024 16:34:29 GMT
content-type: application/json; charset=UTF-8
content-length: 532

GET
H2 200 external-plugin-handler.js Show response
plugin-cdn.alphaintent.com/ 2 KB
1 KB 439ms
135ms Script
text/javascript 13.226.34.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugin-cdn.alphaintent.com/external-plugin-handler.js
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xojp.afbc5a0f.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-70.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddc26e444dda9c7c21789755cb7bf00990d3f1299fbec94ce999e29be6a6ed2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-amz-cf-pop: EWR53-C2
content-encoding: br
etag: W/"865f868db5d247323f1474ae768c7e14"
age: 22553
via: 1.1 c5b9a0c64a4bfd127a52280a230003d2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: sAlUSuEUV5XbP-AXl7eMSAdJt3QXmC7ovPG3-ty9nSCCEKlyTkMlMg==
date: Tue, 15 Oct 2024 10:18:37 GMT
content-type: text/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Tue, 15 Oct 2024 10:13:45 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 flow-container.css
api.tnapplications.com/assets/6f06b77a-78a0-4399-9a7b-b18909b4b907/ 1 KB
1 KB 562ms
258ms Stylesheet
text/css 3.84.63.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tnapplications.com/assets/6f06b77a-78a0-4399-9a7b-b18909b4b907/flow-container.css

Requested by

Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xojp.afbc5a0f.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.84.63.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-84-63-60.compute-1.amazonaws.com

Software

Resource Hash

f2076a4682a514378b685990322026d78220fe75e367f4d35083ee8880d0ff7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-store
content-length: 1064
date: Tue, 15 Oct 2024 16:34:29 GMT
content-type: text/css;charset=UTF-8
content-disposition: attachment; filename=flow-container.css; filename*=UTF-8''flow-container.css

GET
H2 200 flow-container.js Show response
api.tnapplications.com/assets/6f06b77a-78a0-4399-9a7b-b18909b4b907/ 13 KB
13 KB 433ms
130ms Script
text/javascript 3.84.63.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tnapplications.com/assets/6f06b77a-78a0-4399-9a7b-b18909b4b907/flow-container.js

Requested by

Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xojp.afbc5a0f.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.84.63.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-84-63-60.compute-1.amazonaws.com

Software

Resource Hash

aed3bb1b0d043b3b17e8cb226b76e02f8d59dc97ad603febc3f63558fc7de54a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://content-moderation15.higherincomejobs.com/continue?z=YnA9eiZjaWQ9MjY0NCZja2Z3PWNtRnJRMWhXYW1wcWIyMVpkMmxKVmtSM1NFRlNZMloyWjBGalNWcE5TMHMlM0QmcGF0aF9yYW5raW5nX2lkPTQyMDgmcXRoZW1lPUNvbnRlbnQlMjBNb2RlcmF0aW9uJnJlcXVlc3RfaWQ9NjcwZTk5OTI2NjJmNCZzMT0yMjc4MDUmczI9OTgyJnMzPTEwMmJlMTQxMDUxZjc2NmI2YjhjNzY3ZmE2NmFiMSZzND0mczU9JnRpbWU9MTcyOTAxMDA2OTEzNiZ0c2lkPTk2MzQ3OGQxZmEwYzQzYjdiNDZlMzgzNjcyZTg0MjUx

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-store
content-length: 13475
date: Tue, 15 Oct 2024 16:34:29 GMT
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename=flow-container.js; filename*=UTF-8''flow-container.js

GET
H2 200 xop.c085b2f3.chunk.js Show response
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 589 B
835 B 138ms
135ms Script
application/javascript 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xop.c085b2f3.chunk.js
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d014c5bd52944d057aa7ed671f845e8b51b31c7dd995ee894cd743392cbc0ec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "a71ca1740bd2f23b2c2f85b1e1712f01"
age: 1269961
x-cache: Hit from cloudfront
x-amz-cf-id: TcKHXHZr--xygM_4O57ozCOqa0xp9tIqXafL609buS-gUIdLVbcHHQ==
date: Mon, 30 Sep 2024 23:48:29 GMT
content-type: application/javascript
last-modified: Mon, 30 Sep 2024 21:25:24 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 408
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 hij-header-light.ec1d64fc.png
d1mr0pnhlzkpc5.cloudfront.net/static/media/ 3 KB
4 KB 137ms
133ms Image
image/png 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/media/hij-header-light.ec1d64fc.png
Requested by: Host: content-moderation15.higherincomejobs.com
URL: https://content-moderation15.higherincomejobs.com/continue?z=YnA9eiZjaWQ9MjY0NCZja2Z3PWNtRnJRMWhXYW1wcWIyMVpkMmxKVmtSM1NFRlNZMloyWjBGalNWcE5TMHMlM0QmcGF0aF9yYW5raW5nX2lkPTQyMDgmcXRoZW1lPUNvbnRlbnQlMjBNb2RlcmF0aW9uJnJlcXVlc3RfaWQ9NjcwZTk5OTI2NjJmNCZzMT0yMjc4MDUmczI9OTgyJnMzPTEwMmJlMTQxMDUxZjc2NmI2YjhjNzY3ZmE2NmFiMSZzND0mczU9JnRpbWU9MTcyOTAxMDA2OTEzNiZ0c2lkPTk2MzQ3OGQxZmEwYzQzYjdiNDZlMzgzNjcyZTg0MjUx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96f6cb68d1e3c236ca11ef3d0432df6d836a7d9be3c96d41c6d920f65d485791

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "9699f08c152ef74c8cd10476b9137a03"
age: 1574956
x-cache: Hit from cloudfront
x-amz-cf-id: vZz3_ux9NyH9YLgn40xOwZ0luFw742jL_NfnYNJQR3hzDYEcumCIqA==
date: Fri, 27 Sep 2024 11:05:14 GMT
content-type: image/png
last-modified: Wed, 25 Sep 2024 18:55:56 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 3183
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 sync
live.rezync.com/ 3 KB
3 KB 687ms
204ms Image
text/javascript 108.138.106.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&k=apptness-pixel-5518&p=ee3320b0fbabe90975c7d1023a605ea6&zmpID=higherincomejobs&custom1=higherincomejobs&custom2=Content%20Moderation&custom3=90012&custom4=&custom5=26cbf1ac-bbc5-4cb9-b34a-f22de1be4cd9&cache_buster=1729010069323
Requested by: Host: content-moderation15.higherincomejobs.com
URL: https://content-moderation15.higherincomejobs.com/continue?z=YnA9eiZjaWQ9MjY0NCZja2Z3PWNtRnJRMWhXYW1wcWIyMVpkMmxKVmtSM1NFRlNZMloyWjBGalNWcE5TMHMlM0QmcGF0aF9yYW5raW5nX2lkPTQyMDgmcXRoZW1lPUNvbnRlbnQlMjBNb2RlcmF0aW9uJnJlcXVlc3RfaWQ9NjcwZTk5OTI2NjJmNCZzMT0yMjc4MDUmczI9OTgyJnMzPTEwMmJlMTQxMDUxZjc2NmI2YjhjNzY3ZmE2NmFiMSZzND0mczU9JnRpbWU9MTcyOTAxMDA2OTEzNiZ0c2lkPTk2MzQ3OGQxZmEwYzQzYjdiNDZlMzgzNjcyZTg0MjUx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-60.jfk50.r.cloudfront.net
Software: lighttpd/1.4.69 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://content-moderation15.higherincomejobs.com/

Response headers

via: 1.1 84eb14fd35e56c52f969c1decfba148c.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 3422
x-amz-cf-id: ajbvtqhElHuC_TRGA6qaFVPN07Bi3WrCuGRgFAvOrELLFChEiYsWew==
date: Tue, 15 Oct 2024 16:34:29 GMT
content-type: text/javascript
vary: Cookie
server: lighttpd/1.4.69
x-amz-cf-pop: JFK50-P3

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 317ms
146ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto+Slab:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Nunito+Sans:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://content-moderation15.higherincomejobs.com
Referer: https://fonts.googleapis.com/

Response headers

age: 598001
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 18:27:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 18:27:48 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 308ms
137ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://content-moderation15.higherincomejobs.com
Referer: https://fonts.googleapis.com/

Response headers

age: 560031
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 09 Oct 2025 05:00:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 05:00:38 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H2 200 x4085.591dac64.chunk.js Show response
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 9 KB
4 KB 142ms
141ms Script
application/javascript 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/x4085.591dac64.chunk.js
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8993e27d5892ca18b31db8da478ac4a223407e7debffcbeffd2db50d8c1b3e25

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "a9a77ede1f40dab4e9b1ee268ebf85f9"
age: 1285661
x-cache: Hit from cloudfront
x-amz-cf-id: yN6tR1adP2nvzeUiykGCfo3SUaqgfVlJUbltfPIEHj2rtKY-8Ldi7g==
date: Mon, 30 Sep 2024 19:26:49 GMT
content-type: application/javascript
last-modified: Mon, 30 Sep 2024 17:43:49 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 3662
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 x1287.5b508199.chunk.js Show response
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 8 KB
3 KB 142ms
141ms Script
application/javascript 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/x1287.5b508199.chunk.js
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 492ce983716b504d4e93b5d21ab56b8d1f331978999ebe38b54dd27be0105944

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "638d4d0a66ec017dccf492a1af17b905"
age: 1840312
x-cache: Hit from cloudfront
x-amz-cf-id: FBXy58BfloVA4u5_1lO843l_cyUMG1LIKio3kaCRM6g_JLDX5g0DOw==
date: Tue, 24 Sep 2024 09:22:38 GMT
content-type: application/javascript
last-modified: Tue, 24 Sep 2024 04:11:32 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 2903
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 x7813.5ca54604.chunk.js Show response
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 14 KB
5 KB 142ms
141ms Script
application/javascript 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/x7813.5ca54604.chunk.js
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2cba06da7fe7ee47591d46d8bfd2dfda415e9cea09aa33a901f027d381430a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "52608d8156396ecc6259a485248e501d"
age: 436844
x-cache: Hit from cloudfront
x-amz-cf-id: lNXDOPb-qSqxTlDUuo0jLvcq6fzpLNV_xdkPN1gXxVZWN_JbKogC9A==
date: Thu, 10 Oct 2024 15:13:46 GMT
content-type: application/javascript
last-modified: Thu, 10 Oct 2024 15:13:41 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 5162
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 x4290.eebb28e2.chunk.js Show response
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 32 KB
9 KB 143ms
142ms Script
application/javascript 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/x4290.eebb28e2.chunk.js
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25d58741c9756f82bc774208b736656b97fcb0d6e7ee3b6ca08428bbca8db99c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "1bf0d45cfe4a788b59f32e9a016de482"
age: 345647
x-cache: Hit from cloudfront
x-amz-cf-id: D3R1aZWsT19K0uuICgV5AcUVudoo_WrkJa0oOvoahhUZAMHJ4o0pNA==
date: Fri, 11 Oct 2024 16:33:43 GMT
content-type: application/javascript
last-modified: Fri, 11 Oct 2024 16:33:33 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 8725
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 xcop.90966c7d.chunk.js Show response
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 20 KB
7 KB 145ms
145ms Script
application/javascript 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xcop.90966c7d.chunk.js
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6863b10a903ae2b61a2be4ca8c3858e5b790baae8242b20c12a72b1efcdeaa1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "a7ccbedca747b845503d5fe1799482fc"
age: 346196
x-cache: Hit from cloudfront
x-amz-cf-id: Px8e0XLqMjspAitMj_WOlBvNroN8XCwXl-_SHM7cDXCJh3cSOmWbDA==
date: Fri, 11 Oct 2024 16:24:34 GMT
content-type: application/javascript
last-modified: Fri, 11 Oct 2024 16:20:20 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 6422
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 204 collect
analytics.google.com/g/ 0
0 439ms
154ms Fetch
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-91XJ5ELN91&gtm=45je4a90v9123573987z872637325za200zb72637325&_p=1729010068328&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685&cid=673236929.1729010070&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1729010069&sct=1&seg=0&dl=https%3A%2F%2Fcontent-moderation15.higherincomejobs.com%2Fcontinue%3Fz%3DYnA9eiZjaWQ9MjY0NCZja2Z3PWNtRnJRMWhXYW1wcWIyMVpkMmxKVmtSM1NFRlNZMloyWjBGalNWcE5TMHMlM0QmcGF0aF9yYW5raW5nX2lkPTQyMDgmcXRoZW1lPUNvbnRlbnQlMjBNb2RlcmF0aW9uJnJlcXVlc3RfaWQ9NjcwZTk5OTI2NjJmNCZzMT0yMjc4MDUmczI9OTgyJnMzPTEwMmJlMTQxMDUxZjc2NmI2YjhjNzY3ZmE2NmFiMSZzND0mczU9JnRpbWU9MTcyOTAxMDA2OTEzNiZ0c2lkPTk2MzQ3OGQxZmEwYzQzYjdiNDZlMzgzNjcyZTg0MjUx&dt=Higher%20Income%20Jobs&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3859
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://content-moderation15.higherincomejobs.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 16:34:29 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 413ms
143ms Ping
text/plain 2607:f8b0:4004:c19::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-91XJ5ELN91&cid=673236929.1729010070&gtm=45je4a90v9123573987z872637325za200zb72637325&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101686685
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-91XJ5ELN91&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://content-moderation15.higherincomejobs.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 16:34:29 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 9087 0
0 451ms
173ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-91XJ5ELN91&gacid=673236929.1729010070&gtm=45je4a90v9123573987z872637325za200zb72637325&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685&z=733006569

