campaign.staging.moneydolly.com Open in urlscan Pro
143.204.98.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://campaign.staging.moneydolly.com/
Submission: On June 03 via automatic, source certstream-suspicious (June 3rd 2024, 4:41:50 pm UTC) — Scanned from DE

Summary HTTP 46 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 10 domains to perform 46 HTTP transactions. The main IP is 143.204.98.3, located in United States and belongs to AMAZON-02, US. The main domain is campaign.staging.moneydolly.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on June 3rd 2024. Valid for: a year.

This is the only time campaign.staging.moneydolly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	143.204.98.3 143.204.98.3	16509 (AMAZON-02) (AMAZON-02)
1	18.66.102.116 18.66.102.116	16509 (AMAZON-02) (AMAZON-02)
4	100.24.217.50 100.24.217.50	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.66.102.79 18.66.102.79	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.74 13.224.189.74	16509 (AMAZON-02) (AMAZON-02)
2	18.245.46.10 18.245.46.10	16509 (AMAZON-02) (AMAZON-02)
1	54.87.164.124 54.87.164.124	14618 (AMAZON-AES) (AMAZON-AES)
46	15

18 143.204.98.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-3.fra50.r.cloudfront.net

campaign.staging.moneydolly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-116.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 100.24.217.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-217-50.compute-1.amazonaws.com

us.app.unleash-hosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-79.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-74.fra2.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.46.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-10.fra56.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.87.164.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-164-124.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	moneydolly.com campaign.staging.moneydolly.com	424 KB
5	gstatic.com fonts.gstatic.com	108 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 102	472 KB
4	unleash-hosted.com us.app.unleash-hosted.com — Cisco Umbrella Rank: 46692	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94 region1.google-analytics.com — Cisco Umbrella Rank: 1867	21 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 6325	291 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 4574 api-iam.intercom.io — Cisco Umbrella Rank: 4702	6 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	72 KB
2	stripe.com js.stripe.com — Cisco Umbrella Rank: 2487	148 KB
46	10

	Domain	Requested by
18	campaign.staging.moneydolly.com	campaign.staging.moneydolly.com
5	fonts.gstatic.com	campaign.staging.moneydolly.com
5	www.googletagmanager.com	campaign.staging.moneydolly.com www.googletagmanager.com www.google-analytics.com
4	us.app.unleash-hosted.com	campaign.staging.moneydolly.com
2	js.intercomcdn.com	widget.intercom.io
2	www.facebook.com	campaign.staging.moneydolly.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	js.stripe.com	campaign.staging.moneydolly.com js.stripe.com
1	api-iam.intercom.io	js.intercomcdn.com
1	widget.intercom.io	campaign.staging.moneydolly.com
1	region1.google-analytics.com	www.googletagmanager.com
46	12

This site contains no links.

Subject Issuer	Validity	Valid
campaign.staging.moneydolly.com Amazon RSA 2048 M03	`2024-06-03` - `2025-07-02`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-05-22` - `2024-08-22`	3 months	crt.sh
*.app.unleash-hosted.com Amazon RSA 2048 M03	`2024-03-30` - `2025-04-27`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-12` - `2024-06-10`	3 months	crt.sh
*.intercom.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-11`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M02	`2023-12-01` - `2024-12-29`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://campaign.staging.moneydolly.com/
Frame ID: E51C7883B42927431D78CEA77457BED0
Requests: 41 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 26CA5BC46CC9BB50F5569592CD64E114
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.535d6e8b.js
Frame ID: 376EA609C9EA3A831E0F4A52D6468FC7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - MoneyDolly

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

46
Requests

98 %
HTTPS

43 %
IPv6

10
Domains

12
Subdomains

15
IPs

2
Countries

1548 kB
Transfer

4783 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
campaign.staging.moneydolly.com/ 32 KB
3 KB 601ms
495ms Document
text/html 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.staging.moneydolly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08667d38f39695f8e493c3a5492956fc525b0fbf08b671e00100e3c1163161d9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 03 Jun 2024 16:41:42 GMT
etag: W/"1301c4d3181ac8fddfbae79d082f4d2b"
last-modified: Mon, 03 Jun 2024 16:39:27 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: op-4yCCY-cgcr9evpHzy_nXMNlkaFlTjCjilrAWgO4GVzQ5M9qQTdQ==
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: CPqtg7xi7YefWtZFUpEvXpO8sm3PMV6.
x-cache: Miss from cloudfront

