www.moneymentorstar.com Open in urlscan Pro
65.61.154.4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.moneymentorstar.com/
Submission: On November 04 via automatic, source certstream-suspicious (November 4th 2022, 10:32:30 pm UTC) — Scanned from DE

Summary HTTP 102 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 2 countries across 16 domains to perform 102 HTTP transactions. The main IP is 65.61.154.4, located in United States and belongs to RMH-14, US. The main domain is www.moneymentorstar.com.
TLS certificate: Issued by R3 on November 4th 2022. Valid for: 3 months.

This is the only time www.moneymentorstar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8 9	65.61.154.4 65.61.154.4	33070 (RMH-14) (RMH-14)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	2606:4700:303... 2606:4700:3037::6815:357b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
15	2606:4700:20:... 2606:4700:20::681a:6f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
102	21

9 65.61.154.4 (United States) 8 redirects

ASN33070 (RMH-14, US)
PTR: fw.criticalmix.com

www.moneymentorstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2606:4700:3037::6815:357b (United States)

ASN13335 (CLOUDFLARENET, US)

assets.creativecirclecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.creativecirclecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zeta.creativecirclecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:20::681a:6f8 (United States)

ASN13335 (CLOUDFLARENET, US)

feeds.newsusa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

26d1acb2a3509ec2fea4ee0455b827d6.safeframe.usercontent.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	creativecirclecdn.com assets.creativecirclecdn.com static.creativecirclecdn.com zeta.creativecirclecdn.com	3 MB
15	newsusa.com feeds.newsusa.com	13 MB
14	googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 167 pagead2.googlesyndication.com — Cisco Umbrella Rank: 131	167 KB
9	moneymentorstar.com 8 redirects www.moneymentorstar.com	21 KB
8	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264	176 KB
5	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 5601 maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1165	136 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97	20 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	95 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 134 www.google.com — Cisco Umbrella Rank: 17	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	117 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	89 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 447 fonts.googleapis.com — Cisco Umbrella Rank: 118	96 KB
1	usercontent.goog 26d1acb2a3509ec2fea4ee0455b827d6.safeframe.usercontent.goog	3 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5594	792 B
1	gstatic.com fonts.gstatic.com	44 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
102	16

	Domain	Requested by
32	zeta.creativecirclecdn.com	www.moneymentorstar.com
15	feeds.newsusa.com	www.moneymentorstar.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
9	www.moneymentorstar.com	8 redirects
8	securepubads.g.doubleclick.net	www.moneymentorstar.com securepubads.g.doubleclick.net www.googletagservices.com
6	assets.creativecirclecdn.com	www.moneymentorstar.com assets.creativecirclecdn.com
5	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	static.creativecirclecdn.com	www.moneymentorstar.com
3	netdna.bootstrapcdn.com	www.moneymentorstar.com netdna.bootstrapcdn.com
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	www.googletagmanager.com	www.moneymentorstar.com www.googletagmanager.com
2	connect.facebook.net	www.moneymentorstar.com connect.facebook.net
2	maxcdn.bootstrapcdn.com	www.moneymentorstar.com maxcdn.bootstrapcdn.com
1	www.google.com	tpc.googlesyndication.com
1	26d1acb2a3509ec2fea4ee0455b827d6.safeframe.usercontent.goog	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	assets.creativecirclecdn.com
1	www.facebook.com	www.moneymentorstar.com
1	ajax.googleapis.com	www.moneymentorstar.com
102	22

This site contains links to these domains. Also see Links.

Domain
creativecirclemedia.com

Subject Issuer	Validity	Valid
moneymentorstar.com R3	`2022-11-04` - `2023-02-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-14` - `2022-11-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.moneymentorstar.com/
Frame ID: CA182EAC05A5845932BD2C35AFFFD1C1
Requests: 83 HTTP requests in this frame

Frame: https://26d1acb2a3509ec2fea4ee0455b827d6.safeframe.usercontent.goog/safeframe/1-0-39/html/container.html
Frame ID: 5D21A3BF5C7B4149E8106D8BA935A301
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCm4TZur4-SkKif2PiphvbvaTBWetWkxdVB5hbnbU4ORV-3LL71XT9mLQa_bcFhHxlbIE-AMtNfJOtHBPWx32eTvf0pEU48HztKurz8ZG4-kJH_pS2NgAxP42MBh3PvksETowb4vD1f01qpgCNJqqFVrvpYfQXKP8hM-yD-PwMDorTG_rGk0fhAPLZOuBLKyybLO6GoUZY8dJkCP86R3Y9Y6N585ZJIi6N_W3OjurhSq8_kdMJk0MQlVoU9RHS1jxBBqCXs_WB_n6lkwHYV2sESsQiTrrLamsgh3Up_rIJ2P8yBsY204UTbUgihCXIIif-646HSCuxZNI&sai=AMfl-YQQGrRTFS2OrpYGdOwgBUdaB3sFgrRMF07K9DWl5rzvvkCeE1fgRoCcEsB2ibnUkLAJXh8LauCliZNE5xrUyWQ_mFakmlunxV-eEaGB1_B1u5nxfQzL8oOJVQn9gf_DdhEGqSdFaDgBwvLhd6jGTw&sig=Cg0ArKJSzGbuB5e_IRELEAE&uach_m=[UACH]&adurl=
Frame ID: FEAC223848D1DB8899B58943FE2C08B8
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiWIgAnM0sEG-PPU8y6eNVwRAMrRPj4Kb4d-SlAhI3j-Cet4y1CqKp_s4LBkOF5AsZx15WnJ1gWkwS2yQejwQM9bLpV4JS-LKtKGf0Ga9fsjVmqhU_rMnJ_rdrlbWxuDg7B2Yyz5GpZdDXsqeVP9w9qiLqXul7THFodFcJeGsPU7jzzr1yiz8iGhT3uGgftIPSHjZkpFaj_nEkt7fcFSKyJJCN1vBs6fZRwsHaMMDUBC9WGiag0qwbGI-tEUUOZlB-_Nly7DO_FPCuWGq38YupZOLWIsPwQz7zduGjLImxqaZSa-Mw9ir2ltUo0W650hSP4Otihu2SbsmvLA&sai=AMfl-YSnZiuTZc4B6nbp7izhkLOuaZcP6DFHJZiD7663jcw9oxMi8uW4bCu_mK04TVSfbV64TwigVHtFi-3p4ixZSeK2zCo7AxoI3TnYI20E-qDqbMJjERFqbXmq6OmHgc7vEYBi2RU0oHCSa4UPdMaa_g&sig=Cg0ArKJSzGqRCMSpN8l0EAE&uach_m=[UACH]&adurl=
Frame ID: 20EA8A155371CB07B85AC778F3A16DE9
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9F117B7E9A4831B5BFB452AF3675FDC3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AF9982C381FEA9EC3E110E429279AEF3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Money Mentor Star

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

102
Requests

92 %
HTTPS

95 %
IPv6

16
Domains

22
Subdomains

21
IPs

2
Countries

17909 kB
Transfer

19296 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://creativecirclemedia.com/
Title: Powered by Creative Circle Media Solutions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://www.moneymentorstar.com/css_system/cq_base_beta.css HTTP 302
https://assets.creativecirclecdn.com/css/cq_base_beta.css

Request Chain 4

https://www.moneymentorstar.com/css/style.css HTTP 302
https://static.creativecirclecdn.com/usadnmoney/css/style.css

Request Chain 5

https://www.moneymentorstar.com/css/blue.css HTTP 302
https://static.creativecirclecdn.com/usadnmoney/css/blue.css

Request Chain 9

https://www.moneymentorstar.com/css_system/branding/furniture.css HTTP 302
https://assets.creativecirclecdn.com/css/branding/furniture.css

Request Chain 10

https://www.moneymentorstar.com/images/nameplates/moneymentorstar.png HTTP 302
https://static.creativecirclecdn.com/usadnmoney/images/nameplates/moneymentorstar.png

Request Chain 11

https://www.moneymentorstar.com/js_system/misc/cqLazyImages.js HTTP 302
https://assets.creativecirclecdn.com/js/misc/cqLazyImages.js

Request Chain 12

https://www.moneymentorstar.com/js_system/pancakes.js?cb=1667601141 HTTP 302
https://assets.creativecirclecdn.com/js/pancakes.js?cb=1667601141

Request Chain 13

https://www.moneymentorstar.com/css_system/pancakes.css HTTP 302
https://assets.creativecirclecdn.com/css/pancakes.css

102 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.moneymentorstar.com/ 84 KB
19 KB 651ms
256ms Document
text/html 65.61.154.4
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneymentorstar.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 65.61.154.4 , United States, ASN33070 (RMH-14, US),
Reverse DNS: fw.criticalmix.com
Software: /
Resource Hash: d7bf3feae9b9f78ec4cabfd8ac67bacf68a357481d365adb37a3fa6f3f0db223

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Age: 0
Cache-Control: public, max-age=600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 18413
Content-Type: text/html; charset=UTF-8
Date: Fri, 04 Nov 2022 22:32:17 GMT
Expires: Fri, 04 Nov 2022 22:42:21 GMT
Pragma: no-cache
Vary: Accept-Encoding
Via: Communityq/3.0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
95 KB 60ms
9ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:22:04 GMT
x-content-type-options: nosniff
age: 4218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96381
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 21:22:04 GMT

GET
H2 200 bootstrap.min.css
netdna.bootstrapcdn.com/bootstrap/3.1.1/css/ 98 KB
18 KB 50ms
19ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 860
age: 21888104
cdn-cachedat: 02/18/2022 15:00:26
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 5b7a3b90e79b0b1d58997808191d80cc
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7650ce268aaf9954-FRA
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 49ms
17ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 723
age: 24826815
cdn-cachedat: 11/15/2021 21:49:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 8b677d48aa464c28c0815c97adbbe174
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7650ce268ffa9b3d-FRA
cdn-requestpullsuccess: True

GET
H2

200

cq_base_beta.css
assets.creativecirclecdn.com/css/
Redirect Chain

https://www.moneymentorstar.com/css_system/cq_base_beta.css
https://assets.creativecirclecdn.com/css/cq_base_beta.css

7 KB
2 KB

53ms
17ms

Stylesheet
text/css

2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.creativecirclecdn.com/css/cq_base_beta.css
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H2
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36371c90f60bd0f5d32e14ea32df74c0c7efdaf46726b4a4bc2bd39d83bea360

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:22 GMT
via: Communityq/3.0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2733
cf-polished: origSize=8982
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 17 Dec 2021 17:54:08 GMT
server: cloudflare
etag: W/"2316-5d35b39ce21d3-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nIyGvCXXlEmHV5EK%2FNE8VolPdg6wVYEiIQvlPoQz3E1vVZRyRovuaZh3Wbods1IXe%2BPsbvku5nYtELka%2FzdTyo9EtdDc97JPls%2By6tNfE%2B5UUr0a%2B8xU8aBMihSRezWnNpCbid0Zq7DdP2PwVhBE%2BuRHn3HXK5zDM%2Fi"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7650ce276ee0913a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
expires: Fri, 04 Nov 2022 22:40:21 GMT

Redirect headers

Date: Fri, 04 Nov 2022 22:32:22 GMT
Via: Communityq/3.0
Age: 0
Content-Type: text/html; charset=iso-8859-1
Location: https://assets.creativecirclecdn.com/css/cq_base_beta.css
Connection: keep-alive
Content-Length: 330
Expires: Sat, 05 Nov 2022 00:02:22 GMT

GET
H2

404

style.css
static.creativecirclecdn.com/usadnmoney/css/
Redirect Chain

https://www.moneymentorstar.com/css/style.css
https://static.creativecirclecdn.com/usadnmoney/css/style.css

0
0

308ms
295ms

Stylesheet
text/html

2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.creativecirclecdn.com/usadnmoney/css/style.css
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H2
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