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-91XJ5ELN91&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Oct 2024 16:34:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 639476436215740 Show response
connect.facebook.net/signals/config/ 298 KB
92 KB 352ms
352ms Script
application/x-javascript 31.13.80.12
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/639476436215740?v=2.9.171&r=stable&domain=content-moderation15.higherincomejobs.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-yyz1.fbcdn.net

Software

Resource Hash

2acb0a904076126d6fba794c196909aa4576bc2640f0556c330aec13271c37de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 15 Oct 2024 16:34:29 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=130, rtx=0, c=77, mss=1232, tbw=71400, tp=70, tpl=0, uplat=221, ullat=0
pragma: public
x-fb-debug: voOnAN6bT+ghi70CK0UgqZR5ARwA9cgkUG4YcNmUKzrJ9WNjn6xsIwdqcls356ImKn00SSpIPrvjxstPjqwOug==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 events Show response
content-moderation15.higherincomejobs.com/api/1/ 71 KB
71 KB 307ms
305ms Fetch
application/json 54.234.58.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content-moderation15.higherincomejobs.com/api/1/events?campaign_id=104&fei=3&fid=xO9G0yVJh3Ft1snxJHql&frontend_layout_id=1886&path_ranking_id=4208&tsid=963478d1fa0c43b7b46e383672e84251&type=CUSTOMER&uid=26cbf1ac-bbc5-4cb9-b34a-f22de1be4cd9
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.234.58.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-58-86.compute-1.amazonaws.com
Software: /
Resource Hash: ed8371749d588fd1d79b2fb2bc47f747fefff7b31d473d198973e5bdbbbef357

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

date: Tue, 15 Oct 2024 16:34:29 GMT
content-type: application/json; charset=UTF-8

GET 432b7706-1545-4883-a2b9-ea0d9fb2f297
https://content-moderation15.higherincomejobs.com/ Frame 0
0

POST
H2 200 GenerateToken Show response
create.leadid.com/2.15.1/ 36 B
660 B 454ms
185ms XHR
text/plain 98.83.69.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.1/GenerateToken?msn=1&pid=da43e82d-b649-4d77-9306-3f73c2ce2b65&_=504179645

Requested by

Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

98.83.69.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-98-83-69-223.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2e4f4b5e28eb5c480453a9d0da56e8e362ad131d03c1d9f6df75a42f922248e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Tue, 15 Oct 2024 16:34:30 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
451 B 153ms
152ms XHR
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1905032378&t=pageview&_s=1&dl=https%3A%2F%2Fcontent-moderation15.higherincomejobs.com%2Fcontinue%3Fz%3DYnA9eiZjaWQ9MjY0NCZja2Z3PWNtRnJRMWhXYW1wcWIyMVpkMmxKVmtSM1NFRlNZMloyWjBGalNWcE5TMHMlM0QmcGF0aF9yYW5raW5nX2lkPTQyMDgmcXRoZW1lPUNvbnRlbnQlMjBNb2RlcmF0aW9uJnJlcXVlc3RfaWQ9NjcwZTk5OTI2NjJmNCZzMT0yMjc4MDUmczI9OTgyJnMzPTEwMmJlMTQxMDUxZjc2NmI2YjhjNzY3ZmE2NmFiMSZzND0mczU9JnRpbWU9MTcyOTAxMDA2OTEzNiZ0c2lkPTk2MzQ3OGQxZmEwYzQzYjdiNDZlMzgzNjcyZTg0MjUx&ul=en-us&de=UTF-8&dt=Higher%20Income%20Jobs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAABAAAAAC~&jid=465870504&gjid=507219394&cid=673236929.1729010070&tid=UA-68956649-5&_gid=286830791.1729010070&_slc=1&gtm=45He4a90n71P79FD5v72637325za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685&z=1537947482

Requested by

Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6634e5f3d095b1756a466564b7b722ecc40f7287ca213d4e5ad9988b741f617c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 16:34:29 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://content-moderation15.higherincomejobs.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
663 B 210ms
142ms XHR
text/plain 2607:f8b0:4004:c19::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-68956649-5&cid=673236929.1729010070&jid=465870504&gjid=507219394&_gid=286830791.1729010070&_u=YCDAgAABAAAAAG~&z=1249818014

Requested by

Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 16:34:29 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin: https://content-moderation15.higherincomejobs.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 442ms
136ms Script
application/x-javascript 2600:9000:24f1:800:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: content-moderation15.higherincomejobs.com
URL: https://content-moderation15.higherincomejobs.com/continue?cid=2644&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s%3D&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s%3D&q=content+moderation&request_id=670e9992662f4&s1=227805&s2=982&s3=102be141051f766b6b8c767fa66ab1&s4=&s5=&tsid=963478d1fa0c43b7b46e383672e84251
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:800:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-amz-cf-id: bgxMuFlaGIePDdFXftZ8C3Kprw0MF4C-mQC-cz3xSKTr8sNFcuMQ1g==
cache-control: public, max-age=3600
content-encoding: gzip
age: 3103
via: 1.1 aca1d51e5686fc1a0d5fa390744b2014.cloudfront.net (CloudFront)
expires: Tue, 15 Oct 2024 16:42:47 GMT
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 6162
date: Tue, 15 Oct 2024 15:42:47 GMT
content-type: application/x-javascript
last-modified: Tue, 15 Oct 2024 15:42:37 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: JFK50-P4

GET
H/1.1 200
OK p13n.min.js Show response
cdn.boomtrain.com/p13n/higherincomejobs/ 94 KB
30 KB 446ms
150ms Script
application/javascript 18.173.132.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.boomtrain.com/p13n/higherincomejobs/p13n.min.js
Requested by: Host: content-moderation15.higherincomejobs.com
URL: https://content-moderation15.higherincomejobs.com/continue?cid=2644&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s%3D&ckfw=cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s%3D&q=content+moderation&request_id=670e9992662f4&s1=227805&s2=982&s3=102be141051f766b6b8c767fa66ab1&s4=&s5=&tsid=963478d1fa0c43b7b46e383672e84251
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-75.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f629b212b22a491f381e89a27fd489b73531624d589844109e1c5658a738b02

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Encoding: gzip
ETag: W/"1304cf21b0b0b0555bd98c5744a28d43"
x-amz-version-id: 03udX1dQ1ovcgv2FxDdO6jDJcnI2Yb9P
Age: 119
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: LngIA0C5E-Yqkb7LdP87KAmeeOxSoq1X2Lo0LrSdEX_nP8ZQ0ucnhA==
Date: Tue, 15 Oct 2024 16:32:32 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Tue, 15 Oct 2024 08:43:46 GMT
Transfer-Encoding: chunked
Cache-Control: public, max-age=3600
Connection: keep-alive
Via: 1.1 e70925a92da0404e239c3620389c3dd0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK52-P2
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1

200
OK

64581
i6.liadm.com/s/
Redirect Chain

https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&k=lionly&cache_buster=1729010069832
https://i.liadm.com/s/64581?bidder_id=200442&bidder_uuid=52ccddb6-cd3c-4227-a1b0-ff01abaae986%3A1729010069.726768&_=1729010069.9323962
https://i.liadm.com/s/64581?bidder_id=200442&bidder_uuid=52ccddb6-cd3c-4227-a1b0-ff01abaae986:1729010069.726768&_=1729010069.9323962&_li_chk=true&previous_uuid=1b246e63c3c745c8b38888c197581acf
https://i6.liadm.com/s/64581?bidder_id=200442&bidder_uuid=52ccddb6-cd3c-4227-a1b0-ff01abaae986:1729010069.726768&_=1729010069.9323962

43 B
576 B

542ms
132ms

Image
image/gif

2600:1f18:ed:550f:e84c:d74f:90af:3244
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/64581?bidder_id=200442&bidder_uuid=52ccddb6-cd3c-4227-a1b0-ff01abaae986:1729010069.726768&_=1729010069.9323962

Requested by

Host: content-moderation15.higherincomejobs.com
URL: https://content-moderation15.higherincomejobs.com/continue?z=OTYzNDc4ZDFmYTBjNDNiN2I0NmUzODM2NzJlODQyNTElM0Fqb3JuYXlhUmVpbml0PXRydWUmYnA9eiZjaWQ9MjY0NCZja2Z3PWNtRnJRMWhXYW1wcWIyMVpkMmxKVmtSM1NFRlNZMloyWjBGalNWcE5TMHMlM0QmY3VycmVudF9wYWdlPXBhbl9kc3BfZXhtbF9hcGlfcHJpX2IlM0FkNzE3NzQwMTczMDFiNGI5NTg3YTUzOTU1NTQ4NWJiOSZmaWQ9eE85RzB5VkpoM0Z0MXNueEpIcWwmam9iX2NvdW50JTNBY29udGVudG1vZGVyYXRpb249MjM5MyZqb3JuYXlhX3NhdmVyX2tleT1lZHVfam9ybmF5YV90b2tlbiZvX3V1aWR2ND1vX2NiYjE2YWVmZDJiMjRiN2Y4ZDZmZDYzZGQzNzU0ZjUzJnBhdGhfcmFua2luZ19pZD00MjA4JnByaWxhbmQ9MCZxdGhlbWU9Q29udGVudCUyME1vZGVyYXRpb24mcmVxdWVzdF9pZD02NzBlOTk5MjY2MmY0JnMxPTIyNzgwNSZzMj05ODImczM9MTAyYmUxNDEwNTFmNzY2YjZiOGM3NjdmYTY2YWIxJnM0PSZzNT0mc2VxPTkyMTgzJnN2cHJlPXRydWUmdGltZT0xNzI5MDEwMDY5OTE0JnRzaWQ9OTYzNDc4ZDFmYTBjNDNiN2I0NmUzODM2NzJlODQyNTEmdWlkPTI2Y2JmMWFjLWJiYzUtNGNiOS1iMzRhLWYyMmRlMWJlNGNkOQ

Protocol

HTTP/1.1

Server

2600:1f18:ed:550f:e84c:d74f:90af:3244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: no-store
trace-id: e2f66ed81ce2f3af
Request-Time: 0
Connection: keep-alive
Content-Length: 43
Date: Tue, 15 Oct 2024 16:34:31 GMT
Content-Type: image/gif

Redirect headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Location: https://i6.liadm.com/s/64581?bidder_id=200442&bidder_uuid=52ccddb6-cd3c-4227-a1b0-ff01abaae986:1729010069.726768&_=1729010069.9323962
Content-Length: 0
Date: Tue, 15 Oct 2024 16:34:30 GMT
trace-id: 15f3b10c0b96293e
Request-Time: 1
Connection: keep-alive

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 301 KB
103 KB 176ms
175ms Script
application/javascript 142.251.41.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-91XJ5ELN91&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.8 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

524f7012ea7217df051e8042ff00723fa9e9d07d96153d33127343aed829a89e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 15 Oct 2024 16:34:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 16:34:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105087
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 collect
telemetry.partners.prod.minionplatform.com/ 0
107 B 411ms
132ms Ping
text/plain 3.83.198.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://telemetry.partners.prod.minionplatform.com/collect

