urlscan.io logo urlscan.io
SecurityTrails logo

www.mandatedmoney.com Open in urlscan Pro
2606:4700:3031::ac43:9d1c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.exct.bonnerandpartners.com/?qs=044eeae9544ad4b5de3bd468b62350133cbdbbc8e65e04fa35929840874cc981e600d294407a49d3cd29a59aad15...
Effective URL: https://www.mandatedmoney.com/?view=sms
Submission: On August 23 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 13 domains to perform 33 HTTP transactions. The main IP is 2606:4700:3031::ac43:9d1c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mandatedmoney.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 2nd 2021. Valid for: a year.
This is the only time www.mandatedmoney.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.45.84 22606 (EXACT-7)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
10 2600:9000:20e... 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2.18.234.122 16625 (AKAMAI-AS)
1 3.216.185.243 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.102.183.26 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 151.101.13.44 54113 (FASTLY)
33 13
1    13.111.45.84 (United States)

ASN22606 (EXACT-7, US)
PTR: click.exct.bonnerandpartners.com
click.exct.bonnerandpartners.com
2    2606:4700:3031::ac43:9d1c (United States)

ASN13335 (CLOUDFLARENET, US)
www.mandatedmoney.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
10    2600:9000:20eb:0:f:75e2:4ac0:21 (United States)

ASN16509 (AMAZON-02, US)
d3bjnmbj12697.cloudfront.net
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2.18.234.122 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-122.deploy.static.akamaitechnologies.com
players.brightcove.net
1    3.216.185.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-185-243.compute-1.amazonaws.com
sms-live.legacyresearch.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    34.102.183.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.183.102.34.bc.googleusercontent.com
cdn.pushcrew.com
4    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2606:4700:20::ac43:49ec (United States)

ASN13335 (CLOUDFLARENET, US)
c.lytics.io
1    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
Domain Requested by
10 d3bjnmbj12697.cloudfront.net www.mandatedmoney.com
5 c.lytics.io www.mandatedmoney.com
c.lytics.io
4 fonts.gstatic.com fonts.googleapis.com
4 cdnjs.cloudflare.com www.mandatedmoney.com
cdnjs.cloudflare.com
2 www.mandatedmoney.com www.mandatedmoney.com
1 trc.taboola.com
1 cdn.pushcrew.com www.mandatedmoney.com
1 www.googletagmanager.com www.mandatedmoney.com
1 sms-live.legacyresearch.com www.mandatedmoney.com
1 players.brightcove.net www.mandatedmoney.com
1 code.jquery.com www.mandatedmoney.com
1 fonts.googleapis.com www.mandatedmoney.com
1 click.exct.bonnerandpartners.com 1 redirects
33 13

This site contains links to these domains. Also see Links.

Domain
www.brownstoneresearch.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-02 -
2022-08-01		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
players.brightcove.net
DigiCert SHA2 Secure Server CA		 2021-08-04 -
2022-08-04		 a year crt.sh
*.legacyresearch.com
Amazon		 2021-07-01 -
2022-07-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.pushcrew.com
Go Daddy Secure Certificate Authority - G2		 2021-07-23 -
2022-08-24		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.mandatedmoney.com/?view=sms
Frame ID: 1D97052680262CEE4A4A51442486BC60
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Click for Crypto: Jeff Brown's First Ever Cryptocurrency Event

Page URL History Show full URLs

  1. https://click.exct.bonnerandpartners.com/?qs=044eeae9544ad4b5de3bd468b62350133cbdbbc8e65e04fa35929840874cc981e600d294... HTTP 302
    https://www.mandatedmoney.com/?view=sms Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

33
Requests

97 %
HTTPS

62 %
IPv6

13
Domains

13
Subdomains

13
IPs

3
Countries

1331 kB
Transfer

2444 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.exct.bonnerandpartners.com/?qs=044eeae9544ad4b5de3bd468b62350133cbdbbc8e65e04fa35929840874cc981e600d294407a49d3cd29a59aad156bc5c7970dd17e132bc6 HTTP 302
    https://www.mandatedmoney.com/?view=sms Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mandatedmoney.com/
Redirect Chain
  • https://click.exct.bonnerandpartners.com/?qs=044eeae9544ad4b5de3bd468b62350133cbdbbc8e65e04fa35929840874cc981e600d294407a49d3cd29a59aad156bc5c7970dd17e132bc6
  • https://www.mandatedmoney.com/?view=sms
20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mandatedmoney.com/?view=sms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:9d1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c552fc9f71448908dc8b9bcecef9461e4ced804d0c45c54b288f643fbf2432f