Date: Fri, 04 Nov 2022 22:32:22 GMT
Via: Communityq/3.0
Age: 0
Content-Type: text/html; charset=iso-8859-1
Location: https://static.creativecirclecdn.com/usadnmoney/css/style.css
Connection: keep-alive
Content-Length: 334
Expires: Sat, 05 Nov 2022 00:02:22 GMT

GET
H2

200

blue.css
static.creativecirclecdn.com/usadnmoney/css/
Redirect Chain

https://www.moneymentorstar.com/css/blue.css
https://static.creativecirclecdn.com/usadnmoney/css/blue.css

364 B
495 B

281ms
280ms

Stylesheet
text/css

2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.creativecirclecdn.com/usadnmoney/css/blue.css
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H2
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a50456c7841de9ff5b81bcce9e514886435af3707ea92c10eeb9bceec5f33cdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:23 GMT
via: Communityq/3.0
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 27 Sep 2022 17:39:37 GMT
server: cloudflare
etag: W/"16c-5e9ac20cf856b-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPzlWcxfNyod7MhRYt0Yo2lsdZSehMto08M8SO4malR%2F4Lc313CEXNQBqQ6x0PGc2RXCIyq069I4IS5LwNDVHWqZ6jhKJSUEbEutIxyea0PzFidoV8YNbk7GXx6D30WyYPp44OKzK2k3kyRlO78KDLcooKBMrXUwejDc"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7650ce28c904913a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
expires: Fri, 04 Nov 2022 22:34:23 GMT

Redirect headers

Date: Fri, 04 Nov 2022 22:32:23 GMT
Via: Communityq/3.0
Age: 0
Content-Type: text/html; charset=iso-8859-1
Location: https://static.creativecirclecdn.com/usadnmoney/css/blue.css
Connection: keep-alive
Content-Length: 333
Expires: Sat, 05 Nov 2022 00:02:23 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 58ms
17ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39f747b9be76f0bfabea1d4db021ab5faa85174441339b96d9ae6d47a794a5b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27352
x-xss-protection: 0
server: sffe
etag: "1384 / 70 of 1000 / last-modified: 1667599556"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 04 Nov 2022 22:32:23 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 36ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

18df4e7d686b64fdac3070501aa687c300826b5893ac08ee7b28d81dee06abc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.moneymentorstar.com/
Origin: https://www.moneymentorstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Nov 2022 22:32:23 GMT
content-md5: omqOy3Yl+0UnO65aRTz7FQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: FHH/ls/VFNofV7YLcLDKWtQ02agxK6lGPJMWBJTXjWnowgADYKcLjvUzeh9VzOrZ8Rg7s/Kh3xkvuE7OJeuPLQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 379fb9a58ff1cbf6410bf37e60b0b130
cross-origin-opener-policy: same-origin-allow-popups
etag: "c387e6192b69686ed7e3a8890ef8bb67"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Fri, 04 Nov 2022 22:50:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
75 KB 55ms
22ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YX9ZNSCVQ5

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

36d7be8b1ef11f1e3e829d2af445860ea6af2d9aba38af1a9b7445c8e8c9bd30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75810
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Nov 2022 22:32:23 GMT

GET
H3

200

furniture.css
assets.creativecirclecdn.com/css/branding/
Redirect Chain

https://www.moneymentorstar.com/css_system/branding/furniture.css
https://assets.creativecirclecdn.com/css/branding/furniture.css

5 KB
2 KB

309ms
308ms

Stylesheet
text/css

2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.creativecirclecdn.com/css/branding/furniture.css
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e8a3904796e3ff13e1e5902d715a56f8aa334b0d213bf6134af76ce7cb4cf12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:23 GMT
via: Communityq/3.0
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=6282
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 02 Sep 2022 15:51:30 GMT
server: cloudflare
etag: W/"188a-5e7b3b42174d1-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EG0KosnL72Xpy%2FEQ8FQl8cPyhNgqb2rjB6%2BU0CIIj9qB1gZd5KPM%2F4bSlW3CGL6BSmv4hJWZyolyiusKPLkP84Z6j4z8shKRJ3kjMTXZhe9mgokAqlHtXeAjWdRZLUjNeYOwY7rqQ8RD90LcRHR4rrAseDgw3cAjqG15"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7650ce298b469048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
expires: Fri, 04 Nov 2022 22:40:18 GMT

Redirect headers

Date: Fri, 04 Nov 2022 22:32:23 GMT
Via: Communityq/3.0
Age: 0
Content-Type: text/html; charset=iso-8859-1
Location: https://assets.creativecirclecdn.com/css/branding/furniture.css
Connection: keep-alive
Content-Length: 247
Expires: Sat, 05 Nov 2022 00:02:23 GMT

GET
H3

200

moneymentorstar.png
static.creativecirclecdn.com/usadnmoney/images/nameplates/
Redirect Chain

https://www.moneymentorstar.com/images/nameplates/moneymentorstar.png
https://static.creativecirclecdn.com/usadnmoney/images/nameplates/moneymentorstar.png

8 KB
8 KB

298ms
297ms

Image
image/png

2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.creativecirclecdn.com/usadnmoney/images/nameplates/moneymentorstar.png
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5853930f879e360809868381e2e5ba7f5645c0c401669cef91edf4dfb18c3200

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:23 GMT
via: Communityq/3.0
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7787
last-modified: Fri, 07 Oct 2022 15:30:23 GMT
server: cloudflare
etag: "1e6b-5ea737d08786b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3F02Pd6KBvbE6p1%2FogQvlrYh8Cu45Qv6v5msRZO%2Fq5yQkrPR%2BdRlBuTyyiKiEhEtrJAGWbqLaxB7o5kYNXRcxg%2FJaF0a95YwlPsffcz4Sfi2HgYO4COChOCUFOBcLqKX%2B1oE%2FAvVjkTr1jAs8fFhRlou9tfqYHBS0Yl"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7650ce2bae819048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
expires: Fri, 04 Nov 2022 22:34:23 GMT

Redirect headers

Date: Fri, 04 Nov 2022 22:32:23 GMT
Via: Communityq/3.0
Age: 0
Content-Type: text/html; charset=iso-8859-1
Location: https://static.creativecirclecdn.com/usadnmoney/images/nameplates/moneymentorstar.png
Connection: keep-alive
Content-Length: 358
Expires: Sat, 05 Nov 2022 00:02:23 GMT

GET
H3

200

cqLazyImages.js Show response
assets.creativecirclecdn.com/js/misc/
Redirect Chain

https://www.moneymentorstar.com/js_system/misc/cqLazyImages.js
https://assets.creativecirclecdn.com/js/misc/cqLazyImages.js

552 B
935 B

286ms
285ms

Script
application/javascript

2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.creativecirclecdn.com/js/misc/cqLazyImages.js
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83664764ca0c851e83f5b01dd7a8e70cdadf714634f1aa8464508edc76a81484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:23 GMT
via: Communityq/3.0
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=672
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 17 Dec 2021 17:54:08 GMT
server: cloudflare
etag: W/"2a0-5d35b39cf8932-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7sA9XltzlQbgu1R%2FU9TKNwKRpIz9BXCwrHgxBNCa7iWpJnZxwkdbO7LIrkKyoBx80xFILp0mJkkaN85EGUB1vUII4JFhWg2hhr4irIdWsZqVF3lk%2FsIjoFhN5QVdsEP%2FbVvuquvkz%2FwhitF0fCP20Uod4fky7aYqIYG"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7650ce2bae7d9048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
expires: Fri, 04 Nov 2022 22:40:24 GMT

Redirect headers

Date: Fri, 04 Nov 2022 22:32:23 GMT
Via: Communityq/3.0
Age: 0
Content-Type: text/html; charset=iso-8859-1
Location: https://assets.creativecirclecdn.com/js/misc/cqLazyImages.js
Connection: keep-alive
Content-Length: 333
Expires: Sat, 05 Nov 2022 00:02:23 GMT

GET
H3

200

pancakes.js Show response
assets.creativecirclecdn.com/js/
Redirect Chain

https://www.moneymentorstar.com/js_system/pancakes.js?cb=1667601141
https://assets.creativecirclecdn.com/js/pancakes.js?cb=1667601141

4 KB
2 KB

305ms
303ms

Script
application/javascript

2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.creativecirclecdn.com/js/pancakes.js?cb=1667601141
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46333a45de3ed68fc707e17743380720c6aa77c1c08aa9bd2f2234a41b47e886

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:23 GMT
via: Communityq/3.0
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Dec 2021 17:54:08 GMT
server: cloudflare
etag: W/"fe5-5d35b39cf8932-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHAfE5A1vTn98imRLDzh0HEUd98wDBWcbrWLodx%2Ffi2wQ11vY2wyZT%2Fc62hbZLjvK4ICxmgpbLCnJrwwq1elEI3JS5YkaVYzGKwMc610AvztneR1GyqczMxA%2F74GlH6oS3a%2BuZK0UxHQ4ad%2FuubMqaoEWCGsDHzuyC05"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7650ce2bae7e9048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
expires: Sat, 05 Nov 2022 00:02:23 GMT

Redirect headers

Date: Fri, 04 Nov 2022 22:32:23 GMT
Via: Communityq/3.0
Age: 0
Content-Type: text/html; charset=iso-8859-1
Location: https://assets.creativecirclecdn.com/js/pancakes.js?cb=1667601141
Connection: keep-alive
Content-Length: 338
Expires: Sat, 05 Nov 2022 00:02:23 GMT

GET
H3

200

pancakes.css
assets.creativecirclecdn.com/css/
Redirect Chain

https://www.moneymentorstar.com/css_system/pancakes.css
https://assets.creativecirclecdn.com/css/pancakes.css

38 KB
6 KB

298ms
296ms

Stylesheet
text/css

2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.creativecirclecdn.com/css/pancakes.css
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24e0fb99c7996b2bc9baab348bf269c39e97142192a5a4f0d398925a55b3c00c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:23 GMT
via: Communityq/3.0
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=51095
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 07 Oct 2022 20:58:40 GMT
server: cloudflare
etag: W/"c797-5ea781313862b-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZcUQQq28JJhJ%2FfED91jpwSq6a%2F5cHL5XzenjMvEBAjFE3OQ29ym%2F0HahvbL15osMKcnvYRTc8aHe6OTifq3t2nT%2F%2BK%2FBbpkJmnuxqXWNnH1tEdN8FRmGPAUSIrz00kNME6MoDww%2FYuaFFGZz6%2FpGODLzmEDB5em8CYP"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7650ce2bae809048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
expires: Fri, 04 Nov 2022 22:40:22 GMT

Redirect headers

Date: Fri, 04 Nov 2022 22:32:23 GMT
Via: Communityq/3.0
Age: 0
Content-Type: text/html; charset=iso-8859-1
Location: https://assets.creativecirclecdn.com/css/pancakes.css
Connection: keep-alive
Content-Length: 237
Expires: Sat, 05 Nov 2022 00:02:23 GMT

GET
H2 200 AAAASFRebrandC.jpg
feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-09/ 2 MB
2 MB 673ms
582ms Image
image/jpeg 2606:4700:20::681a:6f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-09/AAAASFRebrandC.jpg?itok=1N69-mR7

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

deb5d2bcc954cd9ddf8ff9a29a3ca67517a1a09866407aef9c577225b441a753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1629794
last-modified: Wed, 21 Sep 2022 01:28:01 GMT
server: cloudflare
etag: "632a68a1-18de62"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byKXjaGhI%2FRYAtuj%2FUvpsUE8yOUjpP%2F%2BweBUPaVllB%2BYPjTJmzpg%2B%2FMxniY4%2BaKzTNJgCw2ejlqJpExjFzQiSlxW6%2B2%2FgGQWkh95Qq4KVvf1zC6qIBAwPMfRjvW9PivolvZBJBSvz7ZL%2F1DLD6BO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7650ce2b2fb39064-FRA

