urlscan.io logo urlscan.io
SecurityTrails logo

salaryoption1.com Open in urlscan Pro
104.21.92.44  Public Scan

Go To Rescan Add Verdict Report
URL: http://salaryoption1.com/
Submission Tags: https://phish.report @phish_report Search All
Submission: On November 17 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 104.21.92.44, located in Shahr, Iran, Islamic Republic Of and belongs to CLOUDFLARENET, US. The main domain is salaryoption1.com.
This is the only time salaryoption1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 104.21.92.44 13335 (CLOUDFLAR...)
2 192.99.104.202 16276 (OVH)
1 3 34.96.102.137 396982 (GOOGLE-CL...)
1 216.58.212.138 15169 (GOOGLE)
15 5
Apex Domain
Subdomains		 Transfer
10 salaryoption1.com
salaryoption1.com
120 KB
3 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4805
2 KB
2 afsanalytics.com
www8.afsanalytics.com
2 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 304
93 KB
15 4
Domain Requested by
10 salaryoption1.com salaryoption1.com
3 dev.visualwebsiteoptimizer.com 1 redirects salaryoption1.com
2 www8.afsanalytics.com salaryoption1.com
1 ajax.googleapis.com salaryoption1.com
15 4

This site contains links to these domains. Also see Links.

Domain
new.afsanalytics.com
Subject Issuer Validity Valid
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2022-07-04 -
2023-08-05		 a year crt.sh

This page contains 1 frames:

Primary Page: http://salaryoption1.com/
Frame ID: 4FA5B1B8B317E592061A3CDF68073D01
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Work At Home Special Report!

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

7 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

216 kB
Transfer

248 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • http://dev.visualwebsiteoptimizer.com/j.php?a=7443&u=http%3A%2F%2Fsalaryoption1.com%2F&r=0.3234495745936228 HTTP 301
  • https://dev.visualwebsiteoptimizer.com/j.php?a=7443&u=http%3A%2F%2Fsalaryoption1.com%2F&r=0.3234495745936228

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
salaryoption1.com/ 		46 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://salaryoption1.com/
Protocol
HTTP/1.1
Server
104.21.92.44 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
57805d23183d2c34aada0d80a65f26d473baae351ab0ea78422174399d2e4d20

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
76b6c3187ddf2498-KBP
Cache-Control
no-store, no-cache, must-revalidate max-age=0, no-cache, s-maxage=10
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 17 Nov 2022 07:30:37 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1aZDVhcmYUcMJvzRb0eijHuiy%2B1X0pcr1MFlYEIDeb%2BYr2vcMbIV0Zb0ujbvWTbhSCWJkwWpTymyRJDo%2BbxcD7DsXjqK4JzW8fLBw%2BHXPwVHfkO6Vp2DcXnqkO4P%2BjVJqbPMA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding,User-Agent
X-Mod-Pagespeed
1.13.35.2-0
X-Powered-By
PHP/7.4.33
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
A.biz_style.css.pagespeed.cf.n1lQWzJ1nz.css
salaryoption1.com/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://salaryoption1.com/A.biz_style.css.pagespeed.cf.n1lQWzJ1nz.css
Requested by
Host: salaryoption1.com
URL: http://salaryoption1.com/
Protocol
HTTP/1.1
Server
104.21.92.44 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8111c59f66cc383add6204f420c8477bcc3f7f17c5719a3d473b2fd5d35ed0a7