Request headers

:method
GET
:authority
www.mandatedmoney.com
:scheme
https
:path
/?view=sms
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 18:04:56 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache="set-cookie"
set-cookie
AWSELB=FF9583C11E99524E416D9C0693769B58C8F2AD4705E0FEB132A0CEE818B2BFD90918EDC2245EF1D472276E214171D9CF6B4A2F90F852AD6C7BDBC9C5E23503C1A16F4EA856;PATH=/
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IlrEAq4HQrDWQRw4nqc0MQTAHMwSBokPjP7kKe1q4Po%2FkcBxM1hkL6fLT5jmoG82LTaiozgs%2Ff1RTx8KeM5erKAtaV3v2047hEJovUcClvPvSIOv5Engk7rL10EnK8O3RcfXLyGCoDHk05cQL7j8e0jmmA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68364426de3c6485-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://www.mandatedmoney.com/?view=sms
Date
Mon, 23 Aug 2021 18:04:55 GMT
Connection
close
Content-Length
156
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&family=Georama:ital,wght@0,700;1,700&family=JetBrains+Mono:wght@800&family=Teko&display=swap
Requested by
Host: www.mandatedmoney.com
URL: https://www.mandatedmoney.com/?view=sms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b1e3934b4ec4320ab1bfab235db1c5f781a0796bf15258a5e7ca7ee8e3fff12d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 18:04:57 GMT
server
ESF
date
Mon, 23 Aug 2021 18:04:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Aug 2021 18:04:57 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Requested by
Host: www.mandatedmoney.com
URL: https://www.mandatedmoney.com/?view=sms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.mandatedmoney.com
Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 18:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2231713
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10391
timing-allow-origin
*
last-modified
Wed, 15 Jul 2020 18:15:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f0f47d3-e637"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7r%2BiZETDmRLhlIPe8iowV62PGHCpA8XP2YNjyAP50vniKssNwi%2Bjpxjhm9Ge%2FBRfpqXTO6KcLORjxkSL%2FqM4p29Ob5f0xpasQzc4scxrjC%2F7R76Y3zPOfMKKOiRXDXYw3B5SkLo7Eb9KwKi1SiVyZydb"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
683644284dbd4ab6-FRA
expires
Sat, 13 Aug 2022 18:04:57 GMT
bootstrap.min.css
d3bjnmbj12697.cloudfront.net/_/css/bootstrap/4.5.0/ 		157 KB
157 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3bjnmbj12697.cloudfront.net/_/css/bootstrap/4.5.0/bootstrap.min.css
Requested by
Host: www.mandatedmoney.com
URL: https://www.mandatedmoney.com/?view=sms
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:0:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6aae28bcba8db9ca75753fd96de986a5e2f3020627f640715f19727c220e4638

Request headers

Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 17:18:44 GMT
Via
1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
Last-Modified
Fri, 23 Apr 2021 18:04:54 GMT
Server
AmazonS3
Age
18038
ETag
"5e7125a70f71ad3467e5c578b4fb8926"
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
160763
X-Amz-Cf-Id
iTrHKrU-RwRFQlhPESpxu8PB6MszE6X4IbEaXf7emuIuQdn0GwjLXQ==
site.css
www.mandatedmoney.com/assets/css/ 		69 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mandatedmoney.com/assets/css/site.css?v=1628778505
Requested by
Host: www.mandatedmoney.com
URL: https://www.mandatedmoney.com/?view=sms
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9d1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ca0075907ebce76b8bd38620a0beda50d8dc0d24205e42bd75ae5bc5c3cc463