GET
H2 200 CFPOctober26C.jpg
feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-10/ 175 KB
176 KB 671ms
581ms Image
image/jpeg 2606:4700:20::681a:6f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-10/CFPOctober26C.jpg?itok=FzJyP0DU

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89d12134fa125273f09323ac2ab450f07e339b21da25e7fcf44506a8481dca56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 179475
last-modified: Thu, 27 Oct 2022 11:15:48 GMT
server: cloudflare
etag: "635a6864-2bd13"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biojTz65KQHuo71GqY8XE1dkrEdXPVjyQsWCSTXNa46sLidbTn8nl5safPqS4zfw21Xpox1sO2lKT8naoFXPIyihcZ2euwqdH%2BQBsJsBkM5GDXP7Hlh4Tww%2BghrjDydZ20%2Bh5pwzIJ1W%2Bor6RPxG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7650ce2b2fb69064-FRA

GET
H2 200 CFPOctober13C.jpg
feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-10/ 202 KB
203 KB 681ms
591ms Image
image/jpeg 2606:4700:20::681a:6f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-10/CFPOctober13C.jpg?itok=aRGWjghm

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6786619f1116d06fa918cb3d30c6f8041dec1bd595487660d9f4fea4bd580201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 207061
last-modified: Fri, 14 Oct 2022 17:20:52 GMT
server: cloudflare
etag: "63499a74-328d5"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PHTNj4Fqr2SRQJdDlU7GKwNTup6D7CcIEe2PthTgKk1XcempKWQHwe4ksVmp780V1xH0n8u4VdXNVg%2FzqK3yfpHTS5KJaxtOfr4NUkGfCiz8MdFC50Ra3uKw3aZjV6SJ2JWeydOoXnHb19vUwPE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7650ce2b2fb79064-FRA

GET
H2 200 CFPSeptember28C_2.jpg
feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/ 339 KB
340 KB 658ms
603ms Image
image/jpeg 2606:4700:20::681a:6f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/CFPSeptember28C_2.jpg?itok=s9SPih9_

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f23d40aceb51c61b6c325bdd6257d174502b0fbed88eec9a736353d99d5cb887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347050
last-modified: Thu, 29 Sep 2022 16:20:23 GMT
server: cloudflare
etag: "6335c5c7-54baa"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHfrOOfiaU6cCDX8w3rfHsnfT20VpQ%2Fkx07HhUEuzWd7ZCLRER7ZqIwuA%2FVF57717sLd57%2Bia5mnaLRWI%2BRKihcrE2GXiW%2FCX8iaQ8qR4vIyBUT%2BJL6auVcsIv0cpfXmTfRpDmIdkk8GVLyoAwpB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7650ce2b2fb99064-FRA

GET
H2 200 CMETradingChallengeC.jpg
feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-09/ 332 KB
333 KB 612ms
590ms Image
image/jpeg 2606:4700:20::681a:6f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-09/CMETradingChallengeC.jpg?itok=nmvFQVIp

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d009b4e60bcbe333c154cd0a34655d7d7e6d63f8bc3eacfc7cd8ef8d9fe560a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 339805
last-modified: Fri, 23 Sep 2022 20:13:55 GMT
server: cloudflare
etag: "632e1383-52f5d"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9VnLzQGHx9JouYFDY9kcl9pDTAPUwHoicDVTNIFY38drjZQfKLw%2Bz92d5IAXaGHamB%2FUrn7x%2FVV8e%2FochwU7S4clnkWG1HD71i8lnFdeNeeIRQpyTkmYjksjIjomjm1W6%2FijjpBmdBScj09WeFS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7650ce2b2fba9064-FRA

GET
H2 200 CFPSeptember15C.jpg
feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-09/ 42 KB
43 KB 625ms
604ms Image
image/jpeg 2606:4700:20::681a:6f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-09/CFPSeptember15C.jpg?itok=Q-d1cH0Q

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7b9f42c29219846c3fb9b318367db5def564f8a9d45b0818d3c0090197f181f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43317
last-modified: Thu, 15 Sep 2022 20:28:54 GMT
server: cloudflare
etag: "63238b06-a935"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjnJZutE8tOu%2BLtLANgkLGubvI9C3LhPnuszqfFJlm%2BmsLrdW%2BzD4UmMETf04dmfOlOPa0bg2FbMs9ehnhGhoomrT7pFro%2BWzAxMmQh7W3rV2d%2FbFiIKfKO1aJWJiZzDQMqK36Q3oKJhTxGd9fVx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7650ce2b2fbb9064-FRA

GET
H2 200 20221104-180228-news-twitter-other-tech-companies-with-layoffs.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 134 KB
134 KB 566ms
552ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-180228-news-twitter-other-tech-companies-with-layoffs.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 680fe16895935cd493444acac9b6c3c6af9751e73d4d17510c352afa672392aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 136773
last-modified: Fri, 04 Nov 2022 22:02:31 GMT
server: cloudflare
etag: "21645-5ecac3afc7fd2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syTOTBrpbyg5SZDtBwpsBHk4NVCPVq0UxJYiG1tvyu5b0TLNzd1pnDXs3HPpf6qj4KThkFKlTin8A%2FKu7Q326J%2Bc61GoO8OKW1Hz5MkaAtJ6tdWaCwJ2mo5j1u8pwISIF1wqI97ZslWVwgdhi1Pr4x3Q82AMeJmDzw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 441733633
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce2c8f40913a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H2 200 20221104-180236-best-identity-theft-protection-services-2022.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 102 KB
103 KB 579ms
565ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-180236-best-identity-theft-protection-services-2022.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e090cef3c96ea12a1bc9ccd6b8778caadddb4a54b8db08da51fe1a2988eee4d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 104806
last-modified: Fri, 04 Nov 2022 22:02:38 GMT
server: cloudflare
etag: "19966-5ecac3b5cb140"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFELk%2B%2BszNuTZ8x3sVBTmmYw0yq1by0s7Ayli0MuMlTvzL2zAtcFozjBJVBYOzc8A5sVKKQCPMOZqfCyBK0CQNshYTa1JL1ABE6YSX8oe2YS%2Bhz7hreFsu5v7ADPKrdD0k5OjMkm0uj0l4bXNRSb%2BAOH1Laf3rE2XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 453939621
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce2c8f42913a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H2 200 20221104-180240-news-ways-to-get-free-turkey-thanksgiving.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 122 KB
123 KB 564ms
563ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-180240-news-ways-to-get-free-turkey-thanksgiving.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de3f8430d27e20b999df34d9e484841afac72ea4582ea08f749a3a82da3862f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 125209
last-modified: Fri, 04 Nov 2022 22:02:42 GMT
server: cloudflare
etag: "1e919-5ecac3b99ba86"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAb%2BcOmp3GDLOSXaHPKWsBWETnZkLkv2qQmLSNv%2FVR%2FbtR3iybnOcxwH%2BLIz2TCcfuQ5IFoJg0Cz5x2aUYb4mhQINfoGGfBu8De8cdjkcDap92v8gEpMD1eMTbaOTWt2sQKj%2FOnTvriB3rBZBNgekJTItSA90rve2A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 447917023
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce2d88c7913a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H2 200 20221104-180243-news-mid-term-elections-stock-market.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 166 KB
167 KB 554ms
554ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-180243-news-mid-term-elections-stock-market.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98aab33b754a5b571199a135d5a2bf2e3130d4e49ecf1609647e8c953fa83b64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 170041
last-modified: Fri, 04 Nov 2022 22:02:44 GMT
server: cloudflare
etag: "29839-5ecac3bb86e09"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNikPeGqRv5ClMSfjBe3jxsBr0cuUSjeJ7229fQ48vYXIe53UPsN6yMWF1iOLvoRUEq%2BDVLjANl9jlbSXjSbNHtp%2BQjSaBgF8RJ%2BdrbtIZViSGYGeZo7J9qfmj7E2WNz9uCkAW1v6s2t7hkQYPvHw%2F07QmGnhitsQw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 450924175
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce2d88c9913a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H2 200 20221104-120222-shopping-review-best-jump-starter.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 99 KB
100 KB 583ms
583ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-120222-shopping-review-best-jump-starter.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9c11e9b4354eaa8152e04d2cd44bc2ae45bc265a4fb2696e90eaa9601347970

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 101746
last-modified: Fri, 04 Nov 2022 16:02:23 GMT
server: cloudflare
etag: "18d72-5eca733020d46"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T311dtvQMfE7sgFukUP55W2QA1RaDAUxI35uRMIOmmoVKPuRVfu1tyYcGhf9oCXdXJ8o1ncg0Dg%2BD9bnhlctYhh2q5CioY%2BKxPCihgoW%2FxEtgNaRkmlTJQzIRLjHooS95hrxxCHoHyPt1G3q1%2BDIkyeyEIPZIyi5KA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 451808094
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce2de96c913a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H2 200 20221104-180513-la-loche-file-photo-global-news-e1587603865822.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 72 KB
73 KB 543ms
541ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-180513-la-loche-file-photo-global-news-e1587603865822.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b29e99c39a61a0475e9db8d29f273141c56fed028feac57a76c5dd2168a0f596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74029
last-modified: Fri, 04 Nov 2022 22:05:14 GMT
server: cloudflare
etag: "1212d-5ecac44a95963"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FibnCUqXtQMHqJhv9QvI8gfSBgLpVkkJ1KeqhP8iZeQj7yp8h0WGT6%2FQmcWzvAtclmtr%2BGF3dFy6%2F91lXonEt%2Bwv4Qit%2BO1e35OSW2fR7iBqKfV3SwMwBcgOHaPapUl1aSszFdh4NB8p3c9hPDtwpMzOiHaO2neUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 451939218
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce2e29be913a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-180513-web_cupe_strikes_pic.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 113 KB
113 KB 579ms
576ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-180513-web_cupe_strikes_pic.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbc0395fd36aaa241f2e0e771c4a59fa932ffffd2820761f064074ac67d3ef1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115214
last-modified: Fri, 04 Nov 2022 22:05:13 GMT
server: cloudflare
etag: "1c20e-5ecac44a08f59"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNSuTi%2Buzsht2SIXDj2J0I7ub9KNtA2utb51J49e2eRbOJMK8HZVeluGQ2%2BUOQ%2F4SdeyYV96OAsMZ1WauETpRBsJkW%2FTPaoFFrB1oBKOy4C5HN5yqssn0sgGX13%2BXO4wDUQ%2BNyO5EmI0bHZbqxsm56z8NJFbpzaWZw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 450071332
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301d8c9048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-180459-6348797ef900fa001814d581..jpg
zeta.creativecirclecdn.com/usadnmoney/inline/ 103 KB
103 KB 554ms
551ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/inline/20221104-180459-6348797ef900fa001814d581..jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 514905d43cdadec02385cede2ce942bb6548a23fd009e5a592fc2fea3bf69138

