cms.moneyawaits.com Open in urlscan Pro
3.142.196.50  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response cms.moneyawaits.com/	81 KB 21 KB	619ms 352ms	Document text/html	3.142.196.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cms.moneyawaits.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.142.196.50 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-142-196-50.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 993757b97e0feab4fa2d931406d11f046250ff7a7e94900eff8f3e3f96782119 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Tue, 15 Aug 2023 08:44:53 GMT Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked
GET H/1.1	200 OK	2c840162cb7ee4a380c64f69bf7dd8ba-1691572753 cms.moneyawaits.com/combine/	17 KB 17 KB	151ms 151ms	Stylesheet text/css	3.142.196.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cms.moneyawaits.com/combine/2c840162cb7ee4a380c64f69bf7dd8ba-1691572753 Requested by Host: cms.moneyawaits.com URL: https://cms.moneyawaits.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.142.196.50 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-142-196-50.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash d313432467f5d8d2b6566308fc3efa7f3f861329b9cd0014f1194e39488735e3 Request headers accept-language de-DE,de;q=0.9 Referer https://cms.moneyawaits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Tue, 15 Aug 2023 08:44:53 GMT Last-Modified Wed, 09 Aug 2023 09:19:13 GMT Server nginx/1.18.0 (Ubuntu) ETag "2c840162cb7ee4a380c64f69bf7dd8ba" Transfer-Encoding chunked Content-Type text/css; charset=UTF-8 Cache-Control max-age=604800, public Connection keep-alive
GET H/1.1	404 Not Found	logos cms.moneyawaits.com/themes/MainTheme/assets/	564 B 564 B	348ms 116ms	Image text/html	3.142.196.50 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.moneyawaits.com/themes/MainTheme/assets/logos Requested by Host: cms.moneyawaits.com URL: https://cms.moneyawaits.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.142.196.50 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-142-196-50.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f Request headers accept-language de-DE,de;q=0.9 Referer https://cms.moneyawaits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Tue, 15 Aug 2023 08:44:53 GMT Content-Encoding gzip Server nginx/1.18.0 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	prebidGDPR.js Show response cms.moneyawaits.com/themes/MainTheme/assets/js/	10 KB 10 KB	164ms 115ms	Script application/javascript	3.142.196.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cms.moneyawaits.com/themes/MainTheme/assets/js/prebidGDPR.js Requested by Host: cms.moneyawaits.com URL: https://cms.moneyawaits.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.142.196.50 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-142-196-50.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 078328566ed88bc62924e46478bcb856d49929de5a28b90ce99f6f3cdc483421 Request headers accept-language de-DE,de;q=0.9 Referer https://cms.moneyawaits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Tue, 15 Aug 2023 08:44:54 GMT Last-Modified Tue, 30 May 2023 07:49:49 GMT Server nginx/1.18.0 (Ubuntu) ETag "6475aa9d-2644" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 9796
GET H2	200	css fonts.googleapis.com/	2 KB 968 B	125ms 44ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat Requested by Host: cms.moneyawaits.com URL: https://cms.moneyawaits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d243481a66bdffbe09bc2f74f8f1b57714dcd20963e8703c1372716d3fe689a5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cms.moneyawaits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 15 Aug 2023 08:44:53 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 15 Aug 2023 07:07:35 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 15 Aug 2023 08:44:53 GMT
GET H2	200	css2 fonts.googleapis.com/	18 KB 977 B	128ms 47ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@200;300;400;500;600;700&family=Nunito:wght@200;400;500&display=swap Requested by Host: cms.moneyawaits.com URL: https://cms.moneyawaits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ee1ee691889521486b27e40e854cc0095f738b508f39348ee19c63415fcac97d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cms.moneyawaits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 15 Aug 2023 08:44:53 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 15 Aug 2023 08:44:53 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 15 Aug 2023 08:44:53 GMT
GET H/1.1	200 OK	stylesheets cms.moneyawaits.com/_debugbar/assets/	237 KB 237 KB	284ms 133ms	Stylesheet text/css	3.142.196.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cms.moneyawaits.com/_debugbar/assets/stylesheets?v=1676989262&theme=auto Requested by Host: cms.moneyawaits.com URL: https://cms.moneyawaits.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.142.196.50 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-142-196-50.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 72a5fdb18ec698cc229d5f80ecb64410266836f790d28b4baf7c721d36785114 Request headers accept-language de-DE,de;q=0.9 Referer https://cms.moneyawaits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type text/css; charset=UTF-8 Date Tue, 15 Aug 2023 08:44:53 GMT Cache-Control max-age=31536000, public, s-maxage=31536000 Server nginx/1.18.0 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Expires Thu, 15 Aug 2024 08:44:53 GMT