Request headers

:path
/assets/css/site.css?v=1628778505
pragma
no-cache
cookie
AWSELB=FF9583C11E99524E416D9C0693769B58C8F2AD4705E0FEB132A0CEE818B2BFD90918EDC2245EF1D472276E214171D9CF6B4A2F90F852AD6C7BDBC9C5E23503C1A16F4EA856
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.mandatedmoney.com
referer
https://www.mandatedmoney.com/?view=sms
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mandatedmoney.com/?view=sms
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 18:04:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Aug 2021 14:28:25 GMT
server
cloudflare
age
278714
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CZ7fN5k5i6ClXCXIydvy6rdgb%2Feo%2Burc%2BTIhGEtTDxi%2FoXMU4ugjvG1I6EVCbBVtLiIYTwc4WawJcv9rV3ucWVMjBuztvcmu8kErJ2DiuHOJhcEN4yLvL58b%2Bd7pS0asoXtBGW2s%2B43BVqNJOpDMkRnHOk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6836442908da4e9d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Fri, 27 Aug 2021 12:39:43 GMT
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: www.mandatedmoney.com
URL: https://www.mandatedmoney.com/?view=sms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 18:04:57 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 23:02:39 GMT
server
nginx
etag
W/"5eb09f0f-15d84"
vary
Accept-Encoding
x-hw
1629741897.dop206.fr8.t,1629741897.cds258.fr8.hc,1629741897.cds142.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
bootstrap.bundle.min.js
d3bjnmbj12697.cloudfront.net/_/js/bootstrap/4.5.0/ 		79 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3bjnmbj12697.cloudfront.net/_/js/bootstrap/4.5.0/bootstrap.bundle.min.js
Requested by
Host: www.mandatedmoney.com
URL: https://www.mandatedmoney.com/?view=sms
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:0:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24

Request headers

Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 12:52:25 GMT
Via
1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
Last-Modified
Mon, 29 Jun 2020 13:27:40 GMT
Server
AmazonS3
Age
18820
ETag
"7fd2f04e75bd7ab1a79d80cdd4c33085"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
81084
X-Amz-Cf-Id
qUDckcgqahrijeg7V4N44Q9M66jC7olTLxB_pG0uDzMtIjkRiuftjw==
c.js
d3bjnmbj12697.cloudfront.net/_/js/countdown/1.0.2/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3bjnmbj12697.cloudfront.net/_/js/countdown/1.0.2/c.js
Requested by
Host: www.mandatedmoney.com
URL: https://www.mandatedmoney.com/?view=sms
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:0:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
423d18dedb1bc099b3d620cf0933f90c75c68793d54fed04c1920d550fbe14cb

Request headers

Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 04:03:37 GMT
Via
1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
Last-Modified
Wed, 11 Aug 2021 19:29:08 GMT
Server
AmazonS3
Age
50481
ETag
"efc069d087bed6705bf34d56756eac4b"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
6424
X-Amz-Cf-Id
kPhI_PXhV0UTodKuxQqRCaOV-av9eGRodzst0E-bVsnwlxIx_LUpIA==
jeff-brown.580x642.png
d3bjnmbj12697.cloudfront.net/_/headshots/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bjnmbj12697.cloudfront.net/_/headshots/jeff-brown.580x642.png
Requested by
Host: www.mandatedmoney.com
URL: https://www.mandatedmoney.com/?view=sms
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:0:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f727647a68ac63bad9d5488a88b540389f23a5e4e620ec7a4ced9d0f9df702d

Request headers

Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 22 Aug 2021 20:15:48 GMT
Via
1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
Last-Modified
Thu, 02 Jul 2020 21:01:32 GMT
Server
AmazonS3
Age
78550
ETag
"ed8b364ffb56384185bd71bf5262f574"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
111695
X-Amz-Cf-Id
X5zRb0IpkLvoBAMFP6e4FM0rEWsBt9202yg4PHWRI2QPXnBv0bUjTg==
logo-bup.png
d3bjnmbj12697.cloudfront.net/br/p/bup/2108-click-for-crypto/img/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bjnmbj12697.cloudfront.net/br/p/bup/2108-click-for-crypto/img/logo-bup.png
Requested by
Host: www.mandatedmoney.com
URL: https://www.mandatedmoney.com/?view=sms
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:0:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
afdf1f69d6a605db213b026b0220fb731389f1bf59469412424aa8ad799fe956

Request headers

Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 22 Aug 2021 20:09:48 GMT
Via
1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
Last-Modified
Tue, 10 Aug 2021 17:06:19 GMT
Server
AmazonS3
Age
78910
ETag
"af0949610b697a5e034ad86dbc44fa94"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
71584
X-Amz-Cf-Id
v4Z7L-LjIAhyHAWOZH0_jzl44MalHDfg62ja5T6W4pzjjpNQMp03_Q==
lr-data-br.bundle.js
d3bjnmbj12697.cloudfront.net/_/js/lr-data/1.0.7/ 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3bjnmbj12697.cloudfront.net/_/js/lr-data/1.0.7/lr-data-br.bundle.js
Requested by
Host: www.mandatedmoney.com
URL: https://www.mandatedmoney.com/?view=sms
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:0:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ebe2ba28a26859c028288403f39e04d27e659713ee7269d0b66a1916de30ee16