GET
H2 200 0dd0da71ad080779.css
campaign.staging.moneydolly.com/_next/static/css/ 67 KB
13 KB 514ms
514ms Stylesheet
text/css 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.staging.moneydolly.com/_next/static/css/0dd0da71ad080779.css
Requested by: Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a56546d35c6db00d1e01fdef2c643ced9ef9e21b7a55bd169e0c635db8901e4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:43 GMT
x-amz-version-id: hEj.7CGLtIM5mteb0dpD2jMXIVdr3hYl
content-encoding: gzip
last-modified: Mon, 03 Jun 2024 16:39:27 GMT
server: AmazonS3
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"a0d8149de0265d985214437240fedd1a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: GnMYJI-vWMN93bVrHCtcz2iXngphnE-qoG85A2PvpBlk6WS1wiZKNQ==

GET
H2 200 aad6d37496b4c2d7.css
campaign.staging.moneydolly.com/_next/static/css/ 21 KB
3 KB 513ms
512ms Stylesheet
text/css 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.staging.moneydolly.com/_next/static/css/aad6d37496b4c2d7.css
Requested by: Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 718e90c8c781e8df62ea19f2a2df264e72d57793dc9c9a945635738fd989af73

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:43 GMT
x-amz-version-id: O23ZrgTlK2W9W4tp97yjVKCREUTQ3gWU
content-encoding: gzip
last-modified: Mon, 03 Jun 2024 16:39:27 GMT
server: AmazonS3
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"cbab8bceddaed44708ce4560418e1305"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: XvwlmeZgfY53n80D_ghC0gT56waKFPNQEAH_gxzWB9R1mB7K6EDbaA==

GET
H2 200 webpack-2b07276cf1147baf.js Show response
campaign.staging.moneydolly.com/_next/static/chunks/ 4 KB
2 KB 493ms
491ms Script
text/javascript 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.staging.moneydolly.com/_next/static/chunks/webpack-2b07276cf1147baf.js
Requested by: Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b006c39ab409b5a5ff484f9a9d8810f3bb992e8d8717d9bdf978767f7048d4b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:43 GMT
x-amz-version-id: Z2WLrXwjKEWjmTLAugmhMJi2HaB7a7ph
content-encoding: gzip
last-modified: Mon, 03 Jun 2024 16:39:27 GMT
server: AmazonS3
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"9b093d57d9d776214618e39c1cbdcb36"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
x-amz-cf-id: co0x5VRb3uQN5-pdlQXAWNyescKnVzHOljRv25EHFlfiDKTxDlt9FQ==

GET
H2 200 framework-63157d71ad419e09.js Show response
campaign.staging.moneydolly.com/_next/static/chunks/ 138 KB
45 KB 538ms
536ms Script
text/javascript 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.staging.moneydolly.com/_next/static/chunks/framework-63157d71ad419e09.js
Requested by: Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a67c791841e3e122c4961cbe8bac2ffbf8ccac274d6475ac4bf8597eede4379

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:43 GMT
x-amz-version-id: ig4nGrQaVa9IowbN3W1_6owzbzQuPLz8
content-encoding: gzip
last-modified: Mon, 03 Jun 2024 16:39:27 GMT
server: AmazonS3
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"fb527e07c24685aa3fb6938c6c4ca068"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
x-amz-cf-id: kM8HDmVYI1p5EUiPf681zxSgISeLjf9ePxJaxckL8l63SI207pRkpw==

GET
H2 200 main-58d583e423bad2b8.js Show response
campaign.staging.moneydolly.com/_next/static/chunks/ 100 KB
29 KB 523ms
522ms Script
text/javascript 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.staging.moneydolly.com/_next/static/chunks/main-58d583e423bad2b8.js
Requested by: Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24280a43ba200b22e55fc6ff4b16a7ae4412550210d96053a08f3c080622b4d1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:43 GMT
x-amz-version-id: mQHOpuP5Qpkcqr6TvYXn1FDbX59AvrgZ
content-encoding: gzip
last-modified: Mon, 03 Jun 2024 16:39:27 GMT
server: AmazonS3
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"976173dd83bdaca405b154a379cd26e4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
x-amz-cf-id: x_DCZMi5D5kKjP4Mb-yKz6R31i9kpMJjsfiDkpBSAJFf3mQNQ7jmUQ==