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 105053
last-modified: Fri, 04 Nov 2022 22:04:59 GMT
server: cloudflare
etag: "19a5d-5ecac43cce2e8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TqqDD%2B3%2FgZQoSE3y7mc4UQnLcRYyCVTMpGlBgPNqU1n1lipOoiEf6w0e3BXHbbJ25x%2B3A5rHMsX4K%2BS8TBzYVlZJFF%2FK%2BX%2BmRfOzqpEDKQMDsCwe1mRmpVUjKmn25AcUgBvT5jPhIQo2g4X0uAs%2BqhyWc2YILhUhw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 448797424
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301d8e9048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-180500-612e9cc39ef1e50018f90ce9..jpg
zeta.creativecirclecdn.com/usadnmoney/inline/ 78 KB
78 KB 1010ms
1007ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/inline/20221104-180500-612e9cc39ef1e50018f90ce9..jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e1b355f350905a87f5b73b5a6938654ad8720e254ce31ac820f375e28cd5f6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:25 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79376
last-modified: Fri, 04 Nov 2022 22:05:00 GMT
server: cloudflare
etag: "13610-5ecac43e1267f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ujd2tGttKiMb%2F29zCD81E84XzpSRruUtki95F1UbWjcJBTdi%2FXcFXeG8HCSGJtkZj34wj0uQgp7KdzjZ8YeOWnNiwpEXtMszIdcb60SmtLLXc6vq84Azi5KMrDNvYs%2FxkaBtms%2F0z%2FvSTNUmMfysbudC39W0kGcYzA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 442294267
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301d909048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-180502-6143aa1d2db0850019a9e24e..jpg
zeta.creativecirclecdn.com/usadnmoney/inline/ 92 KB
93 KB 593ms
591ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/inline/20221104-180502-6143aa1d2db0850019a9e24e..jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d3df960a046a826679e6668d9dedc98b6e5b95d4cec9183f5904f3888b9c58d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94690
last-modified: Fri, 04 Nov 2022 22:05:02 GMT
server: cloudflare
etag: "171e2-5ecac43fcfb9f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LY%2FzsgVivAajZdFDP%2BluBCGmuWRa%2BI2%2FU0Zuq9wmAF%2B%2FR8jxqbQ1k5f%2BeMrsw281gCK%2B1xTO0MFBCkt5bXESCvgw6hF%2FQH63khmJwtMBy5QRxEmDGsH0C9%2Fl8UApXVHKYjD%2B5FZVCZcCRVMVTJfmDUmHnnzK0r6MwA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 454429770
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301d919048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-180503-6352dc42ffcac3001876c265..jpg
zeta.creativecirclecdn.com/usadnmoney/inline/ 83 KB
84 KB 583ms
580ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/inline/20221104-180503-6352dc42ffcac3001876c265..jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55f17bd73bb7b3ac0a2d67c3f89a10dfae1b66cd6ffe63f8f129218e4c8d0893

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85488
last-modified: Fri, 04 Nov 2022 22:05:03 GMT
server: cloudflare
etag: "14df0-5ecac440b826f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3znAtJPAeHYyW9pPw18mN2fZGU8jgWmmXtfooXe%2BsRK3lQuwDxKoEGBJmQMguR2tK3s7qvZKcD%2FVwqf4T6EZZY72VBOX7opXdXCc2srP49%2BWwm79CSp7QZBuqKIjoYQFn0b3%2Fvs8FIsLDiZNSWAzt7oPmnizyDTd0w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 454002981
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301d929048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H2 200 CPRDrugPlanC.jpg
feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-10/ 365 KB
366 KB 572ms
571ms Image
image/jpeg 2606:4700:20::681a:6f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-10/CPRDrugPlanC.jpg?itok=77bmThxz

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae2412d77ba338d6702b98f37fd6c98f39d3a5290f7d61dc14dd4c19f72f8f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 373719
last-modified: Tue, 11 Oct 2022 12:32:05 GMT
server: cloudflare
etag: "63456245-5b3d7"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUm7d%2BlgxVlsKKaxz1EHgO1rfNyly6U4ulo%2FiOXtA6ogk2ZT%2B81%2B3gEFiSaPKjuBug5Mnf70hHZ5QlYU1J%2FSkTRfSWI%2F13UcFrGpXb5mrkPJkeiKvTvOgGzZ7VSopULyhD8LPZ5w07jh1TYP3SPi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7650ce2e2b2a9064-FRA

GET
H3 200 20221104-180515-20211220141220-61c0d7dd9e74ec53e7bfd4d8jpeg-1.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 106 KB
107 KB 570ms
567ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-180515-20211220141220-61c0d7dd9e74ec53e7bfd4d8jpeg-1.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c85cb3d8ac9521f0a1abc85e6908146b5f78af13f647b720d850024076385f83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 108786
last-modified: Fri, 04 Nov 2022 22:05:15 GMT
server: cloudflare
etag: "1a8f2-5ecac44bf239c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWqx1uO98Re5GlkU2Vpzq5f96QS9sWYN9NY9A%2BmeBXtx3jNdWuSj8Za4rBPU%2FZLwPCCbejgeARQHg%2B150%2Bs2ahuXKdM93HB5M1sa7ykFcNZL8LWawNP0RayW4x%2F9jfCWqgMT1izVukZ4k7zEQd6igu%2F2IpoFYM9oGw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 433541871
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301d939048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-180336-joe-manchin-ceo-initiative.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 169 KB
170 KB 616ms
613ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-180336-joe-manchin-ceo-initiative.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63d682d99081f5901822c05893ead9a9345081cb16146d7e409b04035ff43a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 172907
last-modified: Fri, 04 Nov 2022 22:03:36 GMT
server: cloudflare
etag: "2a36b-5ecac3edac040"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCG%2B3VZ7OxBTwQ%2FtzSvXZfcSlzB0qkhdd1yf0W3YvxdRQScNPtI1ibpinTI3E85NX1x4MR3C9nUfjl6i38miCcxc%2FYxg2GHKyvM3V%2BAEq1Jyg54F9uduJCTfFh8c%2FTwcROTYJX6b8u5O9Ss63e7kVMqkc17PMoCtIw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 454496137
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301d949048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-180312-840_ahr0chm6ly9zmy5jb2ludgvszwdyyxbolmnvbs91cgxvywrzlziwmjitmtevyte3mmy5zmytnjrinc00n2fjltgynzutmzhiyjk5nmriotmylmpwzw.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 150 KB
151 KB 629ms
626ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-180312-840_ahr0chm6ly9zmy5jb2ludgvszwdyyxbolmnvbs91cgxvywrzlziwmjitmtevyte3mmy5zmytnjrinc00n2fjltgynzutmzhiyjk5nmriotmylmpwzw.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc75978c268ec98b02b721b8f24f8a2f901b1f61dcd7ab888f320ca24d8dbe4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 153553
last-modified: Fri, 04 Nov 2022 22:03:12 GMT
server: cloudflare
etag: "257d1-5ecac3d6e0f3e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YfgugHOjLsT5NcFP%2BtUsYh0fQjJ1aQjCJnt%2Bqentce%2BXnZ5H2dcOE45mUb4IYVKGLOXjQMzHq78mJS3solmWJJwP2CjdwPQFZscwpgnywU4%2FsjBHHkwA89V21t7auXmkgGFwA4%2Bs%2BcrlFDN29spptKafpzVMLL8h4w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 451288954
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301d969048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-180504-57f3b1a19bd978e7018b4628..jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 89 KB
90 KB 635ms
632ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-180504-57f3b1a19bd978e7018b4628..jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a507bd649799f1d199a08542f6db021101562fe8acc934c5251f2eb56e3efcaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 91038
last-modified: Fri, 04 Nov 2022 22:05:04 GMT
server: cloudflare
etag: "1639e-5ecac4418829e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynfhfAAcwhr2fG33Wm%2B5ro%2BaodLASkIMs3iciX7gEQKQduavd%2FUT1WhMpXJF64T0Yliw2dlQz3aebK93nZegx3w5RtwNLcygGXn3TtypoAO4NYP3MtePVEb12%2Bx2z1gU0af8PKZ9VqN3ldcQFy6%2FEh1Qh1h8qNmBMw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 454590498
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301d979048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-180516-richmond-rcmp.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 61 KB
61 KB 570ms
567ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-180516-richmond-rcmp.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1832fdece000d174c6c5aed0eafcb0fc216b75f01ba249436a13fd175c8e16ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62016
last-modified: Fri, 04 Nov 2022 22:05:16 GMT
server: cloudflare
etag: "f240-5ecac44c95508"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzFWjW2QlyPZlNX%2BPFvt%2Ba4zr%2BbKsSLMF5RvC1aLdnKLlrjc2sUb40tG41GGBPZBBzwMpH%2F0mAgaYjZ2uMOiOJNK1dxPP75iKjGcvVZpqqo14M2NHzQmV1s2F7I3%2Fe5SVE5gc5%2F5bfEzyurGOhXstA%2B8GLcG8GHJLA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 441861318
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301d989048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-180516-saskatchewan-blizzard-snow.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 17 KB
18 KB 417ms
414ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-180516-saskatchewan-blizzard-snow.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9125a6cbb670aab7baa97dacf2487bbcec183c32c212b6c916d2c4afa28c658b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17309
last-modified: Fri, 04 Nov 2022 22:05:17 GMT
server: cloudflare
etag: "439d-5ecac44d8c63a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWpqIEu%2Fxhq3DgXt12GxyQ%2FoIK23yPjL306mC%2BVNiFetWMHZZJYrTfZPscFMyHCkwztbIDUGvdCY4ajHu%2BoTUQ%2FuQc1CtInMvei7S7rtpbTlNmhxVnSKsiWYn2YDAEbacufP4SU4Hc1Mk42XL%2FgzluDZMYihAC6BWA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 451939223
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301d9a9048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-180519-chapel-shemogue.png.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 136 KB
137 KB 667ms
664ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-180519-chapel-shemogue.png.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32325c74b460d3fd4bc7187596a925ea0a4b72f14319b1ef4a803b45d9425bfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 139179
last-modified: Fri, 04 Nov 2022 22:05:19 GMT
server: cloudflare
etag: "21fab-5ecac44f8b23e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXihLZtUfYL0rve%2F74UiY%2FFeK30JJWjgWrbWpPP0EV6MufXElA1nXmKkz2YxQaq3NSiqhnPmARNT3e2QIVgDqnhHbL06P3c3ZmAIubTEH6PPWkLJvxz7e318avwH%2B8GDSxFG%2B%2BiW9KrWG%2BPVLqpu7DYRmYWkxK%2FyLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 452659960
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301d9c9048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-180518-marilyn-north-peigan-e1613350770409.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 71 KB
72 KB 668ms
665ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-180518-marilyn-north-peigan-e1613350770409.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83ecbc2f5466b348b7e2ace0bdfd54b07931144dcc1a3c5db68436c658f432a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72618
last-modified: Fri, 04 Nov 2022 22:05:18 GMT
server: cloudflare
etag: "11baa-5ecac44e96fed"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ToWcNp7IExUeZTvdxai0GivfzMBe5art20fLX6TozvcDHC2xx2EbFrhreobhdcLPkLpMTSUmReslv2YQcYinzMRNF7eu3C0fYB9vNMAgEOsdXO0qF0LvD8YYD5p8554gnoTT9mign1EVnkTuySwbV0ue4%2BEFZRPyjw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 454361913
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301d9d9048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-180521-peachland-snow-nov-4-2022.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 154 KB
155 KB 681ms
678ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-180521-peachland-snow-nov-4-2022.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc0dc5682c60eb80110fe318ddc26ea2236dcfe9865b1426c7dd46d684af4603