Request headers

Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 22 Aug 2021 20:09:48 GMT
Via
1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
Last-Modified
Wed, 28 Apr 2021 15:11:23 GMT
Server
AmazonS3
Age
78910
ETag
"43669488c0c489fa2a1b065ff9722510"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
22786
X-Amz-Cf-Id
QPyU80YIq2tyDz_Wl879DIPe2lEEPbnOE2xDFOMQWGaY3ZmehHjN5g==
index.min.js
players.brightcove.net/5102072647001/0zLsWuD5UW_default/ 		676 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js
Requested by
Host: www.mandatedmoney.com
URL: https://www.mandatedmoney.com/?view=sms
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.234.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9e3ff5b86971ef697048b5a1dd045cf88e989ea044d02814602abe05751255fd

Request headers

Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
tS1XXM9tSB7sOHnMmwTQj_rTgXSYPyDB
Content-Encoding
gzip
ETag
"6a807016bf964c4195d058dca857670b"
x-amz-request-id
S54PK30QZGTJWDEE
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
188142
x-amz-id-2
4gSla8b2KZcuj3M5bq8HpR1BpbdJOWgZe+zcWj4pXFTWE3hR0weba5M+4B6mYsn46f1gDdNSDUI=
X-BCOV-Response-Mode
1
X-Served-By
cache-ams21041-AMS
Last-Modified
Thu, 05 Nov 2020 18:06:16 GMT
Server
AmazonS3
X-Timer
S1620712384.570857,VS0,VE1
Date
Mon, 23 Aug 2021 18:04:57 GMT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=44
Accept-Ranges
bytes
X-Cache-Hits
1
libphonenumber-js.min.js
cdnjs.cloudflare.com/ajax/libs/libphonenumber-js/1.7.54/ 		137 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/libphonenumber-js/1.7.54/libphonenumber-js.min.js
Requested by
Host: www.mandatedmoney.com
URL: https://www.mandatedmoney.com/?view=sms
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79f7e85d33599f85fad5cc0460c005ca3c7d02a8ba55625c5ede40b052a47a3b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.mandatedmoney.com
Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 18:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9596376
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
30322
cf-request-id
09d9cbd9a30000beb5638fc000000001
timing-allow-origin
*
last-modified
Sat, 27 Jun 2020 16:06:16 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ef76e78-223f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yv72Vq%2FpSUgMlCK1iAlsnAKEniiHbymqnxadr%2BmaFMTWB0Nar6XTbxKLCmGGfb%2BPibghCkA%2FK%2FHWsVuYPJvB1w0zzjEgG7gBIASXDAFUarTpq%2B30Af4rAIB74HrAYRSofwwlkxbWqQqhVHq7PvmLLDaC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
683644295d5e4e3e-FRA
expires
Sat, 13 Aug 2022 18:04:57 GMT
group.min.js
sms-live.legacyresearch.com/snippets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sms-live.legacyresearch.com/snippets/group.min.js
Requested by
Host: www.mandatedmoney.com
URL: https://www.mandatedmoney.com/?view=sms
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.185.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-185-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e359ff6302ee28cf85300ddf6b114ee25e5e7305f52e9fa9dd0b858bb82b4d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 18:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jun 2021 07:41:42 GMT
server
nginx
etag
W/"60c9ab36-844"
x-frame-options
SAMEORIGIN
content-type
application/javascript
vary
Accept-Encoding
x-xss-protection
1; mode=block
tm.js
d3bjnmbj12697.cloudfront.net/br/p/bup/2108-click-for-crypto/js/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3bjnmbj12697.cloudfront.net/br/p/bup/2108-click-for-crypto/js/tm.js
Requested by
Host: www.mandatedmoney.com
URL: https://www.mandatedmoney.com/?view=sms
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:0:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
65cca0d6ad4ec9bbac4f1017c6dab4aee1c5ab0b12210cf5b12822dbe239a754