GET
H2 200 _app-56ece17c29edabb5.js Show response
campaign.staging.moneydolly.com/_next/static/chunks/pages/ 113 KB
37 KB 501ms
499ms Script
text/javascript 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.staging.moneydolly.com/_next/static/chunks/pages/_app-56ece17c29edabb5.js
Requested by: Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a0b133a8e96ac81c39a335c4f77f4f6d4af6aa1d113181f82c988c1e06edf2c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:43 GMT
x-amz-version-id: DeRZbPXrzhguFas6gljTUxKUc2Tv9Tjh
content-encoding: gzip
last-modified: Mon, 03 Jun 2024 16:39:27 GMT
server: AmazonS3
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"ef32271f1062db15b25ba1ae1dd704a1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
x-amz-cf-id: Pn4L8icFPd9RS5ZwQVYjLAcMm6-OZvUV5wdqT3ltK_R_uRwjy8dKQg==

GET
H2 200 ea88be26-b21151d5035ec7c2.js Show response
campaign.staging.moneydolly.com/_next/static/chunks/ 299 KB
77 KB 540ms
538ms Script
text/javascript 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.staging.moneydolly.com/_next/static/chunks/ea88be26-b21151d5035ec7c2.js
Requested by: Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c6240b782cea091fb1bea744ce15b13501b5f1750721a892a3c4d74cd5be0db

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:43 GMT
x-amz-version-id: avI7WMjQb4OzuoAV5VPjy3fN1mGFFFTW
content-encoding: gzip
last-modified: Mon, 03 Jun 2024 16:39:27 GMT
server: AmazonS3
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"f78ee5c1040e0f9ff9d13b8aaff3c63d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
x-amz-cf-id: Ifv2KVWxsalK6MoV6vVAHl3FW9eQMarDQ-dPleLzOGkoqNOGqa-eQg==

GET
H2 200 975-dcfadc4ac368f4a9.js Show response
campaign.staging.moneydolly.com/_next/static/chunks/ 164 KB
50 KB 517ms
515ms Script
text/javascript 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.staging.moneydolly.com/_next/static/chunks/975-dcfadc4ac368f4a9.js
Requested by: Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1794e5901f642d09807cd3a25a741da919e0aa6aecbef9e9797d8d1ac27298d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:43 GMT
x-amz-version-id: QFxvXKsBpWhuB4JwACb9vTaZS.Vhm9AT
content-encoding: gzip
last-modified: Mon, 03 Jun 2024 16:39:27 GMT
server: AmazonS3
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"351dfcfcc34d5ad71f2f167465bf4466"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
x-amz-cf-id: gJuqZrHqgd15YGSsQQ8QnbzzoC6eVP1rQdT6drbL2OIKVts4zzV_Fg==

GET
H2 200 931-4ec802022bccd0d6.js Show response
campaign.staging.moneydolly.com/_next/static/chunks/ 106 KB
23 KB 511ms
510ms Script
text/javascript 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.staging.moneydolly.com/_next/static/chunks/931-4ec802022bccd0d6.js
Requested by: Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7232420202eba128c469bcf0886f06fd235b9d31b577027e34e312d142bd706f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:43 GMT
x-amz-version-id: jSK.XJEGaRsa9Kpff5UUm_mzUl2R8pQ2
content-encoding: gzip
last-modified: Mon, 03 Jun 2024 16:39:27 GMT
server: AmazonS3
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"83d0fce6a426bba9a63b20c6aff4df4e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
x-amz-cf-id: 1hD5NTrmkfaEm_c8T1Y8tVOd3JwUrjFwtpFDnuDYcnt5iGxOWS77Tg==

GET
H2 200 index-17896933861e9d16.js Show response
campaign.staging.moneydolly.com/_next/static/chunks/pages/ 1 KB
1013 B 501ms
500ms Script
text/javascript 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.staging.moneydolly.com/_next/static/chunks/pages/index-17896933861e9d16.js
Requested by: Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe0a12d3e2961b871cfec745c94f1311ab0b350c33bb195ca311aa02d63c3bff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:43 GMT
x-amz-version-id: pG9a.zd5pWISrkfLnuo_Q5VP4JHfL3Gb
content-encoding: gzip
last-modified: Mon, 03 Jun 2024 16:39:27 GMT
server: AmazonS3
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"50932d1f69477f33c991f615c67f2dd4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
x-amz-cf-id: Hxwv4Xdp4qqnPm_tsEnLAoI8cthugSPy97C5oWWnJdtmUrAuh9iE8A==

GET
H2 200 _buildManifest.js Show response
campaign.staging.moneydolly.com/_next/static/kKt-uhnfROqs9G9M5mVuW/ 707 B
1 KB 502ms
501ms Script
text/javascript 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.staging.moneydolly.com/_next/static/kKt-uhnfROqs9G9M5mVuW/_buildManifest.js
Requested by: Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40ad904a58aa258f55478d61d620aca3bf16cc973107214f9322a10ae509adfa