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 158063
last-modified: Fri, 04 Nov 2022 22:05:22 GMT
server: cloudflare
etag: "2696f-5ecac4528caf5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xANB9oFHngd0DMIUnb1RGV4%2F9QWRjGYp2vZ%2BuSod%2FJloxzYJ9xirvOF3OTaJglEbXZ6CGLmBq9iEd18LYFR7NuRVFVwmmGsJv4dkRMGKuTLXZeoCFlFw9GcUmqLhWVKMGTNjue8HBxkhSYNhIsaSWmzboU3xcTFyTw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 441733636
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301d9e9048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-180523-st-josephs.png.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 78 KB
78 KB 545ms
542ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-180523-st-josephs.png.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f44b6bb30be611a98e9b3235325cfd2ee82b5e93ee58ebd1d435fa1142a4686a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79598
last-modified: Fri, 04 Nov 2022 22:05:23 GMT
server: cloudflare
etag: "136ee-5ecac453ef2ee"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FlYI6IjwcdTZ5hPG7qrMRNcmTVGqLZWISuAD9%2FrycerKsglo3y3m82IMN%2ByQqtOh%2Fz%2FgSpbEQw0KIxD%2FGngNsoDZrOTFhiY9QW2xmcOp0%2B2e%2BAG3p3eTHs166xC48MmTUFD278FnTXiO5fI0mrTX11X9LXT6T8hpA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 453939628
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301da09048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-120549-frontenac-paramedics-2022-gg-awards-2.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 117 KB
117 KB 856ms
853ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-120549-frontenac-paramedics-2022-gg-awards-2.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17df15924dab6e844977b6a6b8eac39f2d0ff3f0fe88ace9bbad7599078700fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 119414
last-modified: Fri, 04 Nov 2022 16:05:49 GMT
server: cloudflare
etag: "1d276-5eca73f4ed983"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fn4%2F5wnfh2izyxyJ%2Btf%2FEs%2BEc4oBnibI%2B9gQHIFD5aBm32t21rB0xxiPUGUK%2F906rx%2FEOh6II524jQu23S5T3IrQCbq8vJpnYICBNBaUbgq5OrTHvwwCR0MOxQ2thrSCsZLPnXxg1DG8qcNpg%2Fpnhri7iN3jixgmnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 453216700
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301da19048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-120547-cp165188577-e1667576896304.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 51 KB
51 KB 882ms
878ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-120547-cp165188577-e1667576896304.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e6f0841e8b0c3e2c09d6dd7e465aa3d124f8a611fd049b4f4fac78cf0f3caf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52017
last-modified: Fri, 04 Nov 2022 16:05:47 GMT
server: cloudflare
etag: "cb31-5eca73f36dcc7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVEz8s8hO4Qu7Y2zXL4UumjKRRIwLmXNvqsfXKcaefpIL4igotH91Mf9QeccffXnrAaICZ%2BeFv3FsxQwl%2Ft2T3ZWDyU4ASxle%2Ba7o9%2FkkBzmF1EG871vvO9dgEYkXhBlVRit%2F%2BEt0JuwA1Bi%2B%2FePKaz8bgtZlavxJg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 447162363
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301da39048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-120550-2022110411118-63652bbe5fd9d3dff419664djpeg.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 99 KB
100 KB 901ms
898ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-120550-2022110411118-63652bbe5fd9d3dff419664djpeg.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54872b363f73cdc05451b37ef040024019eaec60d0e30ce642d42de4ef764e92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 101448
last-modified: Fri, 04 Nov 2022 16:05:50 GMT
server: cloudflare
etag: "18c48-5eca73f5a33d0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMF89UlF%2BD11XAWqCFWSTRJYHZjE98Qk1G%2FFmBiaKjXnapw0d%2FZieyS1Z9iR61yNbMUbZYK%2FOKnH4RZdkqpSf8MGF9h%2BsBNX4NhzNQVjMhk87%2BsmUYgH87cmnUylV5pfHLZlL77FupNczBUcyKp4W856%2BvIy0%2Fy1iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 451676330
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301da49048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-120551-cupe-strike.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 157 KB
157 KB 927ms
923ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-120551-cupe-strike.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4fae9371b5a430f3c6c262874e9fb3fa1fcd11892dd181b6cfa843c554ac195

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 160276
last-modified: Fri, 04 Nov 2022 16:05:51 GMT
server: cloudflare
etag: "27214-5eca73f754d6f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oALFMg5wQBliNqvd3AYIyArcTYnooLeYAP4xSBR4jmsXxrGErYNYV2UuL4ZhksZ6VcxWbF0wm0bQw1pT5z9hhqWsPHHNWCuZSAIOW%2BSza4YozxMzeewn8KZpcfYUskiRNck3oJGsNaxQ8IpJHmPdtjrUAl4r1QcnQg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 453972632
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301da59048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-120556-cp25060166.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 100 KB
101 KB 958ms
954ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-120556-cp25060166.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd94e9730d602d96da50849615563aea5e6ef83890050d766a67d367255a766

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 102535
last-modified: Fri, 04 Nov 2022 16:05:58 GMT
server: cloudflare
etag: "19087-5eca73fd2defa"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lg7KyEPJLuwuhq0iT8B%2F1h01qjzAGuuS7KG5Rmb2T2X7v4SqHHFt93fFOz78SL8tf5u73aMopy0Jq8Ii0yHoG2%2BmVxeoytyb4FhBSgF%2Bhzg3txVkfZFAiEjY6Cr%2FeZ0KPA3JFMGkOXdel02gNEdBbgrQnMxoAH66VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 451808097
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301da79048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-120558-global-news-morning-saskatoon-october-2022.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 78 KB
78 KB 972ms
969ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-120558-global-news-morning-saskatoon-october-2022.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bebcb819e631e6414f8f945660382a94189fd007d2da54326921cefc01f75ee0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79452
last-modified: Fri, 04 Nov 2022 16:05:58 GMT
server: cloudflare
etag: "1365c-5eca73fde5888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDQMxpFQKuObB%2BlM0%2FXiVadDLSA8q6FNnQfdHbx3PwVZrqIH5MtymYGDIxkvnBzPjs1YeEqQ49PkgenLUr%2BAuTP0y%2BU0AjNgnmHLUpaHtEIUEDydEGpP3DblK9Cb3RsMXVkyKM6WK6Uqbd5v1r01jUMdc6%2BN8IKAGg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 452694129
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301da89048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-120559-rcmp-car-3-e1562095276378.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 62 KB
63 KB 1025ms
1021ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-120559-rcmp-car-3-e1562095276378.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7a785b581f1bd5be3a440406d3f9f10da3834762aaa4ca2e083065a1fba4c72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:25 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63581
last-modified: Fri, 04 Nov 2022 16:05:59 GMT
server: cloudflare
etag: "f85d-5eca73fe78052"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICeVIOmtCtMw0e4PJDnATGramSJSTL7MrpKeX7vrKy6s0AJDpQAw2aHrJ9H2WLTlGjZGO%2FsM2WcXwQSqC08luhoJFhLXa7jBaazWiB%2BaI2ZckMmsFuroSGb5rzTTSOvF0bgU9Gb0tZL2Z6GDdR9RCEj7CBmMQQi4Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 449163814
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301da99048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-120559-20220623150612-62b4bb9a04e32c56ef24aa5cjpeg.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 64 KB
64 KB 1033ms
1030ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-120559-20220623150612-62b4bb9a04e32c56ef24aa5cjpeg.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75c93b1e44d501f23972e4a511b45535be4e0ec990c65b7b238a46d060468ca2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:25 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65343
last-modified: Fri, 04 Nov 2022 16:06:00 GMT
server: cloudflare
etag: "ff3f-5eca73ff1445d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDZEktYPUePsT6%2FJwDfBmBK4q9QnE9h0ocNFHHzEEgZTJvgsxVyCuJE96LVz6mODDso2INCOblbvYahA7gTij0Y59lVGuBQHlBGcGaR%2Fla31S1N0PukoEZABCG0BX7vmR4yAubxvs4Wiut%2BZ2h7bW7ViDy7y8xt9cA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 449351922
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301daa9048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-120601-haiti-sanctions-together.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 83 KB
84 KB 568ms
564ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-120601-haiti-sanctions-together.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3756b2fc63ffdb1e962adce8c9ed963d7c85935f406aabac487e1c83ec027c0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85383
last-modified: Fri, 04 Nov 2022 16:06:02 GMT
server: cloudflare
etag: "14d87-5eca740137284"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ed4QwEIjxa8MeLuztI3EO1MCQMLog6SHuuU%2F1yp2mfvwh%2BrMjp%2F6AhEBk%2B1XEw64wVdZQhta%2BsbOlAgMgMjrF8%2B4V9tBQLLF%2FsxO8j4bh%2FeEt3kZys9Dg3GKyl2pP2VdkDp81WUm2r0rFU4rn4Z9oHnAzhTNc%2FwM2g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 447917026
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301dab9048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-120603-gettyimages-1405137378.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 93 KB
93 KB 997ms
993ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-120603-gettyimages-1405137378.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd119ae5961d9942c32f38908145f808b4a779d04c268a9397ca1cd00b112046

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94783
last-modified: Fri, 04 Nov 2022 16:06:04 GMT
server: cloudflare
etag: "1723f-5eca740315ae7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPD1y4Sq4PgeRn4Z6SWK4pzhPMbAzRjsuIMbQt9zE2sJanDD01nOiAzaSmV8TWFMQIcSwfYKX%2FNGsWAedAtrG%2Frt41Afyx8DJYt8JS6VI4o49wljNuOcAfyYyglxbu6WQp7S3wcOpskBFqqBH2WRYOnSCwy4iD3kag%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 454263914
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301dad9048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H3 200 20221104-060357-nhl_triggerheaders_ottawa.png.jpg
zeta.creativecirclecdn.com/usadnmoney/medium/ 65 KB
66 KB 1054ms
1051ms Image
image/jpeg 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zeta.creativecirclecdn.com/usadnmoney/medium/20221104-060357-nhl_triggerheaders_ottawa.png.jpg
Requested by: Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eb9bbcf1695906c52514c7952cd612a2a012846a0bb2ee336924cd74e2ce229

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66930
last-modified: Fri, 04 Nov 2022 10:03:57 GMT
server: cloudflare
etag: "10572-5eca23129c3ee"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FzVoeMRO%2Bvxr7dIwWg0HPA4WRddCS3zY5FWvZzdcrUKwflrT4IPnTToT17qkpl6XiavF%2Foc8yWvvUezXVhXDXJ%2FRoqF58nTO9IR%2F12uDzjvJ2i1Miy1CPMwn0XVtY8ake4gVvAyfm0VPavFqY40E75pSMwLLhWZtw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 433831681
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7650ce301dae9048-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization

GET
H2 200 FLAsparaC.png
feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-11/ 4 MB
4 MB 599ms
598ms Image
image/png 2606:4700:20::681a:6f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-11/FLAsparaC.png?itok=7MwZ97oa

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be4fd885c7fc21cff398dbc7ba89b0dda8438a10f5a1164030fc0b26f704bbb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4336019
last-modified: Tue, 01 Nov 2022 21:41:55 GMT
server: cloudflare
etag: "636192a3-422993"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTN2GiQakryePTAr993RiHlwbx%2BtoxQDsdYGgIWwi%2BhBgAXv1udCcJyB6vAFUXCq9lsbarlXDBTNhZ3XHG1e6rQwFzODlyUKrnXVmpeoODSCWpnnRnqnPj5YyW4McFZhOIFA1WzTmAlC8dgU9%2F47"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7650ce2e2b2e9064-FRA

GET
H2 200 TFT75YearsC.jpg
feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-11/ 1 MB
1 MB 574ms
573ms Image
image/jpeg 2606:4700:20::681a:6f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-11/TFT75YearsC.jpg?itok=mKkjq1zB

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aff2d881a0fae2b89aa98ef96cc3ccb01b2cad587fbce9d02a7859275ebbb4b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1501338
last-modified: Tue, 01 Nov 2022 11:52:30 GMT
server: cloudflare
etag: "6361087e-16e89a"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SpTFZxmFnYirxwIPhLMGlB2eZ9RTOnHmEhVUc2bXQHMPFRlbCqC5ToGt46gJKfK52f%2Fv78LhgeZed2HPLkrxbF84bMGJmNoeZ%2FbsTbPihQO1KDIzYpRzDZI84INTqBWFwmww9aeY1nBBqcNG7aZ2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7650ce2e2b319064-FRA

GET
H2 200 HumanaAdvantageC.jpg
feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-11/ 3 MB
3 MB 571ms
570ms Image
image/jpeg 2606:4700:20::681a:6f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-11/HumanaAdvantageC.jpg?itok=_8mDUNSl