Requested by

Host: api.tnapplications.com
URL: https://api.tnapplications.com/assets/6f06b77a-78a0-4399-9a7b-b18909b4b907/flow-container.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.83.198.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-83-198-13.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
content-length: 0
date: Tue, 15 Oct 2024 16:34:30 GMT

POST
H2 200 GenerateToken Show response
create.leadid.com/2.15.1/ 36 B
661 B 273ms
216ms XHR
text/plain 98.83.69.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.1/GenerateToken?msn=1&pid=eeba07dd-a5f0-4396-bbdf-89d5000bc1c3&_=99310665

Requested by

Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

98.83.69.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-98-83-69-223.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9985417412504a98a52c7b178e9ead533c7a179637ea930a5399c9ef593ae50c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Tue, 15 Oct 2024 16:34:30 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

POST
H2 502 events Show response
content-moderation15.higherincomejobs.com/api/1/ 524 B
594 B 130ms
129ms Fetch
text/html 54.234.58.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content-moderation15.higherincomejobs.com/api/1/events?campaign_id=104&fei=3&fid=xO9G0yVJh3Ft1snxJHql&frontend_layout_id=1886&path_ranking_id=4208&tsid=963478d1fa0c43b7b46e383672e84251&type=LOADER&uid=26cbf1ac-bbc5-4cb9-b34a-f22de1be4cd9
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.234.58.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-58-86.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 311531734a617089da26f33a00b04c59f7f43ec730022c19fb7dbb1c0c86e551

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

content-length: 524
date: Tue, 15 Oct 2024 16:34:29 GMT
content-type: text/html
server: awselb/2.0

GET
H2 200 collect
www.google-analytics.com/ 35 B
345 B 141ms
141ms Image
image/gif 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1905032378&t=pageview&_s=1&dl=https%3A%2F%2Fcontent-moderation15.higherincomejobs.com%2Fcontinue%3Fz%3DOTYzNDc4ZDFmYTBjNDNiN2I0NmUzODM2NzJlODQyNTElM0Fqb3JuYXlhUmVpbml0PXRydWUmYnA9eiZjaWQ9MjY0NCZja2Z3PWNtRnJRMWhXYW1wcWIyMVpkMmxKVmtSM1NFRlNZMloyWjBGalNWcE5TMHMlM0QmY3VycmVudF9wYWdlPXBhbl9kc3BfZXhtbF9hcGlfcHJpX2IlM0FkNzE3NzQwMTczMDFiNGI5NTg3YTUzOTU1NTQ4NWJiOSZmaWQ9eE85RzB5VkpoM0Z0MXNueEpIcWwmam9iX2NvdW50JTNBY29udGVudG1vZGVyYXRpb249MjM5MyZqb3JuYXlhX3NhdmVyX2tleT1lZHVfam9ybmF5YV90b2tlbiZvX3V1aWR2ND1vX2NiYjE2YWVmZDJiMjRiN2Y4ZDZmZDYzZGQzNzU0ZjUzJnBhdGhfcmFua2luZ19pZD00MjA4JnByaWxhbmQ9MCZxdGhlbWU9Q29udGVudCUyME1vZGVyYXRpb24mcmVxdWVzdF9pZD02NzBlOTk5MjY2MmY0JnMxPTIyNzgwNSZzMj05ODImczM9MTAyYmUxNDEwNTFmNzY2YjZiOGM3NjdmYTY2YWIxJnM0PSZzNT0mc2VxPTkyMTgzJnN2cHJlPXRydWUmdGltZT0xNzI5MDEwMDY5OTE0JnRzaWQ9OTYzNDc4ZDFmYTBjNDNiN2I0NmUzODM2NzJlODQyNTEmdWlkPTI2Y2JmMWFjLWJiYzUtNGNiOS1iMzRhLWYyMmRlMWJlNGNkOQ&ul=en-us&de=UTF-8&dt=Higher%20Income%20Jobs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCHAgAABAAAAAG~&jid=&gjid=&cid=673236929.1729010070&tid=UA-68956649-5&_gid=286830791.1729010070&gtm=45He4a90n71P79FD5v72637325za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685&z=1535977769

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

age: 73129
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 20:15:40 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 502 pan_pri_dsp_exml_api Show response
content-moderation15.higherincomejobs.com/api/1/search3/ 524 B
594 B 131ms
130ms Fetch
text/html 54.234.58.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content-moderation15.higherincomejobs.com/api/1/search3/pan_pri_dsp_exml_api?cid=2644&cpage=pan_dsp_exml_api_pri_b%3Ad71774017301b4b9587a539555485bb9&fid=xO9G0yVJh3Ft1snxJHql&l=90012&limit=3&p=&q=Content%20Moderation&tsid=963478d1fa0c43b7b46e383672e84251
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.234.58.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-58-86.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 311531734a617089da26f33a00b04c59f7f43ec730022c19fb7dbb1c0c86e551

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

content-length: 524
date: Tue, 15 Oct 2024 16:34:29 GMT
content-type: text/html
server: awselb/2.0

GET
H2 200 fcm-v1-module.019781ec7a1c97363e85.bundle.js Show response
cdn.pushnami.com/js/modules/ 46 KB
15 KB 455ms
152ms Script
application/javascript 108.139.47.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushnami.com/js/modules/fcm-v1-module.019781ec7a1c97363e85.bundle.js
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/push/588fa6a3531cdb655ae73531
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-63.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b41d7402cbdab32acba31cfdd479730c74b7527fa7c881b0486098bd1a895607

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

vary: Accept-Encoding
content-encoding: gzip
x-amz-version-id: DKNNXfrKVNQFoskvuTtbaAOVbVs0JYVO
etag: W/"09467cbbdfbe0b4f7131476215348a19"
age: 3357
via: 1.1 fa46ec88710e6374e08eeaa473342090.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: E_qws1Vdgm0Q0GK3u4hhtw4NgG7zRH3vm4dvQzjHFDK7e3TBrQBL4g==
date: Tue, 15 Oct 2024 15:38:34 GMT
content-type: application/javascript
last-modified: Fri, 10 May 2024 21:23:38 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
x-amz-server-side-encryption: AES256

POST
H2 422 fdc2c8146ea7db52a3ecb7e109e4c3786f69e185bed38f90f3aebde454eaaa5c Show response
capi.higherincomejobs.com/events/ 19 B
472 B 353ms
99ms XHR
text/plain 2600:1f13:d01:902:207d:8d0c:8bbb:cbcd
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://capi.higherincomejobs.com/events/fdc2c8146ea7db52a3ecb7e109e4c3786f69e185bed38f90f3aebde454eaaa5c

Requested by

Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f13:d01:902:207d:8d0c:8bbb:cbcd Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8ba5bbe155ecb6f2c7841363d52038e29cd7d9ba549ef83e5d7b700a3a51dfb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: https://content-moderation15.higherincomejobs.com
content-length: 45
content-encoding: gzip
date: Tue, 15 Oct 2024 16:34:30 GMT
vary: origin
access-control-allow-credentials: true

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 408ms
133ms Image
text/plain 2a03:2880:f10e:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=639476436215740&ev=PageView&dl=https%3A%2F%2Fcontent-moderation15.higherincomejobs.com%2Fcontinue%3Fz%3DOTYzNDc4ZDFmYTBjNDNiN2I0NmUzODM2NzJlODQyNTElM0Fqb3JuYXlhUmVpbml0PXRydWUmYnA9eiZjaWQ9MjY0NCZja2Z3PWNtRnJRMWhXYW1wcWIyMVpkMmxKVmtSM1NFRlNZMloyWjBGalNWcE5TMHMlM0QmY3VycmVudF9wYWdlPXBhbl9kc3BfZXhtbF9hcGlfcHJpX2IlM0FkNzE3NzQwMTczMDFiNGI5NTg3YTUzOTU1NTQ4NWJiOSZmaWQ9eE85RzB5VkpoM0Z0MXNueEpIcWwmam9iX2NvdW50JTNBY29udGVudG1vZGVyYXRpb249MjM5MyZqb3JuYXlhX3NhdmVyX2tleT1lZHVfam9ybmF5YV90b2tlbiZvX3V1aWR2ND1vX2NiYjE2YWVmZDJiMjRiN2Y4ZDZmZDYzZGQzNzU0ZjUzJnBhdGhfcmFua2luZ19pZD00MjA4JnByaWxhbmQ9MCZxdGhlbWU9Q29udGVudCUyME1vZGVyYXRpb24mcmVxdWVzdF9pZD02NzBlOTk5MjY2MmY0JnMxPTIyNzgwNSZzMj05ODImczM9MTAyYmUxNDEwNTFmNzY2YjZiOGM3NjdmYTY2YWIxJnM0PSZzNT0mc2VxPTkyMTgzJnN2cHJlPXRydWUmdGltZT0xNzI5MDEwMDY5OTE0JnRzaWQ9OTYzNDc4ZDFmYTBjNDNiN2I0NmUzODM2NzJlODQyNTEmdWlkPTI2Y2JmMWFjLWJiYzUtNGNiOS1iMzRhLWYyMmRlMWJlNGNkOQ&rl=&if=false&ts=1729010070024&sw=1600&sh=1200&v=2.9.171&r=stable&ec=0&o=12318&fbp=fb.1.1729010070022.35422419611322936&eid=ob3_plugin-set_5492b5519fdaccb09d51f4425ca7cf65c2804f5fff76369cf75430bd070fedab&ler=empty&cdl=API_unavailable&it=1729010069580&coo=false&exp=h3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=129, rtx=0, c=10, mss=1297, tbw=2918, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 15 Oct 2024 16:34:30 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 539ms
264ms Image
image/png 2a03:2880:f10e:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=639476436215740&ev=PageView&dl=https%3A%2F%2Fcontent-moderation15.higherincomejobs.com%2Fcontinue%3Fz%3DOTYzNDc4ZDFmYTBjNDNiN2I0NmUzODM2NzJlODQyNTElM0Fqb3JuYXlhUmVpbml0PXRydWUmYnA9eiZjaWQ9MjY0NCZja2Z3PWNtRnJRMWhXYW1wcWIyMVpkMmxKVmtSM1NFRlNZMloyWjBGalNWcE5TMHMlM0QmY3VycmVudF9wYWdlPXBhbl9kc3BfZXhtbF9hcGlfcHJpX2IlM0FkNzE3NzQwMTczMDFiNGI5NTg3YTUzOTU1NTQ4NWJiOSZmaWQ9eE85RzB5VkpoM0Z0MXNueEpIcWwmam9iX2NvdW50JTNBY29udGVudG1vZGVyYXRpb249MjM5MyZqb3JuYXlhX3NhdmVyX2tleT1lZHVfam9ybmF5YV90b2tlbiZvX3V1aWR2ND1vX2NiYjE2YWVmZDJiMjRiN2Y4ZDZmZDYzZGQzNzU0ZjUzJnBhdGhfcmFua2luZ19pZD00MjA4JnByaWxhbmQ9MCZxdGhlbWU9Q29udGVudCUyME1vZGVyYXRpb24mcmVxdWVzdF9pZD02NzBlOTk5MjY2MmY0JnMxPTIyNzgwNSZzMj05ODImczM9MTAyYmUxNDEwNTFmNzY2YjZiOGM3NjdmYTY2YWIxJnM0PSZzNT0mc2VxPTkyMTgzJnN2cHJlPXRydWUmdGltZT0xNzI5MDEwMDY5OTE0JnRzaWQ9OTYzNDc4ZDFmYTBjNDNiN2I0NmUzODM2NzJlODQyNTEmdWlkPTI2Y2JmMWFjLWJiYzUtNGNiOS1iMzRhLWYyMmRlMWJlNGNkOQ&rl=&if=false&ts=1729010070024&sw=1600&sh=1200&v=2.9.171&r=stable&ec=0&o=12318&fbp=fb.1.1729010070022.35422419611322936&eid=ob3_plugin-set_5492b5519fdaccb09d51f4425ca7cf65c2804f5fff76369cf75430bd070fedab&ler=empty&cdl=API_unavailable&it=1729010069580&coo=false&exp=h3&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7426041706477619039"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7426041706477619039"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x33a87c77c6fff82c","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["2045899355527769"]},"debug_reporting":true,"debug_key":"1825813599411922023"}
date: Tue, 15 Oct 2024 16:34:30 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: flhR6TZMo4IpqPxw2Hso02SY57iJjqkH/mvklP4kA12H23NmQPQUYPx1CVteKBQX9LuLVMRU6HNxlGMt+2e94g==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7426041706477619039", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control: private, no-store, no-cache, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=129, rtx=0, c=10, mss=1297, tbw=3232, tp=-1, tpl=-1, uplat=124, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 x6441.fed8e9da.chunk.js Show response
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 16 KB
7 KB 137ms
135ms Script
application/javascript 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/x6441.fed8e9da.chunk.js
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7727cd8e2cbae8f8ec81ed7f61a7f09b166368a964f356588b2ee34e90312b57