GET H/1.1	200 OK	javascript Show response cms.moneyawaits.com/_debugbar/assets/	363 KB 363 KB	479ms 248ms	Script text/javascript	3.142.196.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cms.moneyawaits.com/_debugbar/assets/javascript?v=1676989262 Requested by Host: cms.moneyawaits.com URL: https://cms.moneyawaits.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.142.196.50 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-142-196-50.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 5ef77aa7bfc2e4fa5935a556fec0ef2b5a9e25e528987beae693ffc007e7dfba Request headers accept-language de-DE,de;q=0.9 Referer https://cms.moneyawaits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type text/javascript; charset=UTF-8 Date Tue, 15 Aug 2023 08:44:53 GMT Cache-Control max-age=31536000, public, s-maxage=31536000 Server nginx/1.18.0 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Expires Thu, 15 Aug 2024 08:44:53 GMT
GET H/1.1	200 OK	87c16cef640bd04a50eb9072e405d056-1691572753 cms.moneyawaits.com/combine/	32 KB 32 KB	150ms 150ms	Stylesheet text/css	3.142.196.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cms.moneyawaits.com/combine/87c16cef640bd04a50eb9072e405d056-1691572753 Requested by Host: cms.moneyawaits.com URL: https://cms.moneyawaits.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.142.196.50 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-142-196-50.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash d33f5f0bf1dff97f555b38ebf8d5473163cd4717733d2b8aab1769f468e69e4c Request headers accept-language de-DE,de;q=0.9 Referer https://cms.moneyawaits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Tue, 15 Aug 2023 08:44:53 GMT Last-Modified Wed, 09 Aug 2023 09:19:13 GMT Server nginx/1.18.0 (Ubuntu) ETag "87c16cef640bd04a50eb9072e405d056" Transfer-Encoding chunked Content-Type text/css; charset=UTF-8 Cache-Control max-age=604800, public Connection keep-alive
GET H/1.1	200 OK	jquery.js Show response cms.moneyawaits.com/themes/MainTheme/assets/js/	286 KB 286 KB	116ms 115ms	Script application/javascript	3.142.196.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cms.moneyawaits.com/themes/MainTheme/assets/js/jquery.js?cb=1 Requested by Host: cms.moneyawaits.com URL: https://cms.moneyawaits.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.142.196.50 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-142-196-50.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 6bd8c1051ca05f5061e65b7c1998d70f3c8e07e6d6bdef4488eeed44e52d8ff1 Request headers accept-language de-DE,de;q=0.9 Referer https://cms.moneyawaits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Tue, 15 Aug 2023 08:44:54 GMT Last-Modified Tue, 30 May 2023 07:49:49 GMT Server nginx/1.18.0 (Ubuntu) ETag "6475aa9d-4766a" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 292458
GET H/1.1	200 OK	jquery.transit.js Show response cms.moneyawaits.com/themes/MainTheme/assets/js/	23 KB 23 KB	116ms 116ms	Script application/javascript	3.142.196.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cms.moneyawaits.com/themes/MainTheme/assets/js/jquery.transit.js?cb=1 Requested by Host: cms.moneyawaits.com URL: https://cms.moneyawaits.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.142.196.50 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-142-196-50.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 11c7f06875c2f483c75d92d9da2828046705be3a7acc82796c6d5033e185ddbd Request headers accept-language de-DE,de;q=0.9 Referer https://cms.moneyawaits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Tue, 15 Aug 2023 08:44:54 GMT Last-Modified Tue, 30 May 2023 07:49:49 GMT Server nginx/1.18.0 (Ubuntu) ETag "6475aa9d-5cdb" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 23771
GET H/1.1	200 OK	jquery.lazyload.js Show response cms.moneyawaits.com/themes/MainTheme/assets/js/	6 KB 6 KB	116ms 115ms	Script application/javascript	3.142.196.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cms.moneyawaits.com/themes/MainTheme/assets/js/jquery.lazyload.js?cb=1 Requested by Host: cms.moneyawaits.com URL: https://cms.moneyawaits.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.142.196.50 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-142-196-50.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 7a3c22af2e5d788e23391468dbce5c36cc3f015a5029a43e5d097397ccd733c2 Request headers accept-language de-DE,de;q=0.9 Referer https://cms.moneyawaits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Tue, 15 Aug 2023 08:44:54 GMT Last-Modified Tue, 30 May 2023 07:49:49 GMT Server nginx/1.18.0 (Ubuntu) ETag "6475aa9d-1644" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 5700