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17ddbac0e7f87c7ef6dc87160220bfbb539a2b9829cf43ca9e0a829d9bfc39c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3404086
last-modified: Tue, 01 Nov 2022 11:46:40 GMT
server: cloudflare
etag: "63610720-33f136"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K73nHytwJQGpcRNEtyS7BaqCduZTHlXMnjUNpHqo10U3ILVSXqHobQTCeK0umKBv8ZbMA%2B%2B0%2FgGKy2%2BhzNRLcNUs6rZkMMGyF9w4taDLrar%2FZtJ4X8VPsPt%2BHEn%2BH86MdPClkWbPbxC4XZT2Mroo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7650ce2e2b349064-FRA

GET
H2 200 SPCWindowFilmC.jpg
feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-10/ 154 KB
155 KB 569ms
568ms Image
image/jpeg 2606:4700:20::681a:6f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-10/SPCWindowFilmC.jpg?itok=8CGltHVH

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

075c91d7f87b12a781c754870fc9c3b7a82561e36ef1dcd09e3577d72abcd58e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 157821
last-modified: Mon, 31 Oct 2022 14:03:48 GMT
server: cloudflare
etag: "635fd5c4-2687d"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUOzFNTLCLnynzhPL1WCeQ%2FZKKij3zNvD9%2B3N0kQUvrg9w9eAD3UwyOaJnINTWpF01wwV2cLyqY8zNOMvmtvlw8d4Rmfjr04C%2FwIYVfOTckeYNZ8TJgTZuLSj3uDTnaRjWH%2BXq%2BHJDZ1XyOhYUJk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7650ce2e2b379064-FRA

GET
H2 200 MWWIsraelHarvestC.jpg
feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-10/ 466 KB
467 KB 590ms
589ms Image
image/jpeg 2606:4700:20::681a:6f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-10/MWWIsraelHarvestC.jpg?itok=yMxOcoNl

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5160dde2696bc642f9dc14d441105530ba3f288fcd755ca6462a95e270aa33a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 477515
last-modified: Thu, 27 Oct 2022 11:07:23 GMT
server: cloudflare
etag: "635a666b-7494b"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dscv%2Bn6K1QJtNwm7PYWVL9k4e2IAPZu6eFqac6FGg6MB%2BoYOVdOAnbGB4S%2BVGSiexUNQFQgOurHqJd6bVBSv2UuJb9wABTIiR%2FjPtnrh7kqTD7kjI5j3aBBOceJ4sjK7UU0S9C8PUIFHFsbfqBus"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7650ce2e2b389064-FRA

GET
H2 200 CDCChickenPoxC_0.jpg
feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-10/ 295 KB
295 KB 607ms
606ms Image
image/jpeg 2606:4700:20::681a:6f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-10/CDCChickenPoxC_0.jpg?itok=IaFehCl7

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65611fe7b8e55c117028dd2b5a62ab6d612b51b966995ef250ff08bc52c629a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 301653
last-modified: Fri, 28 Oct 2022 13:52:27 GMT
server: cloudflare
etag: "635bde9b-49a55"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfRd3SK9SfOMYRe2CZZtEdRJjv9IBL1jLFuqxvnGZyfV0ZU2SYFXIJWoTdWmIQLwodteZxBXjJ7TpwDPXMv%2FCmoXXxz6LbI%2Bgk3lRyCzKhncs0pjAvsTUtUGZxtg4zvgf%2BD02ojJHs%2BPGyAc1bRO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7650ce2e2b399064-FRA

GET
H2 200 CDCChickenPoxC.jpg
feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-10/ 295 KB
295 KB 606ms
605ms Image
image/jpeg 2606:4700:20::681a:6f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-10/CDCChickenPoxC.jpg?itok=76HxdrZk

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65611fe7b8e55c117028dd2b5a62ab6d612b51b966995ef250ff08bc52c629a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 301653
last-modified: Fri, 28 Oct 2022 13:49:19 GMT
server: cloudflare
etag: "635bdddf-49a55"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAzDbAIvJLnx2bcfbnadm0%2F%2FGVZbr7VtuJwQcWtrsUgqwsYlJRLfK1EeHIWopZvQlmKl2DPrzXWxnyuaPynVQnktwZW4T%2FEXZze61YKepjonaRwk%2BdjMVAs73lgyhpWAZUvd1qF7VLmU0N9P7hfd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7650ce2e2b3b9064-FRA

GET
H2 200 BTOctober27C1.png
feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-10/ 433 KB
434 KB 591ms
590ms Image
image/png 2606:4700:20::681a:6f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.newsusa.com/sites/default/files/styles/full_size_rss_feed/public/2022-10/BTOctober27C1.png?itok=ynrxGilh

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e74c37089368229808c1a78130ffbe278256672248c5984180b2fe9e246a08a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 443197
last-modified: Thu, 27 Oct 2022 11:25:50 GMT
server: cloudflare
etag: "635a6abe-6c33d"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3dtWxg%2BUVUZg0d5npt0LqwOuAIQofUoggKgriIgA7%2FZom1Frhnm%2FRtBJQw%2FGQ4efy%2B6ABa8J55L1zmboWNcXoI90P6bsnV7T%2ByMnTtfUb5kFZvpw60XWjtD7mGEiYDmrxZJdjR44p4yuDpZRR8F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7650ce2e2b3d9064-FRA

GET
H3 200 bootstrap.min.js Show response
netdna.bootstrapcdn.com/bootstrap/3.4.1/js/ 39 KB
12 KB 38ms
18ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 617, 617
age: 24497404
cdn-cachedat: 2021-06-08 14:33:24
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0bb966e82781d72882de2dcad9da5b40
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 7650ce2aaa54bb4d-FRA
cdn-requestpullsuccess: True

GET
H2 200 cq_base.css
assets.creativecirclecdn.com/css/ 21 KB
4 KB 17ms
16ms Stylesheet
text/css 2606:4700:3037::6815:357b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.creativecirclecdn.com/css/cq_base.css
Requested by: Host: assets.creativecirclecdn.com
URL: https://assets.creativecirclecdn.com/css/cq_base_beta.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:357b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b6f599b667e3cfe406305f12e5a6766fc5a75741f3ec3a504a230c4bc3fcac9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets.creativecirclecdn.com/css/cq_base_beta.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:22 GMT
via: Communityq/3.0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2732
cf-polished: origSize=28112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 27 May 2022 16:56:45 GMT
server: cloudflare
etag: W/"6dd0-5e001310abb15-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1E8WqfyyZr16QOlp0%2BXbGl4eEfZFbnYYtx8LqM7%2BkZq%2BaHGTh%2BB1Ix08%2FVeT%2Bl%2F4UtZZ0GYaWHWBCsgrcnz4zpXFhBdifTcNh%2Fef7%2FSHqZHXyy6WJz%2BhP0X7PYgRfYymPaeSVzU0jCX9Q0ydKN0HKysnqzVMPE%2FxEWBT"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7650ce278f11913a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
expires: Fri, 04 Nov 2022 22:39:50 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 305 KB
86 KB 24ms
11ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=0e5342958a838e8274fbd8f34f715668

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bd2869416a0492b383c3391a0745074328ea29e8e0cf465c8c5afcb89783727

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.moneymentorstar.com/
Origin: https://www.moneymentorstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Nov 2022 22:32:23 GMT
content-md5: MvpI9oHqfkINuxrWdCgBIg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88354
x-fb-rlafr: 0
x-fb-debug: mxgERXI2bhO4COUa71h47lhT4Qskuoy5PS7QpPdFAE999l1hDhMjMjX69CyWeIPKHUOjOeugg9VQbmbobe1eaA==
x-fb-content-md5: 298d05239718aa56287012e93e087591
cross-origin-opener-policy: same-origin-allow-popups
etag: "3dad9bc3da327cdb6adcd690e2fc8803"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 04 Nov 2023 20:55:05 GMT

GET
H3 200 pubads_impl_2022110101.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
128 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce331bf5c6c5e330f399d37e697146dd66cbc23038c122adba0b3cd3b1fe2781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2527
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130882
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 08:35:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Nov 2023 21:50:16 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 45 B
64 B 31ms
16ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.moneymentorstar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1023b29b8987b05ba479104d23a395fb1a925c59f9e200ebc7446746a9fa2c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40
x-xss-protection: 0
expires: Fri, 04 Nov 2022 22:32:23 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
168 B 47ms
21ms Ping
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-YX9ZNSCVQ5&gtm=2oeb20&_p=1454271064&cid=1239641628.1667601144&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667601143&sct=1&seg=0&dl=https%3A%2F%2Fwww.moneymentorstar.com%2F&dt=Home%20-%20Money%20Mentor%20Star&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YX9ZNSCVQ5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 22:32:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.moneymentorstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 39ms
23ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-168829801-31&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YX9ZNSCVQ5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d81ab4d1f1476158ab21b3ec945ef1c7c447127f67088e42589f87882867eed4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43567
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 21:09:22 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Nov 2022 22:32:23 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 27ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1782340335416902&ev=fb_page_view&dl=https%3A%2F%2Fwww.moneymentorstar.com%2F&rl=&if=false&ts=1667601143621&sw=1600&sh=1200&at=

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 04 Nov 2022 22:32:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 css2
fonts.googleapis.com/ 17 KB
1 KB 43ms
19ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Requested by

Host: assets.creativecirclecdn.com
URL: https://assets.creativecirclecdn.com/css/branding/furniture.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3c92f794c2a5cc38bd8cfb0ab055930574bec667902df7aa209fd39df6138f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets.creativecirclecdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 22:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 22:27:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 22:32:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-168829801-31&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Nov 2022 21:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4055
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 04 Nov 2022 23:24:49 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 37ms
25ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.moneymentorstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 752
cdn-cachedat: 08/17/2022 18:20:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: fecc3fc5ae1c51d6c6285ddeadb88005
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7650ce2c2fec91f3-FRA
cdn-requestpullsuccess: True

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 52ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.moneymentorstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 358909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 18:50:34 GMT

GET
H3 200 glyphicons-halflings-regular.woff
netdna.bootstrapcdn.com/bootstrap/3.1.1/fonts/ 23 KB
23 KB 30ms
30ms Font
font/woff 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/bootstrap/3.1.1/fonts/glyphicons-halflings-regular.woff

Requested by

Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css
Origin: https://www.moneymentorstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 601
cdn-cachedat: 08/20/2022 03:21:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23320
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "68ed1dac06bf0409c18ae7bc62889170"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 211678a57b1d6da1d76dda8e908ca6a5
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7650ce2db99f91f3-FRA
cdn-requestpullsuccess: True