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "7405dd2cecdd2ae8e46acea33f05c0bd"
age: 1575002
x-cache: Hit from cloudfront
x-amz-cf-id: gB65mMZ39ZFaynRHgFQf_TQZczTTN8WNCRn888omyySQjVTGib6s4Q==
date: Fri, 27 Sep 2024 11:04:29 GMT
content-type: application/javascript
last-modified: Wed, 25 Sep 2024 18:55:54 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 6244
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 x8779.0481e479.chunk.js Show response
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 16 KB
6 KB 139ms
137ms Script
application/javascript 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/x8779.0481e479.chunk.js
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10f640f17eec443726acecda4f644f870675c20ecbc6f66ca2706197445f13fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "e59874606f4dd7b339ee049ae5efb86d"
age: 1647058
x-cache: Hit from cloudfront
x-amz-cf-id: w08ViubZY4SGxYqdtm0mbRYMf7tjMXDX7kCLFKjG_7JFmRngKPsIvA==
date: Thu, 26 Sep 2024 15:03:33 GMT
content-type: application/javascript
last-modified: Wed, 25 Sep 2024 18:55:54 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 5206
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 x291.fa0d9c33.chunk.js Show response
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 11 KB
5 KB 142ms
140ms Script
application/javascript 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/x291.fa0d9c33.chunk.js
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d17cef1fae094aef7c11a26b185718aa8da8c464edc18db8dd0293ec6ce04815

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "23cb7c28d80359c53fa33c0afbc5bb9b"
age: 1570622
x-cache: Hit from cloudfront
x-amz-cf-id: OofoMqi1EtorI-_G7g6mxkVT9qp0DSRQmcTj8o1gcY16DzVK8F36qw==
date: Fri, 27 Sep 2024 12:17:29 GMT
content-type: application/javascript
last-modified: Wed, 25 Sep 2024 18:55:53 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 4225
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 xg2.cebb00da.chunk.js Show response
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 35 KB
10 KB 144ms
143ms Script
application/javascript 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xg2.cebb00da.chunk.js
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7a11f957ddb62205fab899382ddf5970c750076224693568a3d3ab2a372a2cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "542f52c676e5b772cc1f9213b623e114"
age: 1280758
x-cache: Hit from cloudfront
x-amz-cf-id: 3HRpnb_QGvGxqxYCuxpU4wT9GJCbSEWxrhTYcRwVfpLF_bAFq4xoBw==
date: Mon, 30 Sep 2024 20:48:33 GMT
content-type: application/javascript
last-modified: Mon, 30 Sep 2024 17:43:51 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 9624
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame D758 0
0

POST
H2 200 SaveDom Show response
create.leadid.com/2.15.1/ 0
625 B 134ms
133ms XHR
text/plain 98.83.69.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.1/SaveDom?msn=2&pid=eeba07dd-a5f0-4396-bbdf-89d5000bc1c3&token=040F245C-41AD-F23C-E44F-B4681486C4AB&_=99310666

Requested by

Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

98.83.69.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-98-83-69-223.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Tue, 15 Oct 2024 16:34:30 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame C764 0
0 382ms
137ms Document
text/html 3.168.96.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=4FFB5904-AF5E-C39E-3A83-60C572AD5E4C&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.1&lck=0D8C5854-10CA-BA75-C372-81F59192CAEC&lac=EA6AAB64-8359-877C-0967-8318B8082814

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/0d8c5854-10ca-ba75-c372-81f59192caec.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.168.96.193 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-168-96-193.jfk52.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Age: 34053
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 15 Oct 2024 07:06:57 GMT
Etag: W/"6707fed3-dbb"
Last-Modified: Thu, 10 Oct 2024 16:20:35 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 a099b23be243d2ee8929f28860829b6a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: nYe-WLaXV4DU-a7wi-scqGvEIENxfRlXtZe06h85swYw4u0psbkRoQ==
X-Amz-Cf-Pop: JFK52-P6
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.15.1/ 0
625 B 134ms
133ms XHR
text/plain 98.83.69.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.1/SaveDom?msn=3&pid=eeba07dd-a5f0-4396-bbdf-89d5000bc1c3&token=4FFB5904-AF5E-C39E-3A83-60C572AD5E4C&_=99310667

Requested by

Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

98.83.69.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-98-83-69-223.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Tue, 15 Oct 2024 16:34:30 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

GET
H/1.1 200
OK ca.html
20838041p.rfihub.com/ Frame AD88 0
0 491ms
147ms Document
text/html 199.38.167.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20838041p.rfihub.com/ca.html?ver=9&rb=45712&ca=20838041&_o=45712&_t=20838041&source=higherincomejobs&keywords=Content%20Moderation&location=90012&organization=&login=26cbf1ac-bbc5-4cb9-b34a-f22de1be4cd9&userid=52ccddb6-cd3c-4227-a1b0-ff01abaae986%3A1729010069.726768&pe=https%3A%2F%2Fcontent-moderation15.higherincomejobs.com%2Fcontinue%3Fz%3DOTYzNDc4ZDFmYTBjNDNiN2I0NmUzODM2NzJlODQyNTElM0Fqb3JuYXlhUmVpbml0PXRydWUmYnA9eiZjaWQ9MjY0NCZja2Z3PWNtRnJRMWhXYW1wcWIyMVpkMmxKVmtSM1NFRlNZMloyWjBGalNWcE5TMHMlM0QmY3VycmVudF9wYWdlPXBhbl9kc3BfZXhtbF9hcGlfcHJpX2IlM0FkNzE3NzQwMTczMDFiNGI5NTg3YTUzOTU1NTQ4NWJiOSZmaWQ9eE85RzB5VkpoM0Z0MXNueEpIcWwmam9iX2NvdW50JTNBY29udGVudG1vZGVyYXRpb249MjM5MyZqb3JuYXlhX3NhdmVyX2tleT1lZHVfam9ybmF5YV90b2tlbiZvX3V1aWR2ND1vX2NiYjE2YWVmZDJiMjRiN2Y4ZDZmZDYzZGQzNzU0ZjUzJnBhdGhfcmFua2luZ19pZD00MjA4JnByaWxhbmQ9MCZxdGhlbWU9Q29udGVudCUyME1vZGVyYXRpb24mcmVxdWVzdF9pZD02NzBlOTk5MjY2MmY0JnMxPTIyNzgwNSZzMj05ODImczM9MTAyYmUxNDEwNTFmNzY2YjZiOGM3NjdmYTY2YWIxJnM0PSZzNT0mc2VxPTkyMTgzJnN2cHJlPXRydWUmdGltZT0xNzI5MDEwMDY5OTE0JnRzaWQ9OTYzNDc4ZDFmYTBjNDNiN2I0NmUzODM2NzJlODQyNTEmdWlkPTI2Y2JmMWFjLWJiYzUtNGNiOS1iMzRhLWYyMmRlMWJlNGNkOQ&pf=&ra=5303507776005112
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.38.167.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Content-Length: 5527
Content-Type: text/html;charset=utf-8
Date: Tue, 15 Oct 2024 16:34:30 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1 200
OK resolve Show response
people.api.boomtrain.com/identify/ 150 B
465 B 604ms
200ms XHR
application/json 52.207.9.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiNTJjY2RkYjYtY2QzYy00MjI3LWExYjAtZmYwMWFiYWFlOTg2OjE3MjkwMTAwNjkuNzI2NzY4In19&site_id=higherincomejobs
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.9.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-9-238.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c95e75ef1afc18beef6186eceb5f4d56b051bb1e2f5d01782b4624797c0fc235

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Connection: keep-alive
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Origin: *
Content-Length: 150
Date: Tue, 15 Oct 2024 16:34:30 GMT
Content-Type: application/json
Server: nginx
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id

POST
H2 200 events Show response
content-moderation15.higherincomejobs.com/api/1/ 559 B
641 B 4619ms
4618ms Fetch
application/json 54.234.58.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content-moderation15.higherincomejobs.com/api/1/events?campaign_id=104&fei=3&fid=xO9G0yVJh3Ft1snxJHql&frontend_layout_id=1886&path_ranking_id=4208&tsid=963478d1fa0c43b7b46e383672e84251&type=LOADER&uid=26cbf1ac-bbc5-4cb9-b34a-f22de1be4cd9
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.234.58.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-58-86.compute-1.amazonaws.com
Software: /
Resource Hash: 49ebe349c2c458627cce35fbd060ad849e4f9ef57c2844c2865402fe12197cee

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

date: Tue, 15 Oct 2024 16:34:35 GMT
content-type: application/json; charset=UTF-8
content-length: 559

GET
H2 400 pan_pri_dsp_exml_api Show response
content-moderation15.higherincomejobs.com/api/1/search3/ 87 B
156 B 6126ms
6126ms Fetch
application/json 54.234.58.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content-moderation15.higherincomejobs.com/api/1/search3/pan_pri_dsp_exml_api?cid=2644&cpage=pan_dsp_exml_api_pri_b%3Ad71774017301b4b9587a539555485bb9&fid=xO9G0yVJh3Ft1snxJHql&l=90012&limit=3&p=&q=Content%20Moderation&tsid=963478d1fa0c43b7b46e383672e84251
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.234.58.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-58-86.compute-1.amazonaws.com
Software: /
Resource Hash: 65a645f584e1c19332c7c5a5749a2ae49b89c1bb05d1e3135486ee90fa04c002

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

date: Tue, 15 Oct 2024 16:34:36 GMT
content-type: application/json
content-length: 87

POST
H2 200 Snap Show response
create.leadid.com/2.15.1/ 0
625 B 529ms
265ms XHR
text/plain 98.83.69.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.1/Snap?msn=4&pid=eeba07dd-a5f0-4396-bbdf-89d5000bc1c3&token=4FFB5904-AF5E-C39E-3A83-60C572AD5E4C&_=99310668

Requested by

Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

98.83.69.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-98-83-69-223.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Tue, 15 Oct 2024 16:34:31 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

POST
H2 200 Snap Show response
create.leadid.com/2.15.1/ 0
624 B 746ms
382ms XHR
text/plain 98.83.69.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.1/Snap?msn=5&pid=eeba07dd-a5f0-4396-bbdf-89d5000bc1c3&token=4FFB5904-AF5E-C39E-3A83-60C572AD5E4C&_=99310669

Requested by

Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

98.83.69.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-98-83-69-223.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Tue, 15 Oct 2024 16:34:31 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

GET
H/1.1 200
OK persons Show response
people.api.boomtrain.com/ 216 B
531 B 178ms
178ms XHR
application/json 52.207.9.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://people.api.boomtrain.com/persons?data=eyIkc2V0Ijp7InVzZXJfaWQiOiI1MmNjZGRiNi1jZDNjLTQyMjctYTFiMC1mZjAxYWJhYWU5ODY6MTcyOTAxMDA2OS43MjY3NjgiLCJ1bmlxdWVfY2xpZW50X2lkcyI6W119LCJic2luIjoiRklIa1pIdnM0QzlJYlJlVEdhamJWSHBGaXdYOWk1ZFVGa3cwYStGYjAyU0JRWlJCZXpRd0Q1QmZLcTZWWFlGbWMzeGtRcXNGRTNWRG5VSm1MRkRZNHc9PSJ9&site_id=higherincomejobs
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.9.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-9-238.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8fc1b6860e6491b94e00ece32471a475b26f0ea5b544e72ae827db145d1cc898

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Connection: keep-alive
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Origin: *
Content-Length: 216
Date: Tue, 15 Oct 2024 16:34:31 GMT
Content-Type: application/json
Server: nginx
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id

POST
H2 200 track Show response
events.api.boomtrain.com/event/ 2 B
209 B 419ms
147ms XHR
text/plain 18.208.35.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.api.boomtrain.com/event/track
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.35.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-35-132.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
content-length: 2
date: Tue, 15 Oct 2024 16:34:31 GMT
content-type: text/plain
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, x-app-id