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://salaryoption1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 07:30:37 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
X-Original-Content-Length
8781
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
29103
Cf-Polished
origSize=7126
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Wed, 16 Nov 2022 23:25:34 GMT
Server
cloudflare
Etag
W/"0-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWgUhYHQJnkVX8JK%2Bwd7iUqENTHrDIJgR%2BFDh%2ByFts2%2B%2Ban1YV1EoHl%2B%2FGQWHRtKjwZt0Eo8Jrm3pRRh9ktQ9rFwN%2BDSnC%2B%2F2lwqHj0OeLmLvxrxvmFIPQbjIVMrzrmzDIyhHw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=31536000
CF-RAY
76b6c31b3bcd2479-KBP
Expires
Thu, 16 Nov 2023 23:25:34 GMT
xcfr_header.jpg.pagespeed.ic.jZgyjY_oU1.webp
salaryoption1.com/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://salaryoption1.com/xcfr_header.jpg.pagespeed.ic.jZgyjY_oU1.webp
Requested by
Host: salaryoption1.com
URL: http://salaryoption1.com/
Protocol
HTTP/1.1
Server
104.21.92.44 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22004f3c99b6ccc0506826d127420a561894267a1db7f2009c4d0b8bcbcdda5e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://salaryoption1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 07:30:38 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
X-Original-Content-Length
58621
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
29104
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
11995
Last-Modified
Wed, 16 Nov 2022 23:25:34 GMT
Server
cloudflare
Etag
W/"0-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtvOOD0G2zqq4rfc7egCpThs02i7ec5tpi0WPijVL3A0PS7aHmCXST2VRdxnv1sGHvjVch%2FTcE%2FPIDCJ%2Fn%2F5DljKySG7b7r4mnikW7zO80mfqUmldVWdNb3GoHxIPhR15pZyrA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/webp
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
76b6c31bcd592479-KBP
Link
<http://salaryoption1.com/cfr_header.jpg>; rel="canonical"
Expires
Thu, 16 Nov 2023 23:25:34 GMT
index_r6_c1.gif.pagespeed.ce.g_xW5zGK8B.gif
salaryoption1.com/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://salaryoption1.com/index_r6_c1.gif.pagespeed.ce.g_xW5zGK8B.gif
Requested by
Host: salaryoption1.com
URL: http://salaryoption1.com/
Protocol
HTTP/1.1
Server
104.21.92.44 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a08a9d407ce88772e00e8128ca53286a680cc7aba415f323b90308f6143cc1e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://salaryoption1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 07:30:38 GMT
CF-Cache-Status
HIT
X-Original-Content-Length
7513
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
29104
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
7513
Last-Modified
Mon, 18 Mar 2019 08:33:00 GMT
Server
cloudflare
Etag
W/"0"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SX5fr1QWIkb3zHOk5bPitzgdAdAgyn%2FqCL38HD%2FWXFHi4oZljckyG2MhcTPcDCxJHV%2BAbPdDFLRihC0eX%2F%2BDVjuOIZRL4jvUFldOJQnA1TGXDtb31kZQ0aHM0kgUuzC7SRWiw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
76b6c31c1daa2498-KBP
Link
<http://salaryoption1.com/index_r6_c1.gif>; rel="canonical"
Expires
Thu, 16 Nov 2023 23:25:34 GMT
xarticle-check.jpg.pagespeed.ic.hGIzXDtaC5.webp
salaryoption1.com/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://salaryoption1.com/xarticle-check.jpg.pagespeed.ic.hGIzXDtaC5.webp
Requested by
Host: salaryoption1.com
URL: http://salaryoption1.com/
Protocol
HTTP/1.1
Server
104.21.92.44 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c881c6877635ea3bc6e466c997c5dd543d2bda1bb8d21f0421ef8d5e38589877

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://salaryoption1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 07:30:38 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
X-Original-Content-Length
25471
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
661
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
18265
Last-Modified
Thu, 17 Nov 2022 06:55:31 GMT
Server
cloudflare
Etag
W/"0-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bj%2Bm0OgZAJcFRp8xgvtD5iy3Dt%2BtbqYFyJC7SD9S1cmBSFYWoSjuAu7AebVxWKQ9s25BdkfhxAYw0aHrdXz1Dp0dZ%2BdJf7L3lGwkZSM%2FpPozr4w3JQKdGg8LoksJ%2FoHhGC3y9g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/webp
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
76b6c31caf5c2479-KBP
Link
<http://salaryoption1.com/article-check.jpg>; rel="canonical"
Expires
Fri, 17 Nov 2023 06:55:31 GMT
xarticle-screenshot2.jpg.pagespeed.ic.Gv6tc1RScv.webp
salaryoption1.com/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://salaryoption1.com/xarticle-screenshot2.jpg.pagespeed.ic.Gv6tc1RScv.webp
Requested by
Host: salaryoption1.com
URL: http://salaryoption1.com/
Protocol
HTTP/1.1
Server
104.21.92.44 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2726f3d180f42b872a192b700dfc186fd25c8caf89b93d6774efe1bd8632fe9

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://salaryoption1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 07:30:38 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
X-Original-Content-Length
34988
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
660
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
17355
Last-Modified
Thu, 17 Nov 2022 06:55:31 GMT
Server
cloudflare
Etag
W/"0-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxtL5Ixb9I%2Bz4reYxjsRy%2Bl17BxI%2BZ86ELEi28p6zvYnAI5%2F70uXgW3KU2w8pSLDSWGxZNovbR6aeiF0vNXP%2F2qpPfrYVQS7%2BF%2FCV4U%2FOrtVgXW2vLA37EIHIqS2Y3Ow0KA%2B3g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/webp
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
76b6c31d08452498-KBP
Link
<http://salaryoption1.com/article-screenshot2.jpg>; rel="canonical"
Expires
Fri, 17 Nov 2023 06:55:31 GMT
40x40xavatar-new.png.pagespeed.ic.FDahpP-DE4.webp
salaryoption1.com/ 		354 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://salaryoption1.com/40x40xavatar-new.png.pagespeed.ic.FDahpP-DE4.webp
Requested by
Host: salaryoption1.com
URL: http://salaryoption1.com/
Protocol
HTTP/1.1
Server
104.21.92.44 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
770fc7fa027052b7ea445b478021d2660b199fe8de3503f6ad3e06717e2117fa