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 131ms
22ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.moneymentorstar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 53ms
30ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.moneymentorstar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 142 KB
20 KB 134ms
133ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2379018095267291&correlator=24005335891930&eid=31070684%2C31070112%2C44775318&output=ldjh&gdfp_req=1&vrg=2022110101&ptt=17&impl=fifs&iu_parts=22830991390%2CLB_728x90%2CMPU_300x250%2CSKYSCRAPER_120x600%2C160x600&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F3%2F%2F4%2C%2F0%2F3%2F%2F4%2C%2F0%2F3%2F%2F4%2C%2F0%2F3%2F%2F4%2C%2F0%2F3%2F%2F4%2C%2F0%2F3%2F%2F4&prev_iu_szs=970x90%7C728x90%2C970x90%7C728x90%2C970x90%7C728x90%2C970x90%7C728x90%2C970x90%7C728x90%2C970x90%7C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C120x600%7C160x600%2C120x600%7C160x600%2C120x600%7C160x600%2C120x600%7C160x600%2C120x600%7C160x600%2C120x600%7C160x600&ifi=1&adks=1799846398%2C1799846399%2C1799846396%2C1799846397%2C1799846394%2C1799846395%2C806761648%2C806761649%2C806761650%2C806761651%2C806761612%2C806761613%2C3741879913%2C3741879912%2C3741879915%2C3741879914%2C3741879909%2C3741879908&sfv=1-0-39&sc=1&cookie_enabled=1&abxe=1&dt=1667601143988&lmt=1667601143&dlt=1667601142775&idt=876&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C1030%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C225%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C0%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.moneymentorstar.com%2F&frm=20&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2%2C2%2C2%2C0%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1239641628.1667601144&ga_sid=1667601144&ga_hid=1454271064&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c641796add9eb203db3073f1133f8b376e16f7a274363e2df7d7c05018e607f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20864
x-xss-protection: 0
google-lineitem-id: 6132917649,-2,-2,-2,-2,-2,6132914817,-2,-2,-2,-2,-2,6134295547,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138408083427,-2,-2,-2,-2,-2,138408073815,-2,-2,-2,-2,-2,138407978309,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.moneymentorstar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
26d1acb2a3509ec2fea4ee0455b827d6.safeframe.usercontent.goog/safeframe/1-0-39/html/ Frame 5D21 6 KB
3 KB 69ms
24ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://26d1acb2a3509ec2fea4ee0455b827d6.safeframe.usercontent.goog/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneymentorstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 22:32:24 GMT
expires: Sat, 04 Nov 2023 22:32:24 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FEAC 0
0 61ms
61ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCm4TZur4-SkKif2PiphvbvaTBWetWkxdVB5hbnbU4ORV-3LL71XT9mLQa_bcFhHxlbIE-AMtNfJOtHBPWx32eTvf0pEU48HztKurz8ZG4-kJH_pS2NgAxP42MBh3PvksETowb4vD1f01qpgCNJqqFVrvpYfQXKP8hM-yD-PwMDorTG_rGk0fhAPLZOuBLKyybLO6GoUZY8dJkCP86R3Y9Y6N585ZJIi6N_W3OjurhSq8_kdMJk0MQlVoU9RHS1jxBBqCXs_WB_n6lkwHYV2sESsQiTrrLamsgh3Up_rIJ2P8yBsY204UTbUgihCXIIif-646HSCuxZNI&sai=AMfl-YQQGrRTFS2OrpYGdOwgBUdaB3sFgrRMF07K9DWl5rzvvkCeE1fgRoCcEsB2ibnUkLAJXh8LauCliZNE5xrUyWQ_mFakmlunxV-eEaGB1_B1u5nxfQzL8oOJVQn9gf_DdhEGqSdFaDgBwvLhd6jGTw&sig=Cg0ArKJSzGbuB5e_IRELEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Nov 2022 22:32:24 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame FEAC 23 KB
9 KB 53ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 10:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
server: cafe
etag: 12585499704757265805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 10:37:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame FEAC 3 KB
1 KB 58ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 16:34:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 16:34:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FEAC 154 KB
48 KB 72ms
28ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48204
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667489865617883"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 22:32:24 GMT

GET
H2 200 16593666465475520178
tpc.googlesyndication.com/simgad/ Frame FEAC 47 KB
47 KB 63ms
26ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16593666465475520178

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3be36ae39cad0330ed845759f9b9abc7fe817b63d7a6e00b990a7584c8212a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:08:20 GMT
x-content-type-options: nosniff
age: 8644
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48457
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 17:34:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 Nov 2023 20:08:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 20EA 0
0 51ms
51ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiWIgAnM0sEG-PPU8y6eNVwRAMrRPj4Kb4d-SlAhI3j-Cet4y1CqKp_s4LBkOF5AsZx15WnJ1gWkwS2yQejwQM9bLpV4JS-LKtKGf0Ga9fsjVmqhU_rMnJ_rdrlbWxuDg7B2Yyz5GpZdDXsqeVP9w9qiLqXul7THFodFcJeGsPU7jzzr1yiz8iGhT3uGgftIPSHjZkpFaj_nEkt7fcFSKyJJCN1vBs6fZRwsHaMMDUBC9WGiag0qwbGI-tEUUOZlB-_Nly7DO_FPCuWGq38YupZOLWIsPwQz7zduGjLImxqaZSa-Mw9ir2ltUo0W650hSP4Otihu2SbsmvLA&sai=AMfl-YSnZiuTZc4B6nbp7izhkLOuaZcP6DFHJZiD7663jcw9oxMi8uW4bCu_mK04TVSfbV64TwigVHtFi-3p4ixZSeK2zCo7AxoI3TnYI20E-qDqbMJjERFqbXmq6OmHgc7vEYBi2RU0oHCSa4UPdMaa_g&sig=Cg0ArKJSzGqRCMSpN8l0EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.moneymentorstar.com
URL: https://www.moneymentorstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Nov 2022 22:32:24 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 20EA 23 KB
9 KB 42ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 10:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
server: cafe
etag: 12585499704757265805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 10:37:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 20EA 3 KB
1 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 16:34:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 16:34:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 20EA 154 KB
47 KB 71ms
38ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48204
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667489865617883"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 22:32:24 GMT

GET
H2 200 5062236023802803051
tpc.googlesyndication.com/simgad/ Frame 20EA 61 KB
61 KB 44ms
23ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5062236023802803051

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de2d31cd7fedf6ab0e142282f19e2450f8113bfe4daf7ac87b09b8ccaadb1049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:08:20 GMT
x-content-type-options: nosniff
age: 8644
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61957
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 17:31:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 Nov 2023 20:08:20 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 36ms
15ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1454271064&t=pageview&_s=1&dl=https%3A%2F%2Fwww.moneymentorstar.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Money%20Mentor%20Star&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1866118521&gjid=923934192&cid=1239641628.1667601144&tid=UA-168829801-31&_gid=721100931.1667601144&_r=1&gtm=2oub20&z=1306840781

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.moneymentorstar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 22:32:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.moneymentorstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 20EA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 384f1f953e9036e640d45acaf35053fd48a8e8da3a76505a7910200ca0a6460b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 20EA 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSWQpHcIPeMqdoqZU0W1USvEsJGzQJkp0GHzLxNwMni_RHpnz5yaMzfiLwLENU8L6OFJnKNmKaKtsI8csJq0ipLjxGKFWbaMOP-DFaE98pEhxjcias5vRJjgPQQ45vmwJnIGWdzJ37sLwfC9t7UgsZCi_nlqM91dqJMCgevtemMLkqCyh3WdCMWHiOkCK5g4orf5mKdvf7TPmYfjMRCTo4QBIwq-cCYM1IwALuijwb1IlKu2euVU6_6A1cy95tyZou0bwpgmraugEcKQdPZq1ZrtJDliRGGIWbxX60TUqUUg0pAQcMuctHobuvwbB9kyPKA3ndkE_7ala0_jSY&sai=AMfl-YSrDg9fkZihbwhXn8f1rQGml-bHOrrkS9TcjnvB-RuXBVxnIaRd_EnLDX6MdnBIx0nMaU9tCkMR3Ckyb8dM2qlZBC3uk987HE-nWGXBc0FyUUp403Hr0nW3gdkpaQQ4Gb5AnZuyET7XERrU4sVoRw&sig=Cg0ArKJSzNjVLXuVAcAGEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Nov 2022 22:32:24 GMT

GET
DATA 200
OK truncated
/ Frame FEAC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f514821cbfd6eab30b1cec67221669aacad8f1f0c7cf9322b2a7bc31687d5a77

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FEAC 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFTiBWsaXYdA9pUFAWQW7Idv2YMfvd6IE5fLGPib9BTGk4pkT25xKTCq5B43ee1jL70qom_zrAbEXllfEbTT9t-EMkU72xuyo0qG05ADmZqCo7UVU0ZW7wgfsZKVXcpHtfmZqPjZX_Qk1PdGLolT-VO1uGwE2Sy9OQ0OVBjOeFqXek_p6z0DhrpQeGawrMgu-jWPv6IEpn4uqO5oRo8Xzfb74Ei_nn3iUCm0MuUnx5TbNeh9BoG1MC7EZmBspuy2nv3ELsK4l4buMEi3QAGtvsWZQ3ASwbZjXq9wrxMR0sNSrjyX8PBdYe_QoKLLT4Wjni_pxnpU03DhjltA&sai=AMfl-YQ8N99bIkY2UnEYro7T9aSzZVWfCnjVe4GmwJzhNkLUd9cdzhrCvG33exxcJlrklo5mB5jPJ3xL8Pi1d5ZPjekksdN8RFURiYsIrsP0MJzinWs-x2hftVn1CMmQc2YC1P-opHQ7UFEujHp8ix512g&sig=Cg0ArKJSzCR2Va6LDmjxEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Nov 2022 22:32:24 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 20EA 42 B
497 B 77ms
43ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGMi7JzrIGDVFKSKkQpIrm2RJsc9wd69qWBNCmfN8cu6nsup9-6Vou4O1i_TNdnw0ejufhu3H9Ke2q2u10MH0dEekGnK2KvJanTegnMCgkwWOueaDF&sig=Cg0ArKJSzC8u4q8yK1oFEAE&id=lidar2&mcvt=1043&p=225,1030,475,1330&mtos=1043,1043,1043,1043,1043&tos=1043,0,0,0,0&v=20221103&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=806761648&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667601144210&rpt=221&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 22:32:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 38ms
22ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cbeb2097c1750d584d29c851cfceb8d106f7e648293986825dda9b356263a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11148
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
16ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 22:32:27 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9F11 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneymentorstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 22:23:44 GMT
expires: Sat, 04 Nov 2023 22:23:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AF99 783 B
1 KB 43ms
18ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e6253248325f81fc81209d181b5c6b07830c962f1d9b701e70d952e6c898d824