GET
H2 200 hub
api.pushnami.com/scripts/v1/ Frame 2521 0
0 403ms
134ms Document
text/html 18.164.124.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/push/588fa6a3531cdb655ae73531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-56.jfk50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 3494
cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Tue, 15 Oct 2024 15:36:17 GMT
vary: accept-encoding
via: 1.1 5fa457dda68a5020725d371f051783e6.cloudfront.net (CloudFront)
x-amz-cf-id: kFc2ip8KizVszsaY1PMmXLm3PoFLJAy4zFmgQD0DwC-vQA_vOc4NXg==
x-amz-cf-pop: JFK50-P7
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *

GET
H2 200 hij.ico
d1mr0pnhlzkpc5.cloudfront.net/ 18 KB
3 KB 136ms
135ms Other
image/vnd.microsoft.icon 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/hij.ico?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91105ad1c4a2d8f873227bb7f4215e05ef982b9fe1a02d62dc4f23ccf8c78cbd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "35086ac8910212c938a759c45dafd176"
age: 1574857
x-cache: Hit from cloudfront
x-amz-cf-id: 0tSTSS9HGOTdWY7Vpm5IXh1xH5wuzVoQDbyBqzdV425LLyv9XJPyOQ==
date: Fri, 27 Sep 2024 11:06:56 GMT
content-type: image/vnd.microsoft.icon
last-modified: Wed, 25 Sep 2024 18:55:53 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 3062
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
152 B 166ms
164ms Fetch
text/html 44.207.172.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.207.172.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-207-172-140.compute-1.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key: 588fa6a3531cdb655ae73531
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json, text/plain, */*
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
content-length: 2
date: Tue, 15 Oct 2024 16:34:32 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/html; charset=utf-8
x-powered-by: Express

OPTIONS
H2 204 psp
psp.pushnami.com/api/ Frame 0
0 402ms
131ms Preflight 44.207.172.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.207.172.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-207-172-140.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://content-moderation15.higherincomejobs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: key
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Tue, 15 Oct 2024 16:34:32 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 check
fpc.pushnami.com/psfp/e7e5ffcd-784f-490b-8fee-02d905b2b21a/ 0
0 406ms
136ms Fetch 3.218.77.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fpc.pushnami.com/psfp/e7e5ffcd-784f-490b-8fee-02d905b2b21a/check?websiteId=588fa6a3531cdb655ae73532
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.77.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-77-133.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: GnYCGgIb30o4W7Yt3L8ZhcKDiV2eAM7K
access-control-allow-origin: *
content-length: 0
date: Tue, 15 Oct 2024 16:34:33 GMT
vary: Origin

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 145ms
144ms Fetch
text/html 34.207.37.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.207.37.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-37-41.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key: 588fa6a3531cdb655ae73531
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json, text/plain, */*
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
content-length: 2
cache-control: no-cache
date: Tue, 15 Oct 2024 16:34:33 GMT
content-type: text/html; charset=utf-8

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 390ms
129ms Preflight 34.207.37.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.207.37.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-37-41.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://content-moderation15.higherincomejobs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Tue, 15 Oct 2024 16:34:33 GMT

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 135ms
133ms Fetch
text/html 34.207.37.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.207.37.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-37-41.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key: 588fa6a3531cdb655ae73531
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json, text/plain, */*
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
content-length: 2
cache-control: no-cache
date: Tue, 15 Oct 2024 16:34:36 GMT
content-type: text/html; charset=utf-8

GET
H2 200 3253d05baa3480d6499a9d2c2829bdf8859a8fe6c86dbfe4ebadf339e5916053.png
d1mr0pnhlzkpc5.cloudfront.net/images/ 12 KB
12 KB 138ms
138ms Image
image/png 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/images/3253d05baa3480d6499a9d2c2829bdf8859a8fe6c86dbfe4ebadf339e5916053.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3253d05baa3480d6499a9d2c2829bdf8859a8fe6c86dbfe4ebadf339e5916053

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=604800
etag: "9160fa537bd52a57a9dc147656dcb83d"
age: 234219
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 12004
x-amz-cf-id: LcXswI4Uf4GP3ffFrKg6uasKDAenN07pE3KIJsjHr-NQCmXL42g0oQ==
date: Sat, 12 Oct 2024 23:30:58 GMT
content-type: image/png
last-modified: Tue, 05 Nov 2019 18:55:07 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4

GET
H2 200 32abc57197cc519d1223910b086f135403cf9baacd254636f4683429fb94c1db.jpg
d1mr0pnhlzkpc5.cloudfront.net/images/ 138 KB
138 KB 140ms
139ms Image
image/jpg 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/images/32abc57197cc519d1223910b086f135403cf9baacd254636f4683429fb94c1db.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32abc57197cc519d1223910b086f135403cf9baacd254636f4683429fb94c1db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://content-moderation15.higherincomejobs.com/

Response headers

cache-control: max-age=604800
etag: "39de1af76d2155751cd9b84a464e4926"
age: 60010
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 141017
x-amz-cf-id: LaXXGzFKN-WEzbzsb6BgxibFLCbYyCPH0zlrtxaWY8DTxKnfQGD_xg==
date: Mon, 14 Oct 2024 23:54:27 GMT
content-type: image/jpg
last-modified: Thu, 15 Jul 2021 19:57:55 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
vary: Accept-Encoding

POST
H2 502 events Show response
content-moderation15.higherincomejobs.com/api/1/ 524 B
594 B 129ms
125ms Fetch
text/html 54.234.58.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content-moderation15.higherincomejobs.com/api/1/events?campaign_id=104&fei=3&fid=xO9G0yVJh3Ft1snxJHql&frontend_layout_id=1886&path_ranking_id=4208&tsid=963478d1fa0c43b7b46e383672e84251&type=LOADER&uid=26cbf1ac-bbc5-4cb9-b34a-f22de1be4cd9
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.234.58.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-58-86.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 311531734a617089da26f33a00b04c59f7f43ec730022c19fb7dbb1c0c86e551

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

content-length: 524
date: Tue, 15 Oct 2024 16:34:36 GMT
content-type: text/html
server: awselb/2.0

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 139ms
138ms Image
image/gif 142.250.65.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1905032378&t=pageview&_s=1&dl=https%3A%2F%2Fcontent-moderation15.higherincomejobs.com%2Fcontinue%3Fz%3DOTYzNDc4ZDFmYTBjNDNiN2I0NmUzODM2NzJlODQyNTElM0Fqb3JuYXlhUmVpbml0PXRydWUmYnA9eiZjaWQ9MjY0NCZja2Z3PWNtRnJRMWhXYW1wcWIyMVpkMmxKVmtSM1NFRlNZMloyWjBGalNWcE5TMHMlM0QmY3VycmVudF9wYWdlPWdyZWV0aW5nMiUzQTQ3ODU3ZDE5MWYxZDQ3MmY5YjJhNjRhMDdkZGRiMTE2JmZpZD14TzlHMHlWSmgzRnQxc254SkhxbCZqb2JfY291bnQlM0Fjb250ZW50bW9kZXJhdGlvbj0yMzkzJmpvcm5heWFfc2F2ZXJfa2V5PWVkdV9qb3JuYXlhX3Rva2VuJm9fdXVpZHY0PW9fZjg2ZWEyMTc5MjA5NDIwMWJiMTcwN2U4ZThmNmY0YzkmcGF0aF9yYW5raW5nX2lkPTQyMDgmcHJpbGFuZD0wJnF0aGVtZT1Db250ZW50JTIwTW9kZXJhdGlvbiZyZXF1ZXN0X2lkPTY3MGU5OTkyNjYyZjQmczE9MjI3ODA1JnMyPTk4MiZzMz0xMDJiZTE0MTA1MWY3NjZiNmI4Yzc2N2ZhNjZhYjEmczQ9JnM1PSZzZXE9OTIxODQmc3ZwcmU9dHJ1ZSZ0aW1lPTE3MjkwMTAwNzY3MTImdHNpZD05NjM0NzhkMWZhMGM0M2I3YjQ2ZTM4MzY3MmU4NDI1MSZ1aWQ9MjZjYmYxYWMtYmJjNS00Y2I5LWIzNGEtZjIyZGUxYmU0Y2Q5&ul=en-us&de=UTF-8&dt=Higher%20Income%20Jobs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCHAgAABAAAAAG~&jid=&gjid=&cid=673236929.1729010070&tid=UA-68956649-5&_gid=286830791.1729010070&gtm=45He4a90n71P79FD5v72637325za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685&z=29591278

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

age: 82279
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 17:43:17 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 /
www.facebook.com/tr/ 0
121 B 134ms
132ms Image
text/plain 2a03:2880:f10e:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=639476436215740&ev=PageView&dl=https%3A%2F%2Fcontent-moderation15.higherincomejobs.com%2Fcontinue%3Fz%3DOTYzNDc4ZDFmYTBjNDNiN2I0NmUzODM2NzJlODQyNTElM0Fqb3JuYXlhUmVpbml0PXRydWUmYnA9eiZjaWQ9MjY0NCZja2Z3PWNtRnJRMWhXYW1wcWIyMVpkMmxKVmtSM1NFRlNZMloyWjBGalNWcE5TMHMlM0QmY3VycmVudF9wYWdlPWdyZWV0aW5nMiUzQTQ3ODU3ZDE5MWYxZDQ3MmY5YjJhNjRhMDdkZGRiMTE2JmZpZD14TzlHMHlWSmgzRnQxc254SkhxbCZqb2JfY291bnQlM0Fjb250ZW50bW9kZXJhdGlvbj0yMzkzJmpvcm5heWFfc2F2ZXJfa2V5PWVkdV9qb3JuYXlhX3Rva2VuJm9fdXVpZHY0PW9fZjg2ZWEyMTc5MjA5NDIwMWJiMTcwN2U4ZThmNmY0YzkmcGF0aF9yYW5raW5nX2lkPTQyMDgmcHJpbGFuZD0wJnF0aGVtZT1Db250ZW50JTIwTW9kZXJhdGlvbiZyZXF1ZXN0X2lkPTY3MGU5OTkyNjYyZjQmczE9MjI3ODA1JnMyPTk4MiZzMz0xMDJiZTE0MTA1MWY3NjZiNmI4Yzc2N2ZhNjZhYjEmczQ9JnM1PSZzZXE9OTIxODQmc3ZwcmU9dHJ1ZSZ0aW1lPTE3MjkwMTAwNzY3MTImdHNpZD05NjM0NzhkMWZhMGM0M2I3YjQ2ZTM4MzY3MmU4NDI1MSZ1aWQ9MjZjYmYxYWMtYmJjNS00Y2I5LWIzNGEtZjIyZGUxYmU0Y2Q5&rl=&if=false&ts=1729010076721&sw=1600&sh=1200&v=2.9.171&r=stable&ec=1&o=12318&fbp=fb.1.1729010070022.35422419611322936&eid=ob3_plugin-set_9039571bf1c0e0f8d1a8a4d8b01715eb370629ff237454fd85aea10921de234a&ler=empty&cdl=API_unavailable&it=1729010069580&coo=false&exp=h3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=130, rtx=0, c=10, mss=1297, tbw=6964, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 15 Oct 2024 16:34:36 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 216ms
214ms Image
image/png 2a03:2880:f10e:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=639476436215740&ev=PageView&dl=https%3A%2F%2Fcontent-moderation15.higherincomejobs.com%2Fcontinue%3Fz%3DOTYzNDc4ZDFmYTBjNDNiN2I0NmUzODM2NzJlODQyNTElM0Fqb3JuYXlhUmVpbml0PXRydWUmYnA9eiZjaWQ9MjY0NCZja2Z3PWNtRnJRMWhXYW1wcWIyMVpkMmxKVmtSM1NFRlNZMloyWjBGalNWcE5TMHMlM0QmY3VycmVudF9wYWdlPWdyZWV0aW5nMiUzQTQ3ODU3ZDE5MWYxZDQ3MmY5YjJhNjRhMDdkZGRiMTE2JmZpZD14TzlHMHlWSmgzRnQxc254SkhxbCZqb2JfY291bnQlM0Fjb250ZW50bW9kZXJhdGlvbj0yMzkzJmpvcm5heWFfc2F2ZXJfa2V5PWVkdV9qb3JuYXlhX3Rva2VuJm9fdXVpZHY0PW9fZjg2ZWEyMTc5MjA5NDIwMWJiMTcwN2U4ZThmNmY0YzkmcGF0aF9yYW5raW5nX2lkPTQyMDgmcHJpbGFuZD0wJnF0aGVtZT1Db250ZW50JTIwTW9kZXJhdGlvbiZyZXF1ZXN0X2lkPTY3MGU5OTkyNjYyZjQmczE9MjI3ODA1JnMyPTk4MiZzMz0xMDJiZTE0MTA1MWY3NjZiNmI4Yzc2N2ZhNjZhYjEmczQ9JnM1PSZzZXE9OTIxODQmc3ZwcmU9dHJ1ZSZ0aW1lPTE3MjkwMTAwNzY3MTImdHNpZD05NjM0NzhkMWZhMGM0M2I3YjQ2ZTM4MzY3MmU4NDI1MSZ1aWQ9MjZjYmYxYWMtYmJjNS00Y2I5LWIzNGEtZjIyZGUxYmU0Y2Q5&rl=&if=false&ts=1729010076721&sw=1600&sh=1200&v=2.9.171&r=stable&ec=1&o=12318&fbp=fb.1.1729010070022.35422419611322936&eid=ob3_plugin-set_9039571bf1c0e0f8d1a8a4d8b01715eb370629ff237454fd85aea10921de234a&ler=empty&cdl=API_unavailable&it=1729010069580&coo=false&exp=h3&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7426041731895766106"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7426041731895766106"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x33a87c77c6fff82c","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["2045899355527769"]},"debug_reporting":true,"debug_key":"4087524968295809245"}
date: Tue, 15 Oct 2024 16:34:36 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 7glNEdPzErB6rGdTjiLYOOgXtdKVdcgie6uarnVcVfwsz2Ozl0nMR5h+4+Jvk+5d82vvnWfno+KxWhCwdkDUGQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7426041731895766106", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control: private, no-store, no-cache, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=130, rtx=0, c=10, mss=1297, tbw=7129, tp=-1, tpl=-1, uplat=83, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 e53282a0bc9f3c4d58929e0d304f105d1b705dddfc626069c4285f12dd3d9a3a.png
d1mr0pnhlzkpc5.cloudfront.net/images/ 2 KB
2 KB 163ms
162ms Image
image/png 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/images/e53282a0bc9f3c4d58929e0d304f105d1b705dddfc626069c4285f12dd3d9a3a.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e53282a0bc9f3c4d58929e0d304f105d1b705dddfc626069c4285f12dd3d9a3a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