Request headers

Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 22 Aug 2021 20:11:19 GMT
Via
1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
Last-Modified
Wed, 11 Aug 2021 18:03:18 GMT
Server
AmazonS3
Age
78819
ETag
"36efc37048dffc1704036096fbaac27c"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
3178
X-Amz-Cf-Id
cbZmTbkY--UmGH7IRcuTqY-HWe_ByP5xdwz9rsMGO7xqZCaPZa_Ybg==
gtm.js
www.googletagmanager.com/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P4TCGX4
Requested by
Host: www.mandatedmoney.com
URL: https://www.mandatedmoney.com/?view=sms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
21f5d570a0ec0703e97ec7cfda5dc0ca0eefc28aff0755c2576d02cec6b62f2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 18:04:57 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35598
x-xss-protection
0
expires
Mon, 23 Aug 2021 18:04:57 GMT
280a1d345d060ccc7f11fd00aa14bc9b.js
cdn.pushcrew.com/js/ 		243 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/280a1d345d060ccc7f11fd00aa14bc9b.js
Requested by
Host: www.mandatedmoney.com
URL: https://www.mandatedmoney.com/?view=sms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
94e5ee31e880b74a094a789645dc8ecb9559a86271c1d2739ba29fdd0dfc1fe7

Request headers

Origin
https://www.mandatedmoney.com
Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 18:04:57 GMT
content-encoding
gzip
last-modified
Thu, 12 Aug 2021 14:55:07 GMT
server
nginx
etag
W/"6115364b-3cbe5"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Mon, 23 Aug 2021 18:34:57 GMT
bg-1.jpg
d3bjnmbj12697.cloudfront.net/br/p/bup/2108-click-for-crypto/img/ 		266 KB
266 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bjnmbj12697.cloudfront.net/br/p/bup/2108-click-for-crypto/img/bg-1.jpg
Requested by
Host: www.mandatedmoney.com
URL: https://www.mandatedmoney.com/assets/css/site.css?v=1628778505
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:0:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
617bff95592163fca5d324a4e0319fa23e4bb0886ccc534384c0980f602e4725

Request headers

Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 22 Aug 2021 20:51:55 GMT
Via
1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
Last-Modified
Tue, 10 Aug 2021 13:13:12 GMT
Server
AmazonS3
Age
76383
ETag
"079e88d13555c833ea082aa2f61778f9"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
271891
X-Amz-Cf-Id
uyxzHtIXk2siViLJb6L4ETyLYy1A4mm2MyvVaEtHNpMruzrV4pTrpw==
marker-oval-dark.1600x608.png
d3bjnmbj12697.cloudfront.net/_/dazzle/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bjnmbj12697.cloudfront.net/_/dazzle/marker-oval-dark.1600x608.png
Requested by
Host: www.mandatedmoney.com
URL: https://www.mandatedmoney.com/assets/css/site.css?v=1628778505
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:0:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e14a0d748e047afd36d4ecb8f79e27a7158054a4ceefd9502497b1aa107cc7f

Request headers

Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 02:55:42 GMT
Via
1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 Jun 2020 13:51:31 GMT
Server
AmazonS3
Age
54556
ETag
"92acaa86158be2a5eb6b30a62bbcd821"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
15013
X-Amz-Cf-Id
_lYMD4l_j1XjoNVz5lVVq70eVKB9T9H3CPBfKNFbJBkWevmp68y9pA==
underline-dark.764x100.png
d3bjnmbj12697.cloudfront.net/_/dazzle/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bjnmbj12697.cloudfront.net/_/dazzle/underline-dark.764x100.png
Requested by
Host: www.mandatedmoney.com
URL: https://www.mandatedmoney.com/assets/css/site.css?v=1628778505
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:0:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7c89476d491e38b87d4c34f89f3c629dccb127ec7dcbe6e2073fc82e0bbc89f