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-K-5EeOG5YbGbnL1PKs00Hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.moneymentorstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-K-5EeOG5YbGbnL1PKs00Hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 22:32:27 GMT
expires: Fri, 04 Nov 2022 22:32:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response
pagead2.googlesyndication.com/bg/ Frame 9F11 36 KB
15 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 17:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 17:55:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AF99 0
0 43ms
41ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110101&jk=2379018095267291&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9F11 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MZpbOQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:32:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110101&jk=2379018095267291&bg=!p6SlpODNAAZPh4lnb4c7ACkAdvg8Wka8tYgUopseWErwblQtn58H8L36PZcYIehivj7dqWMFdresgQIAAABzUgAAAAJoAQcKAMQkEe8VZLq3DjKBPx7Dmi-E9hIFQ65Z0CdxFqt4v2GyELzeOA4xdc0heof7LIKqt98t9PEKEDRXZJokikT5p8AUVDT1QXHWS4pduu21R6HDaQcPfuwvvsYew2QfasMvGviplVAEt4zs3IC75h2mQjpc5ioNK5dM2jSY-Ni8k6zmTQIUeyhPSmbTbIiXWWIJsri6J11Gymh-ukAXwr9Z8xPT9G9QCJ3jo5qbapAFR6mz_ZReGN8VsFhjlxpNV7Vm5XeCKd6zmQKoaFk-bpFoSuU6dpLzoLNMMVkM9B0hXBjda1hO4EFxllSMqRnL85vZFU8TOGijn8-nCrvXkoG1f23M-vN8Upe-JzgsuA2lShw6vLHIZ-nhtAa9uMs0oJtnzxzi0xv0ugT1tRRIDvBrozTus_Vol8845_5SW9tsqPwH1gd5M_Kn0W8PwgOxeUzkHZLZ5vpeCglVpM3f3XFiDZg_hUigZW1pmHsPklXKH1oBUpYERrsrQIV0LZQZxVvMyZuLATrWboA_-OriXJyFbyqVoFWoBPgBAlhodtjC7HrnitXN79eIAq3iVAf4io33cCwiz8DwJNDzEcOCpTldnXAzmDxNfHcPZw-VOIjVV_smYlf4TZpXgyPEqh69-yaUKl3IZftaq7Sdr2lsHE3UbYdH_cwQWobm5pbGFlUjy65DK1bznZ3coUFGLTWAHcJRYvnzpofTq-uFFgXR8UAA5nHbPOuoIEr1SECM2AjrI-dqe4vhc43Gq-JaqTjB2ymVn06CtLv73KmSI3kob9CUQXy0wTrFzGJ0oUvEqbkFh4ZbMGB30a-HhZm4PSHnu2P1yJbvSAJaoJy1thvx4LzmqvMcNuQ3FIctz3pFDYoPOy0aXuV3PPis1qzyye5BokJI5NQCcyPYJ_YZZC_D-OfDEv9rWs2EHlU-YBfYbIa6lDFJ0HZ8P4sGxI2-XYShz3Cha8s4T_NH3QDC_D5_n7kQwAgDsy_lL9btQzO8p2UcJuduzPonh578PF36BWmGS5O1RHSOi24NX4nnUS2MFpiu3wcVOIXFQ_FFCqE5v-G9mosQBfbVJtraYoxkG6A4_Qgn1NdUJoM-T0iOarSfVr4kJJIf_j73nJ_ek52VlYXc0xgXndzbEQMlX6wbf2D98DcuOvAGl6s3m-y0-Rh28XrpSa8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 18ms
17ms Ping
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-YX9ZNSCVQ5&gtm=2oeb20&_p=1454271064&cid=1239641628.1667601144&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1667601143&sct=1&seg=0&dl=https%3A%2F%2Fwww.moneymentorstar.com%2F&dt=Home%20-%20Money%20Mentor%20Star&en=scroll&epn.percent_scrolled=90&_et=52
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YX9ZNSCVQ5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.moneymentorstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 22:32:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.moneymentorstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.moneymentorstar.com/	1970-01-20 16:49:21	Name: _ga_YX9ZNSCVQ5 Value: GS1.1.1667601143.1.0.1667601143.0.0.0
.moneymentorstar.com/	1970-01-20 16:34:57	Name: __gads Value: ID=03ae293b4796db41:T=1667601144:S=ALNI_MZ6bM0l1_Sk5z2nYoujDmB_J9YY1w
.moneymentorstar.com/	1970-01-20 16:34:57	Name: __gpi Value: UID=00000b7cac18ee76:T=1667601144:RT=1667601144:S=ALNI_MZW33MPTJdQNIWbLYlVlE82I45sSA
.moneymentorstar.com/	1970-01-20 16:49:21	Name: _ga Value: GA1.2.1239641628.1667601144
.moneymentorstar.com/	1970-01-20 07:14:47	Name: _gid Value: GA1.2.721100931.1667601144
.moneymentorstar.com/	1970-01-20 07:13:21	Name: _gat_gtag_UA_168829801_31 Value: 1
.doubleclick.net/	1970-01-20 16:49:21	Name: IDE Value: AHWqTUlug_FwhytFOGiDg0mzUMT0J7ZIzLS4o6442nbyw1QLBs4jE7SvRT8Dt-xITEQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.creativecirclecdn.com/usadnmoney/css/style.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

26d1acb2a3509ec2fea4ee0455b827d6.safeframe.usercontent.goog
adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.creativecirclecdn.com
connect.facebook.net
feeds.newsusa.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
netdna.bootstrapcdn.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.creativecirclecdn.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.moneymentorstar.com
zeta.creativecirclecdn.com
2606:4700:20::681a:6f8
2606:4700:3037::6815:357b
2606:4700::6812:acf
2606:4700::6812:bcf
2a00:1450:4001:800::200a
2a00:1450:4001:803::2002
2a00:1450:4001:806::2004
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::2008
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
65.61.154.4
075c91d7f87b12a781c754870fc9c3b7a82561e36ef1dcd09e3577d72abcd58e
0e6f0841e8b0c3e2c09d6dd7e465aa3d124f8a611fd049b4f4fac78cf0f3caf8
17ddbac0e7f87c7ef6dc87160220bfbb539a2b9829cf43ca9e0a829d9bfc39c8
17df15924dab6e844977b6a6b8eac39f2d0ff3f0fe88ace9bbad7599078700fb
1832fdece000d174c6c5aed0eafcb0fc216b75f01ba249436a13fd175c8e16ff
18df4e7d686b64fdac3070501aa687c300826b5893ac08ee7b28d81dee06abc7
24e0fb99c7996b2bc9baab348bf269c39e97142192a5a4f0d398925a55b3c00c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b6f599b667e3cfe406305f12e5a6766fc5a75741f3ec3a504a230c4bc3fcac9
2e1b355f350905a87f5b73b5a6938654ad8720e254ce31ac820f375e28cd5f6f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32325c74b460d3fd4bc7187596a925ea0a4b72f14319b1ef4a803b45d9425bfe
36371c90f60bd0f5d32e14ea32df74c0c7efdaf46726b4a4bc2bd39d83bea360
36d7be8b1ef11f1e3e829d2af445860ea6af2d9aba38af1a9b7445c8e8c9bd30
3756b2fc63ffdb1e962adce8c9ed963d7c85935f406aabac487e1c83ec027c0a
384f1f953e9036e640d45acaf35053fd48a8e8da3a76505a7910200ca0a6460b
39f747b9be76f0bfabea1d4db021ab5faa85174441339b96d9ae6d47a794a5b1
3bd2869416a0492b383c3391a0745074328ea29e8e0cf465c8c5afcb89783727
3c92f794c2a5cc38bd8cfb0ab055930574bec667902df7aa209fd39df6138f50
46333a45de3ed68fc707e17743380720c6aa77c1c08aa9bd2f2234a41b47e886
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4d3df960a046a826679e6668d9dedc98b6e5b95d4cec9183f5904f3888b9c58d
514905d43cdadec02385cede2ce942bb6548a23fd009e5a592fc2fea3bf69138
54872b363f73cdc05451b37ef040024019eaec60d0e30ce642d42de4ef764e92
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f17bd73bb7b3ac0a2d67c3f89a10dfae1b66cd6ffe63f8f129218e4c8d0893
5853930f879e360809868381e2e5ba7f5645c0c401669cef91edf4dfb18c3200
5e74c37089368229808c1a78130ffbe278256672248c5984180b2fe9e246a08a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65611fe7b8e55c117028dd2b5a62ab6d612b51b966995ef250ff08bc52c629a3
6786619f1116d06fa918cb3d30c6f8041dec1bd595487660d9f4fea4bd580201
680fe16895935cd493444acac9b6c3c6af9751e73d4d17510c352afa672392aa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75c93b1e44d501f23972e4a511b45535be4e0ec990c65b7b238a46d060468ca2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bd94e9730d602d96da50849615563aea5e6ef83890050d766a67d367255a766
7e8a3904796e3ff13e1e5902d715a56f8aa334b0d213bf6134af76ce7cb4cf12
83664764ca0c851e83f5b01dd7a8e70cdadf714634f1aa8464508edc76a81484
83ecbc2f5466b348b7e2ace0bdfd54b07931144dcc1a3c5db68436c658f432a5
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
89d12134fa125273f09323ac2ab450f07e339b21da25e7fcf44506a8481dca56
8cbeb2097c1750d584d29c851cfceb8d106f7e648293986825dda9b356263a98
8eb9bbcf1695906c52514c7952cd612a2a012846a0bb2ee336924cd74e2ce229
9125a6cbb670aab7baa97dacf2487bbcec183c32c212b6c916d2c4afa28c658b
98aab33b754a5b571199a135d5a2bf2e3130d4e49ecf1609647e8c953fa83b64
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
9c63d682d99081f5901822c05893ead9a9345081cb16146d7e409b04035ff43a
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
9d009b4e60bcbe333c154cd0a34655d7d7e6d63f8bc3eacfc7cd8ef8d9fe560a
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50456c7841de9ff5b81bcce9e514886435af3707ea92c10eeb9bceec5f33cdb
a507bd649799f1d199a08542f6db021101562fe8acc934c5251f2eb56e3efcaa
a9c11e9b4354eaa8152e04d2cd44bc2ae45bc265a4fb2696e90eaa9601347970
aff2d881a0fae2b89aa98ef96cc3ccb01b2cad587fbce9d02a7859275ebbb4b6
b1023b29b8987b05ba479104d23a395fb1a925c59f9e200ebc7446746a9fa2c5
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b29e99c39a61a0475e9db8d29f273141c56fed028feac57a76c5dd2168a0f596
b3be36ae39cad0330ed845759f9b9abc7fe817b63d7a6e00b990a7584c8212a2
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4fae9371b5a430f3c6c262874e9fb3fa1fcd11892dd181b6cfa843c554ac195
bc0dc5682c60eb80110fe318ddc26ea2236dcfe9865b1426c7dd46d684af4603
be4fd885c7fc21cff398dbc7ba89b0dda8438a10f5a1164030fc0b26f704bbb8
bebcb819e631e6414f8f945660382a94189fd007d2da54326921cefc01f75ee0
c641796add9eb203db3073f1133f8b376e16f7a274363e2df7d7c05018e607f4
c7b9f42c29219846c3fb9b318367db5def564f8a9d45b0818d3c0090197f181f
c85cb3d8ac9521f0a1abc85e6908146b5f78af13f647b720d850024076385f83
c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246
cae2412d77ba338d6702b98f37fd6c98f39d3a5290f7d61dc14dd4c19f72f8f9
cbc0395fd36aaa241f2e0e771c4a59fa932ffffd2820761f064074ac67d3ef1c
ce331bf5c6c5e330f399d37e697146dd66cbc23038c122adba0b3cd3b1fe2781
d5160dde2696bc642f9dc14d441105530ba3f288fcd755ca6462a95e270aa33a
d7bf3feae9b9f78ec4cabfd8ac67bacf68a357481d365adb37a3fa6f3f0db223
d81ab4d1f1476158ab21b3ec945ef1c7c447127f67088e42589f87882867eed4
de2d31cd7fedf6ab0e142282f19e2450f8113bfe4daf7ac87b09b8ccaadb1049
de3f8430d27e20b999df34d9e484841afac72ea4582ea08f749a3a82da3862f4
deb5d2bcc954cd9ddf8ff9a29a3ca67517a1a09866407aef9c577225b441a753
e090cef3c96ea12a1bc9ccd6b8778caadddb4a54b8db08da51fe1a2988eee4d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6253248325f81fc81209d181b5c6b07830c962f1d9b701e70d952e6c898d824
e7a785b581f1bd5be3a440406d3f9f10da3834762aaa4ca2e083065a1fba4c72
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23d40aceb51c61b6c325bdd6257d174502b0fbed88eec9a736353d99d5cb887
f44b6bb30be611a98e9b3235325cfd2ee82b5e93ee58ebd1d435fa1142a4686a
f514821cbfd6eab30b1cec67221669aacad8f1f0c7cf9322b2a7bc31687d5a77
fc75978c268ec98b02b721b8f24f8a2f901b1f61dcd7ab888f320ca24d8dbe4a
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
fd119ae5961d9942c32f38908145f808b4a779d04c268a9397ca1cd00b112046

www.moneymentorstar.com Open in urlscan Pro 65.61.154.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

102 Requests

92 %HTTPS

95 %IPv6

16 Domains

22 Subdomains

21 IPs

2 Countries

17909 kBTransfer

19296 kBSize

7 Cookies

1 Outgoing links

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.moneymentorstar.com Open in urlscan Pro
65.61.154.4 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

92 %
HTTPS

95 %
IPv6

16
Domains

22
Subdomains

21
IPs

2
Countries

17909 kB
Transfer

19296 kB
Size

7
Cookies

102 HTTP transactions
2 data transactions