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:43 GMT
x-amz-version-id: cm1CuuBKK3C2P25YonmiXp8cXuxxJm1G
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jun 2024 16:39:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "7799c3924e616bab7649898e4635612f"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 707
x-amz-cf-id: C_8aO__uEkUudva-2Gk45H8XRLrNCc5ldhnA0A0KuAhNGYlbaUvxIA==

GET
H2 200 _ssgManifest.js Show response
campaign.staging.moneydolly.com/_next/static/kKt-uhnfROqs9G9M5mVuW/ 77 B
467 B 498ms
497ms Script
text/javascript 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.staging.moneydolly.com/_next/static/kKt-uhnfROqs9G9M5mVuW/_ssgManifest.js
Requested by: Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:43 GMT
x-amz-version-id: ks9FUWNeCzrRMqolzrjGRpl2t8eN1NwY
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jun 2024 16:39:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "b6652df95db52feb4daf4eca35380933"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 77
x-amz-cf-id: hmC3I9lB0eEglX7lXkadeAn8pYcICNPzyYgSExZGUrhU_Ij1t9X9PQ==

GET
H2 200 v3 Show response
js.stripe.com/ 606 KB
148 KB 153ms
50ms Script
text/javascript 18.66.102.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/_next/static/chunks/975-dcfadc4ac368f4a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-116.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

82dd90922f348e8a948008c0bab8396c567366b2f283cf493d205fd5a53f5793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:43 GMT
content-encoding: br
via: 1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 37
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 31 May 2024 20:47:50 GMT
server: Cloudfront
etag: W/"71bbfd938024c0d609c09d8d2514ad8c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 5RWNB2eDs1ipjk7M30kTdEYZrGLDVXjhKQW2n1sExEhkbVqj6JBbOg==

OPTIONS
H/1.1 204
No Content frontend
us.app.unleash-hosted.com/ushh0008/api/ Frame 0
0 989ms
741ms Preflight 100.24.217.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://us.app.unleash-hosted.com/ushh0008/api/frontend?sessionId=344564539&appName=leaderPortal&environment=default
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 100.24.217.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-217-50.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://campaign.staging.moneydolly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Access-Control-Max-Age: 86400
Date: Mon, 03 Jun 2024 16:41:43 GMT
Vary: Origin, Access-Control-Request-Headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
81 KB 177ms
70ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10958439970

Requested by

Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/_next/static/chunks/main-58d583e423bad2b8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6abe9999728efb5f2f7ac3b47f43e268b34c26897055848eba050475f04c4ba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82793
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 16:10:38 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Jun 2024 16:41:43 GMT

GET
H2 200 f0f668f8.b58096acf41fcf2a.js Show response
campaign.staging.moneydolly.com/_next/static/chunks/ 266 KB
68 KB 544ms
543ms Script
text/javascript 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.staging.moneydolly.com/_next/static/chunks/f0f668f8.b58096acf41fcf2a.js
Requested by: Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/_next/static/chunks/webpack-2b07276cf1147baf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 080029b6f1a96a32bc7a70b4ef2fc8f505479dddb8300f3abf433a67a46abf8c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:44 GMT
x-amz-version-id: 5Ux5XTWwRPZ8LkjIEt2CiaDhx_VJYiFn
content-encoding: gzip
last-modified: Mon, 03 Jun 2024 16:39:27 GMT
server: AmazonS3
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"cb0a5b4fe6b6886a9a09a1057aa80572"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
x-amz-cf-id: NX16JB1VbqX8e-LakjqKLXMPvur2JjO--vWw_pSmHkahrge5WpGghg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 289 KB
99 KB 206ms
111ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T87QL38&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

55d2b2d3b128f4e17e721c1156d8bfa1c40264353a7e500dbd549f241636f289

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101713
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 16:10:38 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Jun 2024 16:41:43 GMT

GET
H/1.1 200
OK frontend Show response
us.app.unleash-hosted.com/ushh0008/api/ 2 KB
946 B 119ms
119ms Fetch
application/json 100.24.217.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us.app.unleash-hosted.com/ushh0008/api/frontend?sessionId=344564539&appName=leaderPortal&environment=default

Requested by

Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/_next/static/chunks/pages/_app-56ece17c29edabb5.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

100.24.217.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-24-217-50.compute-1.amazonaws.com