Request headers

Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 22 Aug 2021 22:36:00 GMT
Via
1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 Jun 2020 13:51:32 GMT
Server
AmazonS3
Age
70138
ETag
"c62c90053e832044856ea3e88fce1cca"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
3185
X-Amz-Cf-Id
whY4OuPoOxRE_-iO77vGfZE3vOvtJEG8ostNhCvNIBL52iomncR_Pg==
LYjNdG7kmE0gfaN9pQ.woff2
fonts.gstatic.com/s/teko/v10/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/teko/v10/LYjNdG7kmE0gfaN9pQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&family=Georama:ital,wght@0,700;1,700&family=JetBrains+Mono:wght@800&family=Teko&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51b6a852f98c7140040a19aeed7333059105f04271c132beef28e0f28b86ae48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.mandatedmoney.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 22:49:54 GMT
x-content-type-options
nosniff
age
587703
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13324
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:26:11 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 22:49:54 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&family=Georama:ital,wght@0,700;1,700&family=JetBrains+Mono:wght@800&family=Teko&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.mandatedmoney.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:32:52 GMT
x-content-type-options
nosniff
age
581525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:32:52 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&family=Georama:ital,wght@0,700;1,700&family=JetBrains+Mono:wght@800&family=Teko&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.mandatedmoney.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:32:51 GMT
x-content-type-options
nosniff
age
581526
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:32:51 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61bdf51fbeabbc9aa8651d2b9e8e2c666c8a62683a5296545b2c70ac2cde9e85
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.mandatedmoney.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 18:04:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
422240
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
13600
timing-allow-origin
*
last-modified
Wed, 15 Jul 2020 18:15:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f0f47d3-3520"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2ByLqiXbWDY5%2BBxrba3CY2XKEyKmlRiT%2FDatw0Zu7WVvCoZiLlLkaok8C0p8VfGezbwYFCqSJGErjTluQznC1k63QSdt%2Bk92P%2BJleSCePBs%2Fr0mp7Z4kBavHrdHw8j%2Fcoa6NSE6TFeldzPBqH64AXbXH"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
683644296d614e3e-FRA
expires
Sat, 13 Aug 2022 18:04:57 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.mandatedmoney.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 18:04:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
417959
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
80148
timing-allow-origin
*
last-modified
Wed, 15 Jul 2020 18:15:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f0f47d3-13914"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VE75eeopy2DNCrrc15nfPcD%2F1yS4Z2DYjt9r3ZtHuqq9%2FJQAD3qjlaov9Kdvw72Z8JA0xXFUZ5d391Um4qafjWGn8fcbi9%2BU4LXIx%2Fk2EwJxlk1mZKaZCoqq%2BY50lTbfkaB%2Bjj%2F2uFCPw0OculzbdsSR"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
683644296d664e3e-FRA
expires
Sat, 13 Aug 2022 18:04:57 GMT
latest.min.js
c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js
Requested by
Host: www.mandatedmoney.com
URL: https://www.mandatedmoney.com/?view=sms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0960d7ff328253f0fece0a022442605ef7667e67340266b33918a8c592f2f9c7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 18:04:57 GMT
via
1.1 google
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
334
content-encoding
br
last-modified
Mon, 23 Aug 2021 17:59:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVbyMR5Z0m6uZO2K5J%2FYrAoi4ZNGyuxOFnhtNIPqPBDXSa0UUPoXbvXSwn1l2wysu1zqNzRa3gXh83NRIzGWo%2BQMaYRT3443DJnWFDsnJoebVu3UQ4450GBTuO2lw%2B2Kb35OHmLCqYYk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
cf-ray
6836442bcb200601-FRA
08e8e3d5-59df-40e1-9380-f47e83c36f97
https://www.mandatedmoney.com/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.mandatedmoney.com/08e8e3d5-59df-40e1-9380-f47e83c36f97
Requested by
Host: www.mandatedmoney.com
URL: https://www.mandatedmoney.com/?view=sms
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
6754fc8577b0e933befa552acea53d64
c.lytics.io/c/ 		35 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.lytics.io/c/6754fc8577b0e933befa552acea53d64?gtm.start=1629741897004&event=gtm.js&gtm.uniqueEventId=3&_ts=1629741897627&_nmob=t&_device=desktop&url=www.mandatedmoney.com%2F%3Fview%3Dsms&_v=3.0.20&_uid=u_393014081856441400&_getid=t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 18:04:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST
content-length
35
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVlGD01mFtHPDLotjivkXVOG1ZcigDEHEwHCBQACmHYJc7hkJ7f8Ek2W4G5RO9rDtyn%2BX7SPan%2FxSPB1q7zbW%2BqVQ48owhxCnSbiS%2FSOIecWTTeDnZUcgW6Altf4bBYtgl3XTmpYWFvp"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
6836442c2c3e0601-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
u_393014081856441400
c.lytics.io/api/personalize/6754fc8577b0e933befa552acea53d64/user/_uid/ 		73 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/personalize/6754fc8577b0e933befa552acea53d64/user/_uid/u_393014081856441400?segments=true&mergestate=true&state=%7B%22_uid%22%3A%22u_393014081856441400%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A2%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22www.mandatedmoney.com%2F%3Fview%3Dsms%22%2C%22_v%22%3A%223.0.20%22%7D&ts=1629741897717&callback=u_756716354786001800
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68596b94d76a90f2b97c02594c2cb618c584dbf20acf6577217e1a300cb612e1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cf-ray
6836442ccd8c0601-FRA
date
Mon, 23 Aug 2021 18:04:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000;
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDwzapfIBGQWtwR2d0Z3S76msf5v6Ebhv34TZYKj7qtcaLL1GmjOhDqmfp4xRmDqr%2FDAxpXRlZHqdhfQ58YnrX6AThdEAI9H%2BoWkMJ5%2Fxv%2FR47YFmyiId0tyRBpIWTy%2FEF1fYkzVdnml"}],"group":"cf-nel","max_age":604800}
content-encoding
br
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
6754fc8577b0e933befa552acea53d64
c.lytics.io/c/ 		35 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.lytics.io/c/6754fc8577b0e933befa552acea53d64?_e=pv&_sesstart=1&_tz=2&_ul=en-US&_sz=1600x1200&_ts=1629741897714&_nmob=t&_device=desktop&url=www.mandatedmoney.com%2F%3Fview%3Dsms&_uid=u_393014081856441400&_v=3.0.20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 18:04:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST
content-length
35
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2B1lecgISfgacawWEftsqIKahpFtMf7f2vTv6idE3V8jsrHuf3CdaR5YtiqovVyB8tqa%2BigX370o6Z3zGH1R1ImBJO4UDrVBJcOoiBGSXVfp%2BNgScSi5vRlCx%2BwPRD63OQZHmyqRaq0F"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
6836442ccd8d0601-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
cm
trc.taboola.com/sg/lytics/1/ 		43 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3Du_393014081856441400%26account_id%3D6754fc8577b0e933befa552acea53d64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms
63
pragma
no-cache
date
Mon, 23 Aug 2021 18:04:57 GMT
via
1.1 varnish
server
nginx
x-timer
S1629741898.861719,VS0,VE63
x-served-by
cache-fra19180-FRA
x-cache
MISS
cache-control
no-cache, no-store
accept-ranges
bytes
x-cache-hits
0
pathfora.min.js
c.lytics.io/static/ 		100 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/static/pathfora.min.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
262c4235e948c3755b69cd31333474e2abdf2d28f0d8d332458211436b0241ea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://www.mandatedmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cf-ray
68364430bfba0601-FRA
date
Mon, 23 Aug 2021 18:04:58 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 13 Jul 2021 21:11:05 GMT
server
cloudflare
age
4795
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64SULRHx2zBjHYbTYDnDAdQvlOWIe5saoEWWsO4gZt7YMFKqNkg0RtwghP9gc%2F%2FTuRBO9rEONo2ldUBmbFWG6Tr18n71h2%2FgE%2F5NWFNuyoRZmxqW07TmXVjSZ%2BJ6asR0qyF80AEnp%2B%2FT"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000;
content-encoding
br
tDbY2o-flEEny0FZhsfKu5WU4zr3E_BX0PnT8RD8SKtTOlOV.woff2
fonts.gstatic.com/s/jetbrainsmono/v6/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/jetbrainsmono/v6/tDbY2o-flEEny0FZhsfKu5WU4zr3E_BX0PnT8RD8SKtTOlOV.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&family=Georama:ital,wght@0,700;1,700&family=JetBrains+Mono:wght@800&family=Teko&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95e4afed859f7a24e70fb57401f87b8038409a3f3033f951bcdcca0b595d4167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.mandatedmoney.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 08:37:43 GMT
x-content-type-options
nosniff
age
552435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19264
x-xss-protection
0
last-modified
Fri, 19 Mar 2021 03:22:06 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 08:37:43 GMT