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://salaryoption1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 07:30:38 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
X-Original-Content-Length
1956
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
29104
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
377
Last-Modified
Wed, 16 Nov 2022 23:25:34 GMT
Server
cloudflare
Etag
W/"0-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiPpELSTPR0%2BpnML0DmmoiABqclgs%2Ffk2Yo0mLxgp8Hb%2FRuaXXIR1dMGyBfjpwHSS%2B%2B7Oh83Gp%2F4UD58lmyOPBd708eOen3LjCmqkkTAyDA79T9OpM64tzhp%2FB3yZ%2BxkCyk8VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/webp
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
76b6c31d48ed2479-KBP
Link
<http://salaryoption1.com/avatar-new.png>; rel="canonical"
Expires
Thu, 16 Nov 2023 23:25:34 GMT
xmom-221.jpg.pagespeed.ic.5XPit4vkZT.webp
salaryoption1.com/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://salaryoption1.com/xmom-221.jpg.pagespeed.ic.5XPit4vkZT.webp
Requested by
Host: salaryoption1.com
URL: http://salaryoption1.com/
Protocol
HTTP/1.1
Server
104.21.92.44 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b18c26f3d2f343d638a769fabe2f1523e07dd60fc1472f6cd3066f9fecbb5404

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://salaryoption1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 07:30:38 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
X-Original-Content-Length
20003
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
29104
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
11721
Last-Modified
Wed, 16 Nov 2022 23:25:34 GMT
Server
cloudflare
Etag
W/"0-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umjvcbHGmjtOFC9T9df4b%2FxmDrwsu6vXtAi5sN6R%2Fp4a8etXpCViUfjtdabf1qUevpmXtvPExd7P0KTTMNvEFecdNfUH5duvD5UDKE2ELhZas09gRS2oyDmhz5PnnnKKlThcSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/webp
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
76b6c31d7fe977b9-KBP
Link
<http://salaryoption1.com/mom-221.jpg>; rel="canonical"
Expires
Thu, 16 Nov 2023 23:25:34 GMT
xnewslogo.gif.pagespeed.ic.Bx4KhdnwXL.webp
salaryoption1.com/ 		668 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://salaryoption1.com/xnewslogo.gif.pagespeed.ic.Bx4KhdnwXL.webp
Requested by
Host: salaryoption1.com
URL: http://salaryoption1.com/
Protocol
HTTP/1.1
Server
104.21.92.44 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57b6341c028bcdc962d010b25afffd6a33bad1a2ebea131e52772fbcc1e8c62a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://salaryoption1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 07:30:38 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
X-Original-Content-Length
802
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
29103
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
691
Last-Modified
Wed, 16 Nov 2022 23:25:35 GMT
Server
cloudflare
Etag
W/"0-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W29wdxb5yj18wMSiWRtOvFslnYy21FL1nyus%2Bv5LFWZhTZdxyJ4PVuhIIPVXqiLENV1ltufCP5kgBz4FxIaN9j0MFQOODDqYJOpvjekEtoJ%2B%2FQ41Y%2BuUhS%2FVXnnGJHSRNp0Bjg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/webp
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
76b6c31c3e5f2479-KBP
Link
<http://salaryoption1.com/newslogo.gif>; rel="canonical"
Expires
Thu, 16 Nov 2023 23:25:35 GMT
xmort.png.pagespeed.ic.O7-LpPXQ8E.webp
salaryoption1.com/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://salaryoption1.com/xmort.png.pagespeed.ic.O7-LpPXQ8E.webp
Requested by
Host: salaryoption1.com
URL: http://salaryoption1.com/
Protocol
HTTP/1.1
Server
104.21.92.44 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95a0d4d1d6f44ff2de5defe90efb6c97d4b8240dcc732e79ea7cc8ad8b55b88d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://salaryoption1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 07:30:38 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
X-Original-Content-Length
36304
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
660
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
29443
Last-Modified
Thu, 17 Nov 2022 06:55:31 GMT
Server
cloudflare
Etag
W/"0-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKjnfj04sGhM%2FMNjI0P3knMuBS1WaaYjDn4M599vSctvLTZGThIOgP3zI7SatduIBY2sqP0L%2BeH55lxk1uiZI9OalfPaXabIaS0R1Z5bQUOkeIrr0wrBr%2BxggUL1xzFcbyENNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/webp
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
76b6c31c8f0d2498-KBP
Link
<http://salaryoption1.com/mort.png>; rel="canonical"
Expires
Fri, 17 Nov 2023 06:55:31 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72ff5e9131912e1454105c1bac47d5530a11b1d04906c5a8f5a94a7ec2031ebc