vary: Accept-Encoding
cache-control: max-age=604800
etag: "d1b5b6f5e5a2c8737b28e2987a5d0f2a"
age: 25240
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 2072
x-amz-cf-id: e6DSLKOXsKSEJUKiX9YbpIAKhSxKczEVOCX1uQ2wqwtBGuJENZRdhQ==
date: Tue, 15 Oct 2024 09:33:57 GMT
content-type: image/png
last-modified: Wed, 08 Feb 2023 18:46:25 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
x-amz-server-side-encryption: AES256

GET
H2 200 b5fdd89184ab4556c1f63eb4abab4148afdc26385f97d87e6dc2eafdb3f8fc1a.png
d1mr0pnhlzkpc5.cloudfront.net/images/ 2 KB
3 KB 164ms
163ms Image
image/png 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/images/b5fdd89184ab4556c1f63eb4abab4148afdc26385f97d87e6dc2eafdb3f8fc1a.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5fdd89184ab4556c1f63eb4abab4148afdc26385f97d87e6dc2eafdb3f8fc1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=604800
etag: "15c0944a582e5815bb1468b9577b7bea"
age: 76058
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 2334
x-amz-cf-id: zurpSE82LdzFkdFwynTDtQ2A0jXnwlAc6YpSHPAHMVpbbHxPg_wSeg==
date: Mon, 14 Oct 2024 19:26:59 GMT
content-type: image/png
last-modified: Wed, 08 Feb 2023 18:46:01 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
x-amz-server-side-encryption: AES256

GET
H2 200 73ef1c9950170c243378cba93b0230b0748f36432f6f05ef1bdc3188b79a84df.png
d1mr0pnhlzkpc5.cloudfront.net/images/ 2 KB
3 KB 165ms
164ms Image
image/png 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/images/73ef1c9950170c243378cba93b0230b0748f36432f6f05ef1bdc3188b79a84df.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73ef1c9950170c243378cba93b0230b0748f36432f6f05ef1bdc3188b79a84df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=604800
etag: "56ed18904ba5e6b0141427ea9e3d006f"
age: 233948
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 2472
x-amz-cf-id: Ov0tDXTQDI6YG7By1VUkoa_9mAaZ0T1zJZE8McKE4EMHomPtWUetBg==
date: Sat, 12 Oct 2024 23:35:29 GMT
content-type: image/png
last-modified: Wed, 08 Feb 2023 18:46:47 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
x-amz-server-side-encryption: AES256

GET
H2 200 hij-header-light.ec1d64fc.png
d1mr0pnhlzkpc5.cloudfront.net/static/media/ 3 KB
0 0ms
0ms Image
image/png 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/media/hij-header-light.ec1d64fc.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96f6cb68d1e3c236ca11ef3d0432df6d836a7d9be3c96d41c6d920f65d485791

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "9699f08c152ef74c8cd10476b9137a03"
age: 1574956
x-cache: Hit from cloudfront
x-amz-cf-id: vZz3_ux9NyH9YLgn40xOwZ0luFw742jL_NfnYNJQR3hzDYEcumCIqA==
date: Fri, 27 Sep 2024 11:05:14 GMT
content-type: image/png
last-modified: Wed, 25 Sep 2024 18:55:56 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 3183
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 6513ceeef1c58acf629ee087d0ade562e42d1c5f8be81258311356bea9805718.jpg
d1mr0pnhlzkpc5.cloudfront.net/images/ 253 KB
254 KB 154ms
154ms Image
image/jpg 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/images/6513ceeef1c58acf629ee087d0ade562e42d1c5f8be81258311356bea9805718.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6513ceeef1c58acf629ee087d0ade562e42d1c5f8be81258311356bea9805718

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://content-moderation15.higherincomejobs.com/

Response headers

cache-control: max-age=604800
etag: "da472d5175c0d9444bbbe81a6fc6cb2a"
age: 75492
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 259179
x-amz-cf-id: PBUYj3cjwkBqumB6PX0zpuXfKBetAX_F0YF_zw0KBqGiA84htm50sA==
date: Mon, 14 Oct 2024 19:36:25 GMT
content-type: image/jpg
last-modified: Wed, 31 Jan 2024 15:26:10 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
x-amz-server-side-encryption: AES256

GET
H2 200 cf5e2404b20d09595a5faa6e8c96a2afe0e2453ce5a4df023d7149d036ebe007.png
d1mr0pnhlzkpc5.cloudfront.net/images/ 19 KB
20 KB 148ms
147ms Image
image/png 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/images/cf5e2404b20d09595a5faa6e8c96a2afe0e2453ce5a4df023d7149d036ebe007.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf5e2404b20d09595a5faa6e8c96a2afe0e2453ce5a4df023d7149d036ebe007

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://content-moderation15.higherincomejobs.com/

Response headers

cache-control: max-age=604800
etag: "68653008548fed4bf7bd07abe78090b6"
age: 75885
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 19955
x-amz-cf-id: qV38nkKNmAKsccg0q5x9GX1YHvrLTQ0w2UztnByso-AyAHHDoEYBbg==
date: Mon, 14 Oct 2024 19:29:52 GMT
content-type: image/png
last-modified: Wed, 08 Feb 2023 16:57:28 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
x-amz-server-side-encryption: AES256

GET
H2 200 hij.ico
d1mr0pnhlzkpc5.cloudfront.net/ 18 KB
0 0ms
0ms Other
image/vnd.microsoft.icon 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/hij.ico?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91105ad1c4a2d8f873227bb7f4215e05ef982b9fe1a02d62dc4f23ccf8c78cbd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "35086ac8910212c938a759c45dafd176"
age: 1574857
x-cache: Hit from cloudfront
x-amz-cf-id: 0tSTSS9HGOTdWY7Vpm5IXh1xH5wuzVoQDbyBqzdV425LLyv9XJPyOQ==
date: Fri, 27 Sep 2024 11:06:56 GMT
content-type: image/vnd.microsoft.icon
last-modified: Wed, 25 Sep 2024 18:55:53 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 3062
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 x5660.96e61a18.chunk.js Show response
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 14 KB
6 KB 159ms
158ms Script
application/javascript 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/x5660.96e61a18.chunk.js
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c46a6d1b725899f6cab0511e678a97c0aa18d623cc51a0243d5db0ed99b9054e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "31dd6e490ebebf4bc7ac67b1e6a5588e"
age: 678784
x-cache: Hit from cloudfront
x-amz-cf-id: XpAUr2XOlZwUc_G-MogdoebAvMoo7mxjGU8XDdaMs8gedxMHbIViZQ==
date: Mon, 07 Oct 2024 20:01:33 GMT
content-type: application/javascript
last-modified: Mon, 07 Oct 2024 20:01:23 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 5857
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 x5789.537ec32c.chunk.js Show response
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 24 KB
6 KB 161ms
160ms Script
application/javascript 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/x5789.537ec32c.chunk.js
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57f33a8715e8471ae0ba0666b94e59bb3f7c079d17b16ae12b55db715980ce55

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "431e92d01f7b32b13f27319d2ef98b1b"
age: 1285669
x-cache: Hit from cloudfront
x-amz-cf-id: 3bvXGBEfZYKgcX9hdN2gloLDZUsddAZAGEGIk4y2IPrbZ9tr9FEGOw==
date: Mon, 30 Sep 2024 19:26:48 GMT
content-type: application/javascript
last-modified: Mon, 30 Sep 2024 17:43:50 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 5868
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 x644.3acf1a5c.chunk.js Show response
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 9 KB
4 KB 162ms
161ms Script
application/javascript 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/x644.3acf1a5c.chunk.js
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99cd7445d060a7d021cf737a2304eb40ee117cd36bf311eedbab54d7f4dde744

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "4458f8979e9fc313414dfd24eceaa925"
age: 1269637
x-cache: Hit from cloudfront
x-amz-cf-id: l-Pj1JObhnkrnUPO3dWmK0vhbTLq4BpTL7iTMD_a8JFzdia5cxTv1g==
date: Mon, 30 Sep 2024 23:54:00 GMT
content-type: application/javascript
last-modified: Mon, 30 Sep 2024 21:25:23 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 3411
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 xctv4.ab18adff.chunk.js Show response
d1mr0pnhlzkpc5.cloudfront.net/static/js/ 15 KB
5 KB 164ms
164ms Script
application/javascript 2600:9000:211c:ce00:1:dc01:1140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xctv4.ab18adff.chunk.js
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ce00:1:dc01:1140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7bc4e832852d8b792ee7f62266c33baf80cd98558b5d792c3ebcbdffde8af506

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "57ae16deb41136c18f63dd847d0e146c"
age: 1285663
x-cache: Hit from cloudfront
x-amz-cf-id: texaNiDkDGYDe3lHTIJ3Fr2i4rkA6Rjq1tX0-BxLU2leRJG7AgBBlQ==
date: Mon, 30 Sep 2024 19:26:54 GMT
content-type: application/javascript
last-modified: Mon, 30 Sep 2024 17:43:50 GMT
x-amz-meta-cache-control: max-age=31536000
cache-control: max-age=31536000
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 4942
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 InitFormData Show response
create.leadid.com/2.15.1/ 0
624 B 135ms
134ms XHR
text/plain 98.83.69.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.1/InitFormData?msn=6&pid=eeba07dd-a5f0-4396-bbdf-89d5000bc1c3&token=4FFB5904-AF5E-C39E-3A83-60C572AD5E4C&_=99310670

Requested by

Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

98.83.69.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-98-83-69-223.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Tue, 15 Oct 2024 16:34:37 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