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated boolean| test string| view string| source string| type string| effortId object| dataLayer object| _pcq function| $ function| jQuery object| bootstrap string| onExpire string| redirectURL boolean| whitelist function| urlParams object| q boolean| debug function| countdownReady function| countdownCheck string| assetId string| campaignId object| brandIds object| lrUnits function| lrData object| cidEls object| ddLinkEls undefined| ddLink string| emailSignupMethod string| etPostUrl object| emailForms object| smsForms object| smsDisclaimers undefined| emailFormData undefined| formType undefined| placeholder undefined| buttonText undefined| emailFormHTML object| forms object| validation undefined| smsFormData undefined| callLoopId undefined| smsFormHTML undefined| smsDisclaimerHTML object| google_tag_manager object| countdowns object| countdownContainers string| countdownDate object| urgency number| timer object| jstag boolean| VIDEOJS_NO_DYNAMIC_STYLE function| videojs object| videojsLoscore function| videojsFlash object| videojsFlashlsSourceHandler object| videojsHttpStreaming function| videojsProxyTracks function| videojsPerSourceBehaviors function| videojsSeekEvents function| videojsContextmenu function| videojsContextmenuUi function| videojsPlayerInfo function| videojsBcAnalytics function| videojsErrors function| videojsBcCatalog function| videojsPlaylist function| bc string| touchEvent object| libphonenumber boolean| _pc_loaded object| PC object| VWO object| _vwo_exp_ids object| _vwo_exp string| _vwo_server_url object| _vis_opt_queue function| bowser object| __pc object| _pushcrewDebuggingQueue object| _pc_u boolean| ecomEventsInit function| legacy string| qEffortId function| tmReady function| tmCheck object| __lytics__jstag__ undefined| u_756716354786001800