GET H/1.1	200 OK	index.js Show response cms.moneyawaits.com/themes/MainTheme/assets/js/dist/	153 KB 154 KB	233ms 232ms	Script application/javascript	3.142.196.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cms.moneyawaits.com/themes/MainTheme/assets/js/dist/index.js?cb=1691755358 Requested by Host: cms.moneyawaits.com URL: https://cms.moneyawaits.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.142.196.50 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-142-196-50.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 74dad4b657c1db25152b3021068fd5886832fede2a9a9e82fd5b1ff9498bf020 Request headers accept-language de-DE,de;q=0.9 Referer https://cms.moneyawaits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Tue, 15 Aug 2023 08:44:54 GMT Last-Modified Fri, 11 Aug 2023 12:02:38 GMT Server nginx/1.18.0 (Ubuntu) ETag "64d6235e-2653b" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 156987
GET H2	204	choice.js Show response cmp.quantcast.com/choice/Y2GRu1MPx6bPV/cms.moneyawaits.com/	0 328 B	427ms 390ms	Script text/plain	2600:9000:211e:5a00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.quantcast.com/choice/Y2GRu1MPx6bPV/cms.moneyawaits.com/choice.js?tag_version=V2 Requested by Host: cms.moneyawaits.com URL: https://cms.moneyawaits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:5a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cms.moneyawaits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 08:44:53 GMT via 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront) server AmazonS3 x-amz-cf-pop FRA56-C2 vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding x-cache Error from cloudfront cache-control max-age=3600 cross-origin-resource-policy cross-origin x-amz-cf-id GIyJ5kysZ9vvKTjfnPMWMHvsKHZ98DKOAJCJ_50rxAfq94we0LZZYw==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	172 KB 47 KB	23ms 8ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: cms.moneyawaits.com URL: https://cms.moneyawaits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 07b896a6d0efd4c2b706477a0f2c2ada2dff59d654a3cd4bf2ed84333a90d7c7 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cms.moneyawaits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 15 Aug 2023 08:44:54 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 47245 x-xss-protection 0 pragma public x-fb-debug hELkXufh9wdVJuQmjxRxNajPjcvDxvgmX8J/4kbsH6o60xMEJtYHWdC7WrdhA+Ps8BkJZjz1f0euBP7Gm5QZGQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 fonts.gstatic.com/s/montserrat/v25/	12 KB 13 KB	122ms 38ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://cms.moneyawaits.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 06:25:13 GMT x-content-type-options nosniff age 267581 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12708 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:55:59 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 11 Aug 2024 06:25:13 GMT
GET H2	200	2625709867707634 Show response connect.facebook.net/signals/config/	317 KB 93 KB	9ms 8ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/2625709867707634?v=2.9.123&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 82706d57f0ae362fbdd106bd444e97b3953483cc969b36c71535907189f24001 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cms.moneyawaits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 15 Aug 2023 08:44:54 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 94774 x-xss-protection 0 pragma public x-fb-debug u6oJFCVeQPSclu5lGS8+WLTkbjJgZx284nAUvmUfu3Fo3x7KVC5qPAnsWOzTcT7BTLAuwXtFe4skI8FCEZx8SA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	31ms 7ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2625709867707634&ev=PageView&dl=https%3A%2F%2Fcms.moneyawaits.com%2F&rl=&if=false&ts=1692089094243&sw=1600&sh=1200&v=2.9.123&r=stable&ec=0&o=30&fbp=fb.1.1692089094242.861956030&it=1692089094206&coo=false&rqm=GET Requested by Host: cms.moneyawaits.com URL: https://cms.moneyawaits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://cms.moneyawaits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 15 Aug 2023 08:44:54 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET DATA	200 OK	truncated /	6 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ea641f4f3b0ebfb74e49c9b988de77864e34b78fae9f41f950d0f5263aafc6fc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	338 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 207e6108661380ec64884ef550a4ea1f0c113b4a4707aa6c95b5a801399f1b53 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	264 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6922f4f407353cca436ad3f2e09c13cb6cbf98dafba5b43750abf353888a2e2d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	96 KB 96 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2fd24a245a1e2c8b1cc9bced6e3921dd0f27480c8d497db54f146fd12da2152e Request headers Referer Origin https://cms.moneyawaits.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET DATA	200 OK	truncated /	375 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cbea519d466270c186b0cd12c7d070a02a4f33d47165aec769a191e33541ccc3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/png