POST
H2 502 events Show response
content-moderation15.higherincomejobs.com/api/1/ 524 B
594 B 129ms
127ms Fetch
text/html 54.234.58.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content-moderation15.higherincomejobs.com/api/1/events?campaign_id=104&fei=3&fid=xO9G0yVJh3Ft1snxJHql&frontend_layout_id=1886&path_ranking_id=4208&tsid=963478d1fa0c43b7b46e383672e84251&type=LOADER&uid=26cbf1ac-bbc5-4cb9-b34a-f22de1be4cd9
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.234.58.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-58-86.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 311531734a617089da26f33a00b04c59f7f43ec730022c19fb7dbb1c0c86e551

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

content-length: 524
date: Tue, 15 Oct 2024 16:34:37 GMT
content-type: text/html
server: awselb/2.0

POST
H2 200 events Show response
content-moderation15.higherincomejobs.com/api/1/ 544 B
626 B 406ms
404ms Fetch
application/json 54.234.58.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content-moderation15.higherincomejobs.com/api/1/events?campaign_id=104&fei=3&fid=xO9G0yVJh3Ft1snxJHql&frontend_layout_id=1886&path_ranking_id=4208&tsid=963478d1fa0c43b7b46e383672e84251&type=LOADER&uid=26cbf1ac-bbc5-4cb9-b34a-f22de1be4cd9
Requested by: Host: d1mr0pnhlzkpc5.cloudfront.net
URL: https://d1mr0pnhlzkpc5.cloudfront.net/static/js/xmain.828b609e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.234.58.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-58-86.compute-1.amazonaws.com
Software: /
Resource Hash: ccfcda8d39daab743e6592c2ddc30ec757efae437407a90aa2ee8bc6fe81a9f0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

date: Tue, 15 Oct 2024 16:34:38 GMT
content-type: application/json; charset=UTF-8
content-length: 544

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: content-moderation15.higherincomejobs.com
URL: blob:https://content-moderation15.higherincomejobs.com/432b7706-1545-4883-a2b9-ea0d9fb2f297

Domain: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=040F245C-41AD-F23C-E44F-B4681486C4AB&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.1&lck=0D8C5854-10CA-BA75-C372-81F59192CAEC&lac=EA6AAB64-8359-877C-0967-8318B8082814

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.capi.higherincomejobs.com/events/fdc2c8146ea7db52a3ecb7e109e4c3786f69e185bed38f90f3aebde454eaaa5c	1970-01-21 02:26:26	Name: cee Value: edWBGR73tsRSNv4%2Bf0SErgTXPxruXC8vJCAkylKMK%2F0%3D.%7B%7D
i.liadm.com/s	1970-01-21 01:00:02	Name: _li_ss Value: CgsKCQj_____BxCZGQ
i6.liadm.com/s	1970-01-21 01:00:02	Name: _li_ss Value: CgA
secure-tracking.clck2trck.com/	1970-01-21 01:01:28	Name: enc_aff_session_982 Value: ENC03bc110670a933b84ee152ed2e0776e1f7755a29ccb9900cfe3eeafaca0aa10f0d8a3dfaa769d501447f30d7a4ce2ab2fa5814dccb0a32f49c71a9c0663600a85ec11d0b8579a24b392ce650928bde21ab66fe6213602a624d61c511147a162b7c4b371ad0b7df6248cf7380e40ce567f7291ac4e860ea0410a2254af8c7c2c380102988ba
secure-tracking.clck2trck.com/	1970-01-21 09:52:50	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjkiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTI5LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
global.clicktrackurl.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: jmqmjk98uqd7nqd32cev6pld75
.apptrck.com/	1970-01-21 01:00:02	Name: hijses Value: cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s=
.higherincomejobs.com/	1970-01-21 01:00:02	Name: hijses Value: cmFrQ1hWampqb21Zd2lJVkR3SEFSY2Z2Z0FjSVpNS0s=
.higherincomejobs.com/	1970-01-21 00:18:16	Name: _uetsid Value: 5960e6808b1311efa010456b55ba5fc6
.higherincomejobs.com/	1970-01-21 09:38:26	Name: _uetvid Value: 59613f608b1311efb8286f1e0463f4d2
.bing.com/	1970-01-21 09:38:26	Name: MUID Value: 195451710C006080070D44680DEE6130
.bat.bing.com/	1970-01-21 00:26:54	Name: MR Value: 0
.higherincomejobs.com/	1970-01-21 09:52:50	Name: _ga_91XJ5ELN91 Value: GS1.1.1729010069.1.0.1729010069.60.0.0
.higherincomejobs.com/	1970-01-21 09:52:50	Name: _ga Value: GA1.1.673236929.1729010070
.content-moderation15.higherincomejobs.com/	1970-01-21 09:52:50	Name: _ga Value: GA1.3.673236929.1729010070
.content-moderation15.higherincomejobs.com/	1970-01-21 00:18:16	Name: _gid Value: GA1.3.286830791.1729010070
.content-moderation15.higherincomejobs.com/	1970-01-21 00:16:50	Name: _dc_gtm_UA-68956649-5 Value: 1
.higherincomejobs.com/	1970-01-21 02:26:26	Name: _fbp Value: fb.1.1729010070022.35422419611322936
.doubleclick.net/	1970-01-21 00:16:50	Name: test_cookie Value: CheckForPermission
.rezync.com/	1970-01-21 09:38:26	Name: zync-uuid Value: 52ccddb6-cd3c-4227-a1b0-ff01abaae986:1729010069.726768
content-moderation15.higherincomejobs.com/	1970-01-21 00:16:50	Name: leadid_token-EA6AAB64-8359-877C-0967-8318B8082814-0D8C5854-10CA-BA75-C372-81F59192CAEC Value: 4FFB5904-AF5E-C39E-3A83-60C572AD5E4C
.higherincomejobs.com/	1970-01-21 00:16:53	Name: _bts Value: 93cc5b4e-681b-474a-cb74-c0230b5bf056
.liadm.com/	1970-01-21 09:52:50	Name: lidid Value: 1b246e63-c3c7-45c8-b388-88c197581acf
.rfihub.com/	1970-01-21 09:38:26	Name: rud Value: H4sIAAAAAAAA_-MSsjS3MDE3NzE2sDAzs7Q0NDQwE-Iz1C3LCS4yNUoJMM_2TQIAmX44DCQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsjS3MDE3NzE2sDAzs7Q0NDQwE-Iz1C3LCS4yNUoJMM_2TQIAmX44DCQAAAA
.trueleadid.com/	1969-12-31 23:59:59	Name: nlbi_3051494 Value: Qvv6HStREj2fay8xC30iGwAAAACj0gYxJMj20ySRIxNFLjM5
.trueleadid.com/	1970-01-21 09:01:52	Name: visid_incap_3051494 Value: T4cGPR1iR8Kj2euiBQcpFJaZDmcAAAAAQUIPAAAAAADoiAVWS0M1jB7XoPSOQY3x
.trueleadid.com/	1969-12-31 23:59:59	Name: incap_ses_172_3051494 Value: L+a9JngWkmKcwBGvPhFjApaZDmcAAAAAwZcuKf1KGLblx4xC6kmW8A==
.higherincomejobs.com/	1970-01-21 09:02:26	Name: _bti Value: %7B%22app_id%22%3A%22higherincomejobs%22%2C%22bsin%22%3A%22fP8JVfWKxyK0KmTh6WaDOfYYbsRWDAEjQsQ61H9MmWFqDMzWmw6EDUBhgirtcSbIqIO6TucSWZdQJ6GLnD%2B49g%3D%3D%22%2C%22is_identified%22%3Atrue%2C%22user_id%22%3A%2252ccddb6-cd3c-4227-a1b0-ff01abaae986%3A1729010069.726768%22%7D
.deviceid.trueleadid.com/	1970-01-21 09:52:50	Name: uuid Value: 90b09519b48e4a1bb4476c7582be4541
.casalemedia.com/	1970-01-21 09:02:26	Name: CMID Value: Zw6Zl9HM4FQAAHFlAGfR5QAA
.casalemedia.com/	1970-01-21 02:26:26	Name: CMPS Value: 792
.casalemedia.com/	1970-01-21 02:26:26	Name: CMPRO Value: 792
.pubmatic.com/	1970-01-21 02:26:26	Name: KRTBCOOKIE_18 Value: 22947-978477430866991106&KRTB&23628-978477430866991106
.pubmatic.com/	1970-01-21 01:00:02	Name: PugT Value: 1729010071
.adnxs.com/	1970-01-21 09:52:50	Name: receive-cookie-deprecation Value: 1
.demdex.net/	1970-01-21 04:36:02	Name: demdex Value: 31226666761332492724604417639633524750
.media.net/	1970-01-21 04:43:14	Name: usp_status Value: 1
.dpm.demdex.net/	1970-01-21 04:36:02	Name: dpm Value: 31226666761332492724604417639633524750
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXByRWAMAgFwIvt4AOMn2A3LKaQVJ6ZfeHVqu4EVT9FQ9UoJJnWYomM-H3iE1NnYYbfpjDMA2T0g4A5AAAA
.rlcdn.com/	1970-01-21 09:02:26	Name: rlas3 Value: vAxGN/u7yOGs2Zx0ovSgROz9APpON4ZMnGC0rANZIbQ=
.rlcdn.com/	1970-01-21 01:43:14	Name: pxrc Value: CAA=
.bidswitch.net/	1970-01-21 09:02:26	Name: tuuid Value: f6f2adb8-aad6-470e-be3c-da6f216bb3c6
.bidswitch.net/	1970-01-21 09:02:26	Name: c Value: 1729010071
.bidswitch.net/	1970-01-21 09:02:26	Name: tuuid_lu Value: 1729010071
.eyeota.net/	1970-01-21 09:02:26	Name: mako_uid Value: 1929107f935-6efa0000010a4737
.eyeota.net/	1970-01-21 00:16:50	Name: SERVERID Value: 18231~DM
.rfihub.com/	1970-01-21 09:38:26	Name: eud Value: H4sIAAAAAAAA_13OvQ3CQAwFYIGgQlQ3xyHbSexctrkfMhBlypSUV2aEjJCSkhGoqBCxy09Pfs_T4YpCARBAQJCq8WK8Gr-NP8bzUftpXG1-0t52xobaejb_XbQfjjvKuZTEPpcm-5ZIfMQEfhwBY4rxHnoefkccbkIs3E_uX0SI3azNL6eHvqE4SSc5AQAA
live.rezync.com/	1970-01-21 09:38:26	Name: sd-session-id Value: .eJwNylEOgyAMANC79FuWFlkLXMYg1IRsskX0Z8a7z8-XvBOmr25ratp2iPt26AD5XW91iCf0-lv1BRGCeCfiRvTMIRAhwzVA197rp0213OVpcy5lZpPLmI2zVkyiGc2yIKU5JQ2eI4kNSIgcHmJZ2MP1B5PvJiQ.Zw6ZmA.kkHhNAF686cleBhVAjcBtMTYvvM