2 Cookies

Domain/Path Name / Value
.www.mandatedmoney.com/ Name: seerid
Value: u_393014081856441400
.www.mandatedmoney.com/ Name: seerses
Value: e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.lytics.io
cdn.pushcrew.com
cdnjs.cloudflare.com
click.exct.bonnerandpartners.com
code.jquery.com
d3bjnmbj12697.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
players.brightcove.net
sms-live.legacyresearch.com
trc.taboola.com
www.googletagmanager.com
www.mandatedmoney.com
13.111.45.84
151.101.13.44
2.18.234.122
2001:4de0:ac18::1:a:3b
2600:9000:20eb:0:f:75e2:4ac0:21
2606:4700:20::ac43:49ec
2606:4700:3031::ac43:9d1c
2606:4700::6810:125e
2a00:1450:4001:809::2003
2a00:1450:4001:827::2008
2a00:1450:4001:82b::200a
3.216.185.243
34.102.183.26
0960d7ff328253f0fece0a022442605ef7667e67340266b33918a8c592f2f9c7
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
1c552fc9f71448908dc8b9bcecef9461e4ced804d0c45c54b288f643fbf2432f
21f5d570a0ec0703e97ec7cfda5dc0ca0eefc28aff0755c2576d02cec6b62f2c
262c4235e948c3755b69cd31333474e2abdf2d28f0d8d332458211436b0241ea
423d18dedb1bc099b3d620cf0933f90c75c68793d54fed04c1920d550fbe14cb
51b6a852f98c7140040a19aeed7333059105f04271c132beef28e0f28b86ae48
5e14a0d748e047afd36d4ecb8f79e27a7158054a4ceefd9502497b1aa107cc7f
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
617bff95592163fca5d324a4e0319fa23e4bb0886ccc534384c0980f602e4725
61bdf51fbeabbc9aa8651d2b9e8e2c666c8a62683a5296545b2c70ac2cde9e85
65cca0d6ad4ec9bbac4f1017c6dab4aee1c5ab0b12210cf5b12822dbe239a754
68596b94d76a90f2b97c02594c2cb618c584dbf20acf6577217e1a300cb612e1
6aae28bcba8db9ca75753fd96de986a5e2f3020627f640715f19727c220e4638
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
79f7e85d33599f85fad5cc0460c005ca3c7d02a8ba55625c5ede40b052a47a3b
7ca0075907ebce76b8bd38620a0beda50d8dc0d24205e42bd75ae5bc5c3cc463
7f727647a68ac63bad9d5488a88b540389f23a5e4e620ec7a4ced9d0f9df702d
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
94e5ee31e880b74a094a789645dc8ecb9559a86271c1d2739ba29fdd0dfc1fe7
95e4afed859f7a24e70fb57401f87b8038409a3f3033f951bcdcca0b595d4167
9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b
9e3ff5b86971ef697048b5a1dd045cf88e989ea044d02814602abe05751255fd
afdf1f69d6a605db213b026b0220fb731389f1bf59469412424aa8ad799fe956
b1e3934b4ec4320ab1bfab235db1c5f781a0796bf15258a5e7ca7ee8e3fff12d
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c7c89476d491e38b87d4c34f89f3c629dccb127ec7dcbe6e2073fc82e0bbc89f
e359ff6302ee28cf85300ddf6b114ee25e5e7305f52e9fa9dd0b858bb82b4d24
ebe2ba28a26859c028288403f39e04d27e659713ee7269d0b66a1916de30ee16
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d