urlscan.io logo urlscan.io
SecurityTrails logo

wcw-dinheiroonline.sa.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://wcw-dinheiroonline.sa.com/
Submission: On August 05 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 13 domains to perform 38 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is wcw-dinheiroonline.sa.com.
TLS certificate: Issued by E1 on August 5th 2022. Valid for: 3 months.
This is the only time wcw-dinheiroonline.sa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 9 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 34.199.205.33 14618 (AMAZON-AES)
10 13.32.99.51 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:27::... 8075 (MICROSOFT...)
1 172.217.16.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 20.84.22.197 8075 (MICROSOFT...)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
4 143.204.215.6 ()
38 15
9    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
wcw-dinheiroonline.sa.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    34.199.205.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-205-33.compute-1.amazonaws.com
www.virtualvocations.com
10    13.32.99.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-51.fra60.r.cloudfront.net
staticblog.virtualvocations.com
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2620:1ec:27::cafe:2250 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
2    20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
f.clarity.ms
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    143.204.215.6 (None, )

ASN- ()
beacon-v2.helpscout.net
Apex Domain
Subdomains		 Transfer
17 virtualvocations.com
www.virtualvocations.com — Cisco Umbrella Rank: 847926
staticblog.virtualvocations.com
281 KB
9 sa.com
wcw-dinheiroonline.sa.com
131 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 547
f.clarity.ms — Cisco Umbrella Rank: 5359
c.clarity.ms — Cisco Umbrella Rank: 996
26 KB
4 helpscout.net
beacon-v2.helpscout.net
136 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 195
554 B
1 google.nl
www.google.nl — Cisco Umbrella Rank: 8761
548 B
1 google.com
www.google.com — Cisco Umbrella Rank: 10
548 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
2 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 125
15 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
45 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
0 cloudfront.net Failed
d3hb14vkzrxvla.cloudfront.net Failed
38 13
Domain Requested by
10 staticblog.virtualvocations.com wcw-dinheiroonline.sa.com
9 wcw-dinheiroonline.sa.com 6 redirects wcw-dinheiroonline.sa.com
7 www.virtualvocations.com wcw-dinheiroonline.sa.com
4 beacon-v2.helpscout.net wcw-dinheiroonline.sa.com
beacon-v2.helpscout.net
2 c.clarity.ms 1 redirects
2 f.clarity.ms www.clarity.ms
2 www.clarity.ms wcw-dinheiroonline.sa.com
www.clarity.ms
1 c.bing.com 1 redirects
1 www.google.nl wcw-dinheiroonline.sa.com
1 www.google.com wcw-dinheiroonline.sa.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 www.google-analytics.com wcw-dinheiroonline.sa.com
1 www.googletagmanager.com wcw-dinheiroonline.sa.com
1 fonts.googleapis.com wcw-dinheiroonline.sa.com
0 d3hb14vkzrxvla.cloudfront.net Failed beacon-v2.helpscout.net
38 16

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.pinterest.com
www.youtube.com
www.linkedin.com
Subject Issuer Validity Valid
*.wcw-dinheiroonline.sa.com
E1		 2022-08-05 -
2022-11-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.virtualvocations.com
Amazon		 2022-06-10 -
2023-07-09		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
*.helpscout.net
Amazon		 2022-04-18 -
2023-05-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://wcw-dinheiroonline.sa.com/
Frame ID: 50CE5BA0B0F2FA0D566F03A569895020
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Best Remote and Work from Home Jobs - Virtual Vocations

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

38
Requests

76 %
HTTPS

60 %
IPv6

13
Domains

16
Subdomains

15
IPs

3
Countries

654 kB
Transfer

1609 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://wcw-dinheiroonline.sa.com/?images/logo-orange.png HTTP 302
  • https://www.virtualvocations.com/images/logo-orange.png
Request Chain 4
  • https://wcw-dinheiroonline.sa.com/?images/VVlogo.png HTTP 302
  • https://www.virtualvocations.com/images/VVlogo.png
Request Chain 15
  • https://wcw-dinheiroonline.sa.com/?images/bbb.png HTTP 302
  • https://www.virtualvocations.com/images/bbb.png
Request Chain 16
  • https://wcw-dinheiroonline.sa.com/?javascript/manifest.js?v=1659463926 HTTP 302
  • https://www.virtualvocations.com/javascript/manifest.js?v=1659463926
Request Chain 17
  • https://wcw-dinheiroonline.sa.com/?javascript/vendor.js?v=1659463926 HTTP 302
  • https://www.virtualvocations.com/javascript/vendor.js?v=1659463926
Request Chain 18
  • https://wcw-dinheiroonline.sa.com/?javascript/app.js?v=1659559177 HTTP 302
  • https://www.virtualvocations.com/javascript/app.js?v=1659559177
Request Chain 29
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=F44D7191B3CC4227BC2230808646F1D9&RedC=c.clarity.ms&MXFR=1F1746EAA1DD6EEC1064571DA5DD6036 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=F44D7191B3CC4227BC2230808646F1D9&MUID=22252EDC841269BA236A3F2B85D2689E