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://content-moderation15.higherincomejobs.com/api/1/events?campaign_id=104&fei=3&fid=xO9G0yVJh3Ft1snxJHql&frontend_layout_id=1886&path_ranking_id=4208&tsid=963478d1fa0c43b7b46e383672e84251&type=LOADER&uid=26cbf1ac-bbc5-4cb9-b34a-f22de1be4cd9 Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://content-moderation15.higherincomejobs.com/api/1/search3/pan_pri_dsp_exml_api?cid=2644&cpage=pan_dsp_exml_api_pri_b%3Ad71774017301b4b9587a539555485bb9&fid=xO9G0yVJh3Ft1snxJHql&l=90012&limit=3&p=&q=Content%20Moderation&tsid=963478d1fa0c43b7b46e383672e84251 Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://capi.higherincomejobs.com/events/fdc2c8146ea7db52a3ecb7e109e4c3786f69e185bed38f90f3aebde454eaaa5c Message: Failed to load resource: the server responded with a status of 422 ()
other	error	URL: https://content-moderation15.higherincomejobs.com/continue?z=OTYzNDc4ZDFmYTBjNDNiN2I0NmUzODM2NzJlODQyNTElM0Fqb3JuYXlhUmVpbml0PXRydWUmYnA9eiZjaWQ9MjY0NCZja2Z3PWNtRnJRMWhXYW1wcWIyMVpkMmxKVmtSM1NFRlNZMloyWjBGalNWcE5TMHMlM0QmY3VycmVudF9wYWdlPXBhbl9kc3BfZXhtbF9hcGlfcHJpX2IlM0FkNzE3NzQwMTczMDFiNGI5NTg3YTUzOTU1NTQ4NWJiOSZmaWQ9eE85RzB5VkpoM0Z0MXNueEpIcWwmam9iX2NvdW50JTNBY29udGVudG1vZGVyYXRpb249MjM5MyZqb3JuYXlhX3NhdmVyX2tleT1lZHVfam9ybmF5YV90b2tlbiZvX3V1aWR2ND1vX2NiYjE2YWVmZDJiMjRiN2Y4ZDZmZDYzZGQzNzU0ZjUzJnBhdGhfcmFua2luZ19pZD00MjA4JnByaWxhbmQ9MCZxdGhlbWU9Q29udGVudCUyME1vZGVyYXRpb24mcmVxdWVzdF9pZD02NzBlOTk5MjY2MmY0JnMxPTIyNzgwNSZzMj05ODImczM9MTAyYmUxNDEwNTFmNzY2YjZiOGM3NjdmYTY2YWIxJnM0PSZzNT0mc2VxPTkyMTgzJnN2cHJlPXRydWUmdGltZT0xNzI5MDEwMDY5OTE0JnRzaWQ9OTYzNDc4ZDFmYTBjNDNiN2I0NmUzODM2NzJlODQyNTEmdWlkPTI2Y2JmMWFjLWJiYzUtNGNiOS1iMzRhLWYyMmRlMWJlNGNkOQ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network	error	URL: https://content-moderation15.higherincomejobs.com/api/1/search3/pan_pri_dsp_exml_api?cid=2644&cpage=pan_dsp_exml_api_pri_b%3Ad71774017301b4b9587a539555485bb9&fid=xO9G0yVJh3Ft1snxJHql&l=90012&limit=3&p=&q=Content%20Moderation&tsid=963478d1fa0c43b7b46e383672e84251 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://content-moderation15.higherincomejobs.com/api/1/events?campaign_id=104&fei=3&fid=xO9G0yVJh3Ft1snxJHql&frontend_layout_id=1886&path_ranking_id=4208&tsid=963478d1fa0c43b7b46e383672e84251&type=LOADER&uid=26cbf1ac-bbc5-4cb9-b34a-f22de1be4cd9 Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://content-moderation15.higherincomejobs.com/api/1/events?campaign_id=104&fei=3&fid=xO9G0yVJh3Ft1snxJHql&frontend_layout_id=1886&path_ranking_id=4208&tsid=963478d1fa0c43b7b46e383672e84251&type=LOADER&uid=26cbf1ac-bbc5-4cb9-b34a-f22de1be4cd9 Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20838041p.rfihub.com
analytics.google.com
api.pushnami.com
api.tnapplications.com
bat.bing.com
c1.rfihub.net
capi.higherincomejobs.com
cdn.boomtrain.com
cdn.lr-in.com
cdn.pushnami.com
connect.facebook.net
content-moderation15.higherincomejobs.com
create.leadid.com
create.lidstatic.com
d1mr0pnhlzkpc5.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
events.api.boomtrain.com
fonts.googleapis.com
fonts.gstatic.com
fpc.pushnami.com
global.clicktrackurl.com
i.liadm.com
i6.liadm.com
live.rezync.com
people.api.boomtrain.com
plugin-cdn.alphaintent.com
psp.pushnami.com
rdr.apptrck.com
secure-tracking.clck2trck.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
td.doubleclick.net
telemetry.partners.prod.minionplatform.com
trc.pushnami.com
www.facebook.com
www.google-analytics.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.higherincomejobs.com
x.apptrck.com
content-moderation15.higherincomejobs.com
d2m2wsoho8qq12.cloudfront.net
104.21.234.145
108.138.106.60
108.139.47.63
13.226.34.70
142.250.65.238
142.251.32.98
142.251.40.131
142.251.40.98
142.251.41.8
18.164.124.11
18.164.124.56
18.173.132.75
18.208.35.132
199.38.167.130
2600:1f13:d01:902:207d:8d0c:8bbb:cbcd
2600:1f18:ed:550f:e84c:d74f:90af:3244
2600:9000:211c:ce00:1:dc01:1140:21
2600:9000:24f1:800:1:76cf:fe80:93a1
2606:4700:10::6816:27b6
2607:f8b0:4004:c19::9a
2607:f8b0:4006:816::200e
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81f::2008
2607:f8b0:4006:822::200e
2607:f8b0:4006:823::2002
2620:1ec:33:1::10
2a03:2880:f10e:83:face:b00c:0:25de
3.168.96.193
3.218.77.133
3.83.198.13
3.84.63.60
31.13.80.12
34.207.37.41
44.207.172.140
44.209.98.139
44.219.73.243
52.207.9.238
52.41.218.136
54.234.58.86
98.83.183.61
98.83.69.223
065e1b300b9413c7263fa38d6610f105e93cde3eee1324fb4f6388e7b5522a5a
08e44977542550325027cdc871a4be84fc3fefa9c88e8bdbea3da67c206ed821
0de5cfa787277d47b0b9cc3db70ead2c4ed29b05b4cf9b7b397c4193b2aff122
0e0c8cedb72a7e5a3080203509132486e267e5d1b0c5c6eae78ac16f7928ff01
10f640f17eec443726acecda4f644f870675c20ecbc6f66ca2706197445f13fd
1104d251ebe92b59be960e20190e6a62cdf7ee9f4297750867d2f7009dec1efb
1411b5a02ed9abef22ee35a6aa823ab06bcc162564436ed10bc14fc4bc08fefa
1494faf50051c89248f10bf85c9128d8ea3366ef18ceb4a50fbf8803628709e8
174fb1c44b65908f398c40f693a6bc6f7aa09ffe194d1b346dab5a4a63fd0519
1d014c5bd52944d057aa7ed671f845e8b51b31c7dd995ee894cd743392cbc0ec
21acad604e3bfeb9b69eb8a12247f489ea71ed7d0abf5a1f92d81b857ebdffef
25d58741c9756f82bc774208b736656b97fcb0d6e7ee3b6ca08428bbca8db99c
2acb0a904076126d6fba794c196909aa4576bc2640f0556c330aec13271c37de
2e4f4b5e28eb5c480453a9d0da56e8e362ad131d03c1d9f6df75a42f922248e0
311531734a617089da26f33a00b04c59f7f43ec730022c19fb7dbb1c0c86e551
3253d05baa3480d6499a9d2c2829bdf8859a8fe6c86dbfe4ebadf339e5916053
32abc57197cc519d1223910b086f135403cf9baacd254636f4683429fb94c1db
3f629b212b22a491f381e89a27fd489b73531624d589844109e1c5658a738b02
424590b75dbcb2db545171be28d569b249db105a6a460a76cb6197c4593164c3
492ce983716b504d4e93b5d21ab56b8d1f331978999ebe38b54dd27be0105944
49ebe349c2c458627cce35fbd060ad849e4f9ef57c2844c2865402fe12197cee
524f7012ea7217df051e8042ff00723fa9e9d07d96153d33127343aed829a89e
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57f33a8715e8471ae0ba0666b94e59bb3f7c079d17b16ae12b55db715980ce55
630e1f9afa37c28c38cd07af567ee062c109e0c20b1f494af8624771636e36de
6513ceeef1c58acf629ee087d0ade562e42d1c5f8be81258311356bea9805718
65a645f584e1c19332c7c5a5749a2ae49b89c1bb05d1e3135486ee90fa04c002
6634e5f3d095b1756a466564b7b722ecc40f7287ca213d4e5ad9988b741f617c
6863b10a903ae2b61a2be4ca8c3858e5b790baae8242b20c12a72b1efcdeaa1a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bfcdf3cfdc7b8e9094130b000e23336b8b6a37a445809ebf9ad70e9bc1012a7
73ef1c9950170c243378cba93b0230b0748f36432f6f05ef1bdc3188b79a84df
7727cd8e2cbae8f8ec81ed7f61a7f09b166368a964f356588b2ee34e90312b57
79d3210a6b0f9c35d57ca7c21f9211f6da6cc9445dbe7e469ac6810606ae30d5
7bc4e832852d8b792ee7f62266c33baf80cd98558b5d792c3ebcbdffde8af506
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
808859f62792c7c0882b959029db50b0addbf37986643059f419d0ed535d1689
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8993e27d5892ca18b31db8da478ac4a223407e7debffcbeffd2db50d8c1b3e25
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8ba5bbe155ecb6f2c7841363d52038e29cd7d9ba549ef83e5d7b700a3a51dfb9
8fc1b6860e6491b94e00ece32471a475b26f0ea5b544e72ae827db145d1cc898
91105ad1c4a2d8f873227bb7f4215e05ef982b9fe1a02d62dc4f23ccf8c78cbd
91aff3588efba0074124bbd204b45de0da882a853f29a1d73f7ec132291c5651
96f6cb68d1e3c236ca11ef3d0432df6d836a7d9be3c96d41c6d920f65d485791
9985417412504a98a52c7b178e9ead533c7a179637ea930a5399c9ef593ae50c
99cd7445d060a7d021cf737a2304eb40ee117cd36bf311eedbab54d7f4dde744
a2cba06da7fe7ee47591d46d8bfd2dfda415e9cea09aa33a901f027d381430a9
a45a89a6c73aed50bd56b6d31374f39778c1006d883c0de36a79e2111659a050
a560a6c09b84eaf06c0d214cceeaf19d914c31e76b6cea75e3b0de8ee1f9f7cf
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abe175831281f4de4d3d86c8be4dbfcc72d847243cbf626722e144081908e40b
ad8f4a00316a8558f67aa16a212a79a8ac8a58a6965cab24de30a61983069c47
aed3bb1b0d043b3b17e8cb226b76e02f8d59dc97ad603febc3f63558fc7de54a
afb434269dc377b3737e4af82f3f61170895eb1b7944d50bcfa10bf1423f2256
b41d7402cbdab32acba31cfdd479730c74b7527fa7c881b0486098bd1a895607
b5fdd89184ab4556c1f63eb4abab4148afdc26385f97d87e6dc2eafdb3f8fc1a
b84ff59b63bcd83e7351e86483576ac9024194433c63be01dc7e1f4b62ce0003
c35e956d1ae6c3bc7eec4618b3141f6502328d6f070190a5eba6d24d7ec689ec
c3be590171c0375d497714a608a5c4cd4e90e124e1c0cff1807cd8adb156e64b
c46a6d1b725899f6cab0511e678a97c0aa18d623cc51a0243d5db0ed99b9054e
c95e75ef1afc18beef6186eceb5f4d56b051bb1e2f5d01782b4624797c0fc235
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc12aa32760c7faeb0e9a4fdde62861c7f308be0f53370e917a2695da17d82ee
ccfcda8d39daab743e6592c2ddc30ec757efae437407a90aa2ee8bc6fe81a9f0
cf5e2404b20d09595a5faa6e8c96a2afe0e2453ce5a4df023d7149d036ebe007
d17cef1fae094aef7c11a26b185718aa8da8c464edc18db8dd0293ec6ce04815
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
ddc26e444dda9c7c21789755cb7bf00990d3f1299fbec94ce999e29be6a6ed2a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53282a0bc9f3c4d58929e0d304f105d1b705dddfc626069c4285f12dd3d9a3a
ed8371749d588fd1d79b2fb2bc47f747fefff7b31d473d198973e5bdbbbef357
f2076a4682a514378b685990322026d78220fe75e367f4d35083ee8880d0ff7f
f7a11f957ddb62205fab899382ddf5970c750076224693568a3d3ab2a372a2cb
f98d5fca3c93eb8086952c200e59dc21fc7b2ad893b5680cec00f4b7f2a38215
fb13b7f187c5278d7eedb6c6276658bfab1cb842cd4b1413d449613589babf30

content-moderation15.higherincomejobs.com Open in urlscan Pro 54.234.58.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

107 Requests

97 %HTTPS

33 %IPv6

28 Domains

41 Subdomains

39 IPs

3 Countries

2175 kBTransfer

5814 kBSize

49 Cookies

0 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

content-moderation15.higherincomejobs.com Open in urlscan Pro
54.234.58.86 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

97 %
HTTPS

33 %
IPv6

28
Domains

41
Subdomains

39
IPs

3
Countries

2175 kB
Transfer

5814 kB
Size

49
Cookies

107 HTTP transactions
0 data transactions