GET H2	200	AGSKWxVEwwJZLza4UMz-wc5xiumrmy3HsgAofwni6h5NHrM2XNImvFwXBxvPOAyQzbmIyk44oL3dVt9cJnfCi-83fjs= Show response fundingchoicesmessages.google.com/f/	19 KB 9 KB	166ms 72ms	Script application/javascript	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxVEwwJZLza4UMz-wc5xiumrmy3HsgAofwni6h5NHrM2XNImvFwXBxvPOAyQzbmIyk44oL3dVt9cJnfCi-83fjs= Requested by Host: cms.moneyawaits.com URL: https://cms.moneyawaits.com/themes/MainTheme/assets/js/prebidGDPR.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 76571b7ef6babcff7c1652d74b8948336f8719c77a020e203573aee31eed8431 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-O-EPXvxjZ66sksqpoX_pYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cms.moneyawaits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 08:44:54 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-O-EPXvxjZ66sksqpoX_pYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/gif
GET H/1.1	404 Not Found	logos cms.moneyawaits.com/themes/MainTheme/assets/	564 B 564 B	116ms 116ms	Image text/html	3.142.196.50 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.moneyawaits.com/themes/MainTheme/assets/logos Requested by Host: cms.moneyawaits.com URL: https://cms.moneyawaits.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.142.196.50 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-142-196-50.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f Request headers accept-language de-DE,de;q=0.9 Referer https://cms.moneyawaits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Tue, 15 Aug 2023 08:44:54 GMT Content-Encoding gzip Server nginx/1.18.0 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H2	200	/ www.facebook.com/tr/	0 31 B	8ms 7ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2625709867707634&ev=Microdata&dl=https%3A%2F%2Fcms.moneyawaits.com%2F&rl=&if=false&ts=1692089094745&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20-%20MoneyAwaits%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Home%20-%20MoneyAwaits%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fcms.moneyawaits.com%22%2C%22og%3Asite_name%22%3A%22MoneyAwaits%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.123&r=stable&ec=1&o=30&fbp=fb.1.1692089094242.861956030&it=1692089094206&coo=false&es=automatic&tm=3&rqm=GET Requested by Host: cms.moneyawaits.com URL: https://cms.moneyawaits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://cms.moneyawaits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 15 Aug 2023 08:44:54 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| isMobile boolean| isDevice function| getUrlParam string| clIP function| __tcfapi function| __uspapi function| fbq function| _fbq object| hljs object| PhpDebugBar function| $ function| jQuery function| Sfdump object| a3_lazyload_params object| a3_lazyload_extend_params function| a2_0x5cf8 function| a2_0x8ca8 function| __lc function| sendFBEvent function| UpscribePopup object| __cs function| refreshPBBid function| __deferScriptRunner object| phpdebugbar function| SearchState function| __d3lUW8vwsKlB__ function| removeRefreshables function| __an6na521li18__ object| ZDk4MDIwYzJlYTEwY2U1NWxvYWRlcl9qcw== string| ZDk4MDIwYzJlYTEwY2U1NWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.moneyawaits.com/	1970-01-20 16:11:05	Name: _fbp Value: fb.1.1692089094242.861956030

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cms.moneyawaits.com/themes/MainTheme/assets/logos Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cms.moneyawaits.com/themes/MainTheme/assets/logos Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cmp.quantcast.com
cms.moneyawaits.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
www.facebook.com
2600:9000:211e:5a00:9:46dc:4700:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:82f::200a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.142.196.50
078328566ed88bc62924e46478bcb856d49929de5a28b90ce99f6f3cdc483421
07b896a6d0efd4c2b706477a0f2c2ada2dff59d654a3cd4bf2ed84333a90d7c7
11c7f06875c2f483c75d92d9da2828046705be3a7acc82796c6d5033e185ddbd
207e6108661380ec64884ef550a4ea1f0c113b4a4707aa6c95b5a801399f1b53
2fd24a245a1e2c8b1cc9bced6e3921dd0f27480c8d497db54f146fd12da2152e
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f
5ef77aa7bfc2e4fa5935a556fec0ef2b5a9e25e528987beae693ffc007e7dfba
6922f4f407353cca436ad3f2e09c13cb6cbf98dafba5b43750abf353888a2e2d
6bd8c1051ca05f5061e65b7c1998d70f3c8e07e6d6bdef4488eeed44e52d8ff1
72a5fdb18ec698cc229d5f80ecb64410266836f790d28b4baf7c721d36785114
74dad4b657c1db25152b3021068fd5886832fede2a9a9e82fd5b1ff9498bf020
76571b7ef6babcff7c1652d74b8948336f8719c77a020e203573aee31eed8431
7a3c22af2e5d788e23391468dbce5c36cc3f015a5029a43e5d097397ccd733c2
82706d57f0ae362fbdd106bd444e97b3953483cc969b36c71535907189f24001
993757b97e0feab4fa2d931406d11f046250ff7a7e94900eff8f3e3f96782119
cbea519d466270c186b0cd12c7d070a02a4f33d47165aec769a191e33541ccc3
d243481a66bdffbe09bc2f74f8f1b57714dcd20963e8703c1372716d3fe689a5
d313432467f5d8d2b6566308fc3efa7f3f861329b9cd0014f1194e39488735e3
d33f5f0bf1dff97f555b38ebf8d5473163cd4717733d2b8aab1769f468e69e4c
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea641f4f3b0ebfb74e49c9b988de77864e34b78fae9f41f950d0f5263aafc6fc
ee1ee691889521486b27e40e854cc0095f738b508f39348ee19c63415fcac97d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629