Software

Resource Hash

f4c510590af29a5cc5ed07431aafb6bafe3f77f8aa4aa5540f4ce6b9142b324d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: []:development.c7c32f855e8afcf0783932003c7da84bb5c4513be300fec14da1f8dc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: application/json
Referer: https://campaign.staging.moneydolly.com/
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: frame-ancestors 'none'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Mon, 03 Jun 2024 16:41:44 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Transfer-Encoding: chunked
Referrer-Policy: no-referrer
Etag: W/"828-Wkh++lK+Cb4HqIzU5Tg15qGRhnM"
X-Download-Options: noopen
Vary: Origin, Accept-Encoding
X-Frame-Options: DENY
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Cache-Control: no-cache
Access-Control-Allow-Credentials: true

GET
H2 200 login-109bcf53dfe00d74.js Show response
campaign.staging.moneydolly.com/_next/static/chunks/pages/ 654 B
1 KB 540ms
539ms Script
text/javascript 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.staging.moneydolly.com/_next/static/chunks/pages/login-109bcf53dfe00d74.js
Requested by: Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/_next/static/chunks/main-58d583e423bad2b8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d9c825299acfbbb77d823352bbd0e890b6a58d82cfd50a2cf99c8f11a6134df

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:44 GMT
x-amz-version-id: npzWgZue4ZuhZC_ISmvl5FcG7WaNiDhv
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jun 2024 16:39:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "db4b6ffb3b3abc5cba27290d0350b5c1"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 654
x-amz-cf-id: Uw-sv7r3gDxMHnZCjErM4hMMRthqqQ8dlzA8mv8_dPVaTuQ401gEeA==

GET
H2 200 aad6d37496b4c2d7.css Show response
campaign.staging.moneydolly.com/_next/static/css/ 21 KB
0 0ms
0ms Fetch
text/css 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.staging.moneydolly.com/_next/static/css/aad6d37496b4c2d7.css
Requested by: Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/_next/static/chunks/main-58d583e423bad2b8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3332442d6ef368fa612ba95ee7bc63d2563d7f54247e5ed70505811896e4c936

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:43 GMT
x-amz-version-id: O23ZrgTlK2W9W4tp97yjVKCREUTQ3gWU
content-encoding: gzip
last-modified: Mon, 03 Jun 2024 16:39:27 GMT
server: AmazonS3
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"cbab8bceddaed44708ce4560418e1305"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: XvwlmeZgfY53n80D_ghC0gT56waKFPNQEAH_gxzWB9R1mB7K6EDbaA==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 130ms
40ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Origin: https://campaign.staging.moneydolly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 20:45:46 GMT
x-content-type-options: nosniff
age: 244557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 May 2025 20:45:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 314 KB
104 KB 260ms
259ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9TCEMLCKZ5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T87QL38&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1110458ff08476a618d0b00ebf2210b23263781813d2d1d66c7f84d27524c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106757
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 03 Jun 2024 16:41:43 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 223 KB
81 KB 253ms
253ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-414325324&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T87QL38&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fca98b4f71a97995bacbe4c60271d14754aa454fa4ec3384fc848444b9c1cce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82728
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 16:10:38 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Jun 2024 16:41:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 326ms
41ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T87QL38&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Jun 2024 15:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3640
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 03 Jun 2024 17:41:03 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 322ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T87QL38&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 03 Jun 2024 16:41:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2799, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: T9dWYTRBj6XGldDaLoXlA1B+XN/mrwdY5KizzmuXATmML6UNE5oZdX7p9HFncWqwz3KIYmLBSjeQmK7utYM5hQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 64ms
63ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Origin: https://campaign.staging.moneydolly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 12:18:20 GMT
x-content-type-options: nosniff
age: 534203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11072
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 May 2025 12:18:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3251f4935896ec37ada153d20d0109828ad08523127f136415355b3fca2dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Origin: https://campaign.staging.moneydolly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 17:51:48 GMT
x-content-type-options: nosniff
age: 254995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11160
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 May 2025 17:51:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 49ms
49ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Origin: https://campaign.staging.moneydolly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 21:33:56 GMT
x-content-type-options: nosniff
age: 155267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11040
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Jun 2025 21:33:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlvAA.woff
fonts.gstatic.com/s/roboto/v30/ 64 KB
64 KB 67ms
66ms Font
font/woff 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlvAA.woff

Requested by

Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b588388326a9d3d30442904afd354fbb2f1feeb88ffca342e1c2f0391a692910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Origin: https://campaign.staging.moneydolly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 14:41:38 GMT
x-content-type-options: nosniff
age: 352805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65556
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 May 2025 14:41:38 GMT

GET
H2 200 moneydolly.3f029fd3.png
campaign.staging.moneydolly.com/_next/static/media/ 55 KB
55 KB 515ms
511ms Image
image/