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://salaryoption1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9bec785ddece2245f6f4e4121b49523f046f17cb256050665969dcd2ab7c9e7f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://salaryoption1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/webp
afstracka.cgi
www8.afsanalytics.com/cgi-bin/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www8.afsanalytics.com/cgi-bin/afstracka.cgi?usr=00831233
Requested by
Host: salaryoption1.com
URL: http://salaryoption1.com/
Protocol
HTTP/1.1
Server
192.99.104.202 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
www8.afsanalytics.com
Software
Apache /
Resource Hash
ce41efbdbe071037208d01533010259cbb13bb6668d8574595574059a73bfb9c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://salaryoption1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires
Tue, 20 Aug 1996 14:25:27 GMT
Date
Thu, 17 Nov 2022 07:30:39 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=15
Transfer-Encoding
chunked
Content-Type
application/x-javascript;charset=UTF-8
j.php
dev.visualwebsiteoptimizer.com/
Redirect Chain
  • http://dev.visualwebsiteoptimizer.com/j.php?a=7443&u=http%3A%2F%2Fsalaryoption1.com%2F&r=0.3234495745936228
  • https://dev.visualwebsiteoptimizer.com/j.php?a=7443&u=http%3A%2F%2Fsalaryoption1.com%2F&r=0.3234495745936228
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=7443&u=http%3A%2F%2Fsalaryoption1.com%2F&r=0.3234495745936228
Requested by
Host: salaryoption1.com
URL: http://salaryoption1.com/
Protocol
H2
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
90b4b11305050ab563d083861bdc7a8abb92b1be00276a6d9cc1dbb2ddf97f74

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://salaryoption1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 07:30:38 GMT
content-encoding
gzip
via
1.1 google
server
gams1
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Date
Thu, 17 Nov 2022 07:30:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload;
Via
1.1 google
server
gams1
Content-Type
text/html
Location
https://dev.visualwebsiteoptimizer.com/j.php?a=7443&u=http%3A%2F%2Fsalaryoption1.com%2F&r=0.3234495745936228
Timing-Allow-Origin
*
Content-Length
182
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 		92 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: salaryoption1.com
URL: http://salaryoption1.com/
Protocol
HTTP/1.1
Server
216.58.212.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f10.1e100.net
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://salaryoption1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 15 Nov 2022 13:25:48 GMT
X-Content-Type-Options
nosniff
Age
151490
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
93868
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Wed, 15 Nov 2023 13:25:48 GMT
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=7443&d=salaryoption1.com&u=DA4277BFC1BE00F9E40958C632D38585E&h=956aca50f791bf3390f99a22b3fc29aa&t=false&r=0.31590791163658727
Requested by
Host: salaryoption1.com
URL: http://salaryoption1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://salaryoption1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 07:30:38 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
connect.cgi
www8.afsanalytics.com/cgi-bin/ 		42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www8.afsanalytics.com/cgi-bin/connect.cgi?usr=00831233Pauto&js=1&title=Work%20At%20Home%20Special%20Report!&url=http%3A%2F%2Fsalaryoption1.com%2F&refer=&rua=0&resolution=1600x1200&color=24&Tips=0.48291681390963404
Requested by
Host: salaryoption1.com
URL: http://salaryoption1.com/
Protocol
HTTP/1.1
Server
192.99.104.202 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
www8.afsanalytics.com
Software
Apache /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://salaryoption1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 07:30:40 GMT
Server
Apache
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
P3P
CP="ADMa OUR UNI NID DSP NOI COR"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Transfer-Encoding
chunked
Connection
Keep-Alive
Access-Control-Allow-Headers
X-Forwarded-For, Forwarded-For, X-Client-IP, Client-IP, X-Real-IP, X-Requested-With, Content-Type,withCredentials
Keep-Alive
timeout=15
Expires
Thu, 17 Nov 2022 19:30:40 ESD

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| areYouReallySure boolean| internalLink function| areYouSure boolean| allowPrompt object| dayNames object| monthNames object| now string| AFS_Account string| AFS_Tracker string| AFS_Server string| AFS_Page string| AFS_Url string| AFS_Protocol object| speed object| s object| _vwo_code number| settings_timer number| _vwo_settings_timer undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| vwo_iehack_queue function| $ function| jQuery number| T string| Ref string| S boolean| iframe string| codeAFS undefined| defafs undefined| codeins object| statdivafs

2 Cookies

Domain/Path Name / Value
salaryoption1.com/ Name: PHPSESSID
Value: fd2595d01c2c67971d653cd803c0345f
.salaryoption1.com/ Name: _vwo_uuid_v2
Value: DA4277BFC1BE00F9E40958C632D38585E|956aca50f791bf3390f99a22b3fc29aa