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wcw-dinheiroonline.sa.com/ 		32 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wcw-dinheiroonline.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d193b76668586edf215f9e8e5c54aace3570281cf4ed42491722707f008bbf8e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7362eca9c890b7af-AMS
content-encoding
br
content-type
text/html;charset=utf-8
date
Fri, 05 Aug 2022 22:21:13 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tab2FgOlh7vGNl%2BOfCUFHM2UQTaWyUFixaHQUJBI%2FYAar2%2BhIm0GFB82iV90OO%2BMBuYdTvBoHJ0m4%2BXCD9iEcoBm3FqcO7NkxE3yshswiYev2a%2BgC4qn9GZHAUM6C4RDNS5BN2hDe38rvA9aBfJjMaVkaIr1Bh7m"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
css
fonts.googleapis.com/ 		10 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,italic,700,500
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
84f50cac5405718c078c373d40b0792d515c03e0221e9ec467d8570fde0b3841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wcw-dinheiroonline.sa.com/
Origin
https://wcw-dinheiroonline.sa.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 05 Aug 2022 22:21:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 05 Aug 2022 22:21:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Aug 2022 22:21:13 GMT
/
wcw-dinheiroonline.sa.com/ 		251 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wcw-dinheiroonline.sa.com/?css/style.css?v=1659464322
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b295eaed81915b9913f94652f02b2766154d700684933755e8f34643e083f94e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 22:21:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BKoMplP9Y%2FqQCbPXJOx%2F97JqABAdQhy33sN%2BsUFnvWVwfJxCHYKnqzbbrukV%2Fl5YSt7PDHPA9w%2FQ9819WQd%2FtaxF8PWWeJUGjHVNl08qvjhlmNlDiNGJFTsA3u17PGfUzu2AbNKnF1jlkcFldu8VkH%2BSF6rgxOh"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7362ecaf1ff0b7af-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
js
www.googletagmanager.com/gtag/ 		114 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-969820426
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a2a0334b75637de3adbeb3ab166efdabca636a9a9de2983b9cfbbc2a8482862c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 22:21:15 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45570
x-xss-protection
0
last-modified
Fri, 05 Aug 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 Aug 2022 22:21:15 GMT
logo-orange.png
www.virtualvocations.com/images/
Redirect Chain
  • https://wcw-dinheiroonline.sa.com/?images/logo-orange.png
  • https://www.virtualvocations.com/images/logo-orange.png
24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.virtualvocations.com/images/logo-orange.png
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Server
34.199.205.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-205-33.compute-1.amazonaws.com
Software
nginx /
Resource Hash
34adff152b743bf1365a388901503e733d92e9584a8d762caf2e0c37907f6e1b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 22:21:15 GMT
last-modified
Tue, 21 Feb 2017 17:36:59 GMT
server
nginx
etag
"58ac7abb-6050"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
24656
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Aug 2022 22:21:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKzfgAcSrIM3M5P15ky%2BjEpXLJxVzp54S%2Fnv9bSGM00Lj3UZqiAXYN0BWCrkoNSg1TxNE3MxLVYSdlVishV0VIgzMLGinR1vewPMt%2Bwi0MfxcZ6yjGBaIUwYjyzFKiwmPDG%2FkvbLrSWhQztthS%2FapkvXkKBWHQKI"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg; charset=UTF-8
location
https://www.virtualvocations.com/images/logo-orange.png
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7362ecb89b95b773-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
VVlogo.png
www.virtualvocations.com/images/
Redirect Chain
  • https://wcw-dinheiroonline.sa.com/?images/VVlogo.png
  • https://www.virtualvocations.com/images/VVlogo.png
23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.virtualvocations.com/images/VVlogo.png
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Server
34.199.205.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-205-33.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fe6fd081cc3dbb8f888560af24d42caa31d8e226805c4f2d2147ea7cb082fa7d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 22:21:15 GMT
last-modified
Wed, 22 Apr 2020 00:14:41 GMT
server
nginx
etag
"5e9f8c71-5aa1"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
23201
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Aug 2022 22:21:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWxBaFkyAygAIs8pxgKwOivbPiNUTOwr9HFWqw35UsM17sIJ%2FLNumEyUWV%2F3nYQu4L8pPy5QszwhpAvH83cKc9BW57ZNMGs6B756Cn0496rdxC5VsmLSkDkPbV9KVgJMLsu7QfdVM3JUn9QiepenhVeC%2FHpsY3VE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg; charset=UTF-8
location
https://www.virtualvocations.com/images/VVlogo.png
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7362ecb89b98b773-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
HowToManageaSideHustleWhileWorkingFullTime28129-80x80.png
staticblog.virtualvocations.com/2022/08/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticblog.virtualvocations.com/2022/08/HowToManageaSideHustleWhileWorkingFullTime28129-80x80.png
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2817b1a11ab709e92c01bc9f280c6845922d19cc2ac2fc6d020765d88fa1acdd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 12:41:09 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Thu, 04 Aug 2022 02:59:24 GMT
server
AmazonS3
age
34807
etag
"66b69c21defc5490a192a21d8078fe88"
x-cache
Hit from cloudfront
x-amz-version-id
LuwvSGmMLgJmjR7ZmMdu6A08FBY9jSBU
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
8583
x-amz-cf-id
2pBNol-COUmAXJhNXW8cx32N4Wyz6PEAnO22v_ZqG7dM2zHnYTwToA==
VirtualVocations_2022_AugustEmployerPartnerAlert_FeaturedImage_2298x978-80x80.png
staticblog.virtualvocations.com/2022/08/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticblog.virtualvocations.com/2022/08/VirtualVocations_2022_AugustEmployerPartnerAlert_FeaturedImage_2298x978-80x80.png
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f2b53a0d55a1190985d996cc980f811efce293d7e98eb85a22c083ec7eebee9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 12:36:50 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Wed, 03 Aug 2022 05:05:20 GMT
server
AmazonS3
age
207866
etag
"5eba7f7b5c8017bfc59c95e3ee01649b"
x-cache
Hit from cloudfront
x-amz-version-id
oI45lHHf7K7LTMCmvqj9z_Ccc05EwFqZ
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
9366
x-amz-cf-id
Zh3wZ1tVDuxOudV9h-erkeICeOZPUW5YHuCHcuI1ByLsxgHfFq98Tg==
RemoteVeterinaryJobsWhatTheyAre26WheretoFindThem-80x80.png
staticblog.virtualvocations.com/2022/07/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticblog.virtualvocations.com/2022/07/RemoteVeterinaryJobsWhatTheyAre26WheretoFindThem-80x80.png
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f0cbca90baa25b36bcd34487f0b3713684c69dd8f0db651095783ae8148f6c4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 12:32:28 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jul 2022 12:50:17 GMT
server
AmazonS3
age
726528
etag
"f8f186d1e142f0653f9ec2348e7f8f1a"
x-cache
Hit from cloudfront
x-amz-version-id
LpogCHrdnxmPqLSMC3EJF._cAtsfSK9h
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
10136
x-amz-cf-id
V-nhACC3a4fyE9dW-fivGKUxWjcX9IGqTMhJZi-4Mqho4aplq2rMFg==
4ReasonsWhyRemoteWorkWillBetheNewNormalforEnterprises-80x80.png
staticblog.virtualvocations.com/2022/07/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticblog.virtualvocations.com/2022/07/4ReasonsWhyRemoteWorkWillBetheNewNormalforEnterprises-80x80.png
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a3daf6fc7c3944b44445d0a95244f19c3f078ec0ab9e083c93b820f7b64b4d9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 12:49:37 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Fri, 22 Jul 2022 06:27:11 GMT
server
AmazonS3
age
898298
etag
"d1318641309b2baca9152213df94f02a"
x-cache
Hit from cloudfront
x-amz-version-id
yXhve0Qx9Q9tDdkmDe8Bj6m0AE_HYOHh
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
8133
x-amz-cf-id
GuPoijxw-IpoGUwEeP-GtWIKwU6y8_m6TByr2k9dOujNFCxsq0rEcw==
YourCompleteGuidetoRemoteNursePractitionerJobs-80x80.png
staticblog.virtualvocations.com/2022/07/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticblog.virtualvocations.com/2022/07/YourCompleteGuidetoRemoteNursePractitionerJobs-80x80.png
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b19855884913d8b8e8883fd7ce1d4483fb4bc75cec727e09cac78583a33b025

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 12:31:37 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 05:38:18 GMT
server
AmazonS3
age
1244979
etag
"06cc3f7a1ec790f7d5de0f9646acb8ba"
x-cache
Hit from cloudfront
x-amz-version-id
Q62xB77XZWu8SbQiwL09QVFNwUavD5vJ
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
10258
x-amz-cf-id
5y0_CfArCuv_5gYgFmYNbEIsiE8a3etTb4Wc8iTL-xUeN1fxXzDm7Q==
6BestRemoteJobsforCollegeStudents-80x80.png
staticblog.virtualvocations.com/2022/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticblog.virtualvocations.com/2022/08/6BestRemoteJobsforCollegeStudents-80x80.png
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4adde841d6d2afc4c415621e90e16c0fd96c2334309026a4c9149dab216986ff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 12:57:45 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Tue, 02 Aug 2022 02:37:08 GMT
server
AmazonS3
age
120211
etag
"c88be28a9bbddf72fa52ad1c0caf8cad"
x-cache
Hit from cloudfront
x-amz-version-id
FTq5CNviiVhm0Fsd2NjeIvWp71r5BK4U
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
8150
x-amz-cf-id
S3yErxY115ZFlWFBRqUhQc9Z_WKAnLz5nQuWPPdqGhWeXvjIgBQ8Rw==
VirtualVocations_FullyRemoteJobIndustries_Top20for2022_FeaturedImage-2298x978-1-80x80.png
staticblog.virtualvocations.com/2022/08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticblog.virtualvocations.com/2022/08/VirtualVocations_FullyRemoteJobIndustries_Top20for2022_FeaturedImage-2298x978-1-80x80.png
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8ede9eee67fc5261270d57f05feb9bfe7c3bc8eb97362374b8b945c5b71dc0d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 01:53:31 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Mon, 01 Aug 2022 21:44:38 GMT
server
AmazonS3
age
332865
etag
"c5983f2607ae53219ae708e23480d66f"
x-cache
Hit from cloudfront
x-amz-version-id
zZfEKaN1Ah4QQq_KTXzD0GvwJgkqTg.a
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
10084
x-amz-cf-id
xURlU_EpQfY-EDfnJJS_IJkXOHEmfsrM_x2uLCiF08Yf1PfQ0yxnEw==
VirtualVocations_2022_JulyEmployerPartnerAlert_FeaturedImage_2298x978-80x80.png
staticblog.virtualvocations.com/2022/07/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticblog.virtualvocations.com/2022/07/VirtualVocations_2022_JulyEmployerPartnerAlert_FeaturedImage_2298x978-80x80.png
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7601ca5745aed4e59cecfd0fc95761d23af5be9258eb0f55a69c60f07272276e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 05:54:01 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Wed, 06 Jul 2022 05:53:24 GMT
server
AmazonS3
age
2651235
etag
"17bb842d6f8a7fe41cbd2744801c3399"
x-cache
Hit from cloudfront
x-amz-version-id
YxmsUI59jDzwd_zAGVbyfROpXUXmMW3h
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
10395
x-amz-cf-id
faCvIhI2hNQlA_0CVShIdr24N1mORhcKZyH7Vwy9walVKmEeacR5Bw==
The8BestOnlineCollaborationToolsforCompanieswithRemoteWorkers-80x80.png
staticblog.virtualvocations.com/2022/07/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticblog.virtualvocations.com/2022/07/The8BestOnlineCollaborationToolsforCompanieswithRemoteWorkers-80x80.png
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eba055f8fee33ce5ed794ce6857521b151b1b8c2588b45684f66aa3ea8725f37

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 12:37:10 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Thu, 21 Jul 2022 05:58:24 GMT
server
AmazonS3
age
985445
etag
"aa121423fa53dfc16d8420a357fa76ec"
x-cache
Hit from cloudfront
x-amz-version-id
ux8aXwNCuGI_sJJQGlAJ1NmHQF64E8Mj
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
11357
x-amz-cf-id
-PpiW5ghTIQFpk1y_tX1v9uGgCR5X4QU2jbkEIhR3VGdP2T5AiIOWg==
HowVideoTechnologyIsShapingtheWorkplaceoftheFuture-80x80.png
staticblog.virtualvocations.com/2022/07/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticblog.virtualvocations.com/2022/07/HowVideoTechnologyIsShapingtheWorkplaceoftheFuture-80x80.png
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
855e27bd265078221e6dca9688f04fdae7676a5507cb99ad53c6f73f6168e1d8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 04:39:13 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Tue, 19 Jul 2022 04:38:42 GMT
server
AmazonS3
age
1532523
etag
"6afd9a7e097d776a4d03054ba76f8beb"
x-cache
Hit from cloudfront
x-amz-version-id
eCNjUjkfWUnRz.X8qvYRNvqiiQjhaYcU
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
11001
x-amz-cf-id
etwZ6NrigPHuOeaQfD-i_0X_wUGuyR9g2rgwewDhZWwPoe2s278fpA==
bbb.png
www.virtualvocations.com/images/
Redirect Chain
  • https://wcw-dinheiroonline.sa.com/?images/bbb.png
  • https://www.virtualvocations.com/images/bbb.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.virtualvocations.com/images/bbb.png
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Server
34.199.205.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-205-33.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0ad65e9d7126b253bb53eabbf3fd469dd0fb94d47522afbe4d184bbb7359e727
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 22:21:15 GMT
last-modified
Wed, 04 Nov 2015 23:09:02 GMT
server
nginx
etag
"563a900e-4e6"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1254
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Aug 2022 22:21:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGMDk6b%2BkdUsL1OBpPWh%2BvFFC5n68rg7HJ6JFQzVAobsTXQtoazyrZlLATdbkt1%2BBpFPKLXfmLFFMg6DLcUvSItC7tIikBDI%2BLfQTaNuG0x8G0ttAp%2FgpOtFktP6kkczCpLgYotxldAwIzcRF7jOq7YorI1aTn%2B7"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg; charset=UTF-8
location
https://www.virtualvocations.com/images/bbb.png
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7362ecb89b9bb773-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
manifest.js
www.virtualvocations.com/javascript/
Redirect Chain
  • https://wcw-dinheiroonline.sa.com/?javascript/manifest.js?v=1659463926
  • https://www.virtualvocations.com/javascript/manifest.js?v=1659463926
984 B
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.virtualvocations.com/javascript/manifest.js?v=1659463926
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Server
34.199.205.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-205-33.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7f4019616ffd19ff9e531bc12130f182dd01d241c0661ab14cd2dc46bfef817b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 22:21:15 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 02 Aug 2022 18:12:06 GMT
server
nginx
etag
W/"62e968f6-3d8"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Aug 2022 22:21:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i28kiummVuvY9Uyoof7y0VjMAad6%2BFS0191eWbwxAyCsmwE%2FBYWkIMMkJoba%2B1L5YMFJjktY7ZrNytaW4tbmeax5WGiIksvbrniua46CJQHLZEpZqC3U%2FR%2FikJq5a7dDfwec9ZRxw7wEu%2FQsOev9%2BpHMuWvMn5n0"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
location
https://www.virtualvocations.com/javascript/manifest.js?v=1659463926
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7362ecafee8bb773-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
vendor.js
www.virtualvocations.com/javascript/
Redirect Chain
  • https://wcw-dinheiroonline.sa.com/?javascript/vendor.js?v=1659463926
  • https://www.virtualvocations.com/javascript/vendor.js?v=1659463926
140 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.virtualvocations.com/javascript/vendor.js?v=1659463926
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Server
34.199.205.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-205-33.compute-1.amazonaws.com
Software
nginx /
Resource Hash
25458838160273154104dd14fe55570ce506e429c5c03901015c1c14130eb8f8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 22:21:15 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 02 Aug 2022 18:12:06 GMT
server
nginx
etag
W/"62e968f6-22ebf"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Aug 2022 22:21:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpXcbYkFIvJO5JWvRRaQtg2S3%2FhtgURgVwhl4j1SQTLPyfp2prbLgThj1qLfWfrXTfzZHPqtz5Jaxq4SbS7dl7sP8o9puRX9qb4%2F8s5tYVDW1PfdRZFiwBp3UCQLz82qwcV2DCJqZdENCUcX78FPSCG1kpemV6V2"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
location
https://www.virtualvocations.com/javascript/vendor.js?v=1659463926
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7362ecb88b74b773-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
app.js
www.virtualvocations.com/javascript/
Redirect Chain
  • https://wcw-dinheiroonline.sa.com/?javascript/app.js?v=1659559177
  • https://www.virtualvocations.com/javascript/app.js?v=1659559177
265 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.virtualvocations.com/javascript/app.js?v=1659559177
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Server
34.199.205.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-205-33.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c5303ede6ed1c095df8a7e31d9074970828e81174d8747f6ae9617f9580dd1de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 22:21:15 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 03 Aug 2022 20:39:37 GMT
server
nginx
etag
W/"62eadd09-425d9"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Aug 2022 22:21:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pW3x2J7tozTwmCZrKpl770OVwAXZ2bQsetBPE9gyISxWFhFP02GEa1X54CAamlTQ4%2FWsgsNGOnFVh%2FVPcZInGCrw%2BgEVgmq67G%2F7TVHInH5cnySpteiG9wy4Hc7S6t%2B3edogAjYj7gQ7%2F6mbpeKeYFUQh8dj40c"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
location
https://www.virtualvocations.com/javascript/app.js?v=1659559177
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7362ecb89b90b773-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4755
date
Fri, 05 Aug 2022 21:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 05 Aug 2022 23:02:00 GMT
4ne0ftkk9z
www.clarity.ms/tag/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/4ne0ftkk9z
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:2250 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
23c13fbd4faaf34ea69244b239c23362f8a1513e52a75f5a0619a70fe840c543

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 22:21:14 GMT
x-powered-by
ASP.NET
x-azure-ref
025ftYgAAAADyoAK7QD+hTIriqkpSmID6QlJVMzBFREdFMDcxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
content-length
1730
expires
-1
/
wcw-dinheiroonline.sa.com/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wcw-dinheiroonline.sa.com/?css/fonts/fontawesome-webfont.woff2
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/?css/style.css?v=1659464322
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://wcw-dinheiroonline.sa.com/?css/style.css?v=1659464322
Origin
https://wcw-dinheiroonline.sa.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 22:21:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OPhFrfh1SE0oe3NI%2Bvxk25p7Epo0CL5xLdEXkuHNM1e%2BazrjSmgjg32RT9b24DX%2FlEOGiHt5MI8tCWqbdeFXfqlOeohsw%2FT%2FlMB%2BZ2066cvNM0y7aBMVaLI6SzIVz77KaX%2BpPPVUSrRpT%2FxZ7BqJMWUcF8UYbxty"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7362ecb89b9db773-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-969820426
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 22:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15160
x-xss-protection
0
server
cafe
etag
9823212955285023900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 05 Aug 2022 22:21:15 GMT
clarity.js
www.clarity.ms/eus-b/s/0.6.37/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus-b/s/0.6.37/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/4ne0ftkk9z
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:2250 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
9e8ba124b0c73a351df657b54d58db545fe810e16c0d9b07824a64864792a20d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 22:21:14 GMT
content-encoding
br
etag
"1d8a82be9612196"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
025ftYgAAAACe6mbzQ1wQTLUT36cfp4bbQlJVMzBFREdFMDcxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
content-length
23115
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/969820426/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/969820426/?random=1659738075299&cv=9&fst=1659738075299&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa830&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwcw-dinheiroonline.sa.com%2F&tiba=Best%20Remote%20and%20Work%20from%20Home%20Jobs%20-%20Virtual%20Vocations&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecf95f8d509d0d812662c654b66bddcdec041ea428745c6d979ee3c3de1c5cb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 22:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1069
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/969820426/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/969820426/?random=1659738075299&cv=9&fst=1659736800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa830&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwcw-dinheiroonline.sa.com%2F&tiba=Best%20Remote%20and%20Work%20from%20Home%20Jobs%20-%20Virtual%20Vocations&async=1&fmt=3&is_vtc=1&random=4166704040&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 22:21:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/969820426/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/969820426/?random=1659738075299&cv=9&fst=1659736800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa830&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwcw-dinheiroonline.sa.com%2F&tiba=Best%20Remote%20and%20Work%20from%20Home%20Jobs%20-%20Virtual%20Vocations&async=1&fmt=3&is_vtc=1&random=4166704040&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 22:21:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
f.clarity.ms/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.37/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://wcw-dinheiroonline.sa.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
https://wcw-dinheiroonline.sa.com
date
Fri, 05 Aug 2022 22:21:14 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
/
www.virtualvocations.com/ajax/m/ 		0
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.virtualvocations.com/ajax/m/?h=wcw-dinheiroonline.sa.com
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.205.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-205-33.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 22:21:16 GMT
content-encoding
gzip
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
BYPASS
content-type
text/html; charset=utf-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=F44D7191B3CC4227BC2230808646F1D9&RedC=c.clarity.ms&MXFR=1F1746EAA1DD6EEC1064571DA5DD6036
  • https://c.clarity.ms/c.gif?CtsSyncId=F44D7191B3CC4227BC2230808646F1D9&MUID=22252EDC841269BA236A3F2B85D2689E
42 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=F44D7191B3CC4227BC2230808646F1D9&MUID=22252EDC841269BA236A3F2B85D2689E
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 22:21:16 GMT
last-modified
Thu, 28 Jul 2022 20:41:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"82531c78c2a2d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 05 Aug 2022 22:21:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BF69419A307248B8B0EAA7514AAA3E15 Ref B: DUS30EDGE0411 Ref C: 2022-08-05T22:21:16Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=F44D7191B3CC4227BC2230808646F1D9&MUID=22252EDC841269BA236A3F2B85D2689E
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
f.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.37/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://wcw-dinheiroonline.sa.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
https://wcw-dinheiroonline.sa.com
date
Fri, 05 Aug 2022 22:21:16 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
/
beacon-v2.helpscout.net/ 		458 B
730 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/
Requested by
Host: wcw-dinheiroonline.sa.com
URL: https://wcw-dinheiroonline.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.6 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3057e167c3382f3eb1d0b49d3d6b488f3675e8bfde012c605b221688b7410159

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 22:20:40 GMT
content-encoding
gzip
last-modified
Tue, 02 Aug 2022 08:13:59 GMT
server
AmazonS3
age
41
etag
"9cfc5c868f4fac34ebb6c444f57527b7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
cache-control
max-age=120, s-maxage=120, public
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
327
x-amz-cf-id
udoUCAg1eajQB4dw-_Ft-LNKvva93lV712XATxaDVORyq41hFrAqhA==
vendor.77ef1239.js
beacon-v2.helpscout.net/static/js/ 		65 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/vendor.77ef1239.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.6 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
058cf8f6e1cec7a6831c7e51545b1f057691f0a5de723d8e6dc546e17b3606b5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 20:50:42 GMT
content-encoding
gzip
last-modified
Tue, 02 Aug 2022 08:14:00 GMT
server
AmazonS3
age
5441
etag
"521c33c638bf89f2f413302327b1c14d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
22839
x-amz-cf-id
5Ef2k6RwNrX-SM65y_2Pl70xQdx8_8Gb-nEaeJPqTa-EBqO0jhZaOg==
main.bb00abed.js
beacon-v2.helpscout.net/static/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/main.bb00abed.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.6 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c43d6f696572a6b0306c3ef8c601b99bff8fd0144be90861af3cad71753b880f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 20:50:42 GMT
content-encoding
gzip
last-modified
Tue, 02 Aug 2022 08:14:00 GMT
server
AmazonS3
age
5441
etag
"82afea605cf448411f83002878e530da"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
9663
x-amz-cf-id
ZkcWYC9MWhSrpR5PHaAsQc7sI88V5c1-C8p3g71BN8Da7zXLjDkhGw==
full-beacon-init.2b21a23d.chunk.js
beacon-v2.helpscout.net/static/js/ 		342 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/full-beacon-init.2b21a23d.chunk.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/static/js/main.bb00abed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.6 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c305ca35031a967aa1404b488a2151825a11e26c2e5d6f09b4ea5fd8dadc08e0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wcw-dinheiroonline.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 20:50:49 GMT
content-encoding
gzip
last-modified
Tue, 02 Aug 2022 08:14:00 GMT
server
AmazonS3
age
5440
etag
"90afbb931e34912bf58fe4fa08fdc35a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
104787
x-amz-cf-id
cuN0382WriGsh2_gFb3EJ5HJb3QjzY3xSHDseR93CawkzDnyhQ7LuQ==
6749225f-a028-498c-8ff9-7069f15e0349
d3hb14vkzrxvla.cloudfront.net/v1/ 		0
0
6749225f-a028-498c-8ff9-7069f15e0349
d3hb14vkzrxvla.cloudfront.net/v1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d3hb14vkzrxvla.cloudfront.net
URL
https://d3hb14vkzrxvla.cloudfront.net/v1/6749225f-a028-498c-8ff9-7069f15e0349
Domain
d3hb14vkzrxvla.cloudfront.net
URL
https://d3hb14vkzrxvla.cloudfront.net/v1/6749225f-a028-498c-8ff9-7069f15e0349

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| V_PATH string| GoogleAnalyticsObject function| ga function| clarity function| gtag object| dataLayer function| f1335 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| webpackChunk function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| $ function| jQuery number| uidEvent boolean| __VUE__ object| _0x3cd8 function| _0x31aa

10 Cookies

Domain/Path Name / Value
wcw-dinheiroonline.sa.com/ Name: PHPSESSID
Value: 9c6sqqflvk9jnv0a6pmivjmf04
.wcw-dinheiroonline.sa.com/ Name: _gcl_au
Value: 1.1.1556409769.1659738075
www.clarity.ms/ Name: CLID
Value: 6952064d5e3741c78db6bc464633ce00.20220805.20230805
.wcw-dinheiroonline.sa.com/ Name: _clck
Value: kvsux9|1|f3r|0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.wcw-dinheiroonline.sa.com/ Name: _clsk
Value: 3yb3b8|1659738075858|1|1|f.clarity.ms/collect
.c.bing.com/ Name: SRM_B
Value: 22252EDC841269BA236A3F2B85D2689E
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 22252EDC841269BA236A3F2B85D2689E
.c.clarity.ms/ Name: ANONCHK
Value: 0

1 Console Messages

Source Level URL
Text
javascript warning URL: https://wcw-dinheiroonline.sa.com/
Message:
The resource https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,italic,700,500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon-v2.helpscout.net
c.bing.com
c.clarity.ms
d3hb14vkzrxvla.cloudfront.net
f.clarity.ms
fonts.googleapis.com
googleads.g.doubleclick.net
staticblog.virtualvocations.com
wcw-dinheiroonline.sa.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.virtualvocations.com
d3hb14vkzrxvla.cloudfront.net
13.32.99.51
143.204.215.6
172.217.16.194
20.234.93.27
20.84.22.197
2620:1ec:27::cafe:2250
2620:1ec:c11::200
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:812::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2008
2a06:98c1:3120::3
34.199.205.33
058cf8f6e1cec7a6831c7e51545b1f057691f0a5de723d8e6dc546e17b3606b5
0ad65e9d7126b253bb53eabbf3fd469dd0fb94d47522afbe4d184bbb7359e727
0f0cbca90baa25b36bcd34487f0b3713684c69dd8f0db651095783ae8148f6c4
1b19855884913d8b8e8883fd7ce1d4483fb4bc75cec727e09cac78583a33b025
1f2b53a0d55a1190985d996cc980f811efce293d7e98eb85a22c083ec7eebee9
23c13fbd4faaf34ea69244b239c23362f8a1513e52a75f5a0619a70fe840c543
25458838160273154104dd14fe55570ce506e429c5c03901015c1c14130eb8f8
2817b1a11ab709e92c01bc9f280c6845922d19cc2ac2fc6d020765d88fa1acdd
2a3daf6fc7c3944b44445d0a95244f19c3f078ec0ab9e083c93b820f7b64b4d9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3057e167c3382f3eb1d0b49d3d6b488f3675e8bfde012c605b221688b7410159
34adff152b743bf1365a388901503e733d92e9584a8d762caf2e0c37907f6e1b
4adde841d6d2afc4c415621e90e16c0fd96c2334309026a4c9149dab216986ff
7601ca5745aed4e59cecfd0fc95761d23af5be9258eb0f55a69c60f07272276e
7f4019616ffd19ff9e531bc12130f182dd01d241c0661ab14cd2dc46bfef817b
84f50cac5405718c078c373d40b0792d515c03e0221e9ec467d8570fde0b3841
855e27bd265078221e6dca9688f04fdae7676a5507cb99ad53c6f73f6168e1d8
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e8ba124b0c73a351df657b54d58db545fe810e16c0d9b07824a64864792a20d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2a0334b75637de3adbeb3ab166efdabca636a9a9de2983b9cfbbc2a8482862c
b295eaed81915b9913f94652f02b2766154d700684933755e8f34643e083f94e
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
c305ca35031a967aa1404b488a2151825a11e26c2e5d6f09b4ea5fd8dadc08e0
c43d6f696572a6b0306c3ef8c601b99bff8fd0144be90861af3cad71753b880f
c5303ede6ed1c095df8a7e31d9074970828e81174d8747f6ae9617f9580dd1de
d193b76668586edf215f9e8e5c54aace3570281cf4ed42491722707f008bbf8e
d8ede9eee67fc5261270d57f05feb9bfe7c3bc8eb97362374b8b945c5b71dc0d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eba055f8fee33ce5ed794ce6857521b151b1b8c2588b45684f66aa3ea8725f37
ecf95f8d509d0d812662c654b66bddcdec041ea428745c6d979ee3c3de1c5cb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe6fd081cc3dbb8f888560af24d42caa31d8e226805c4f2d2147ea7cb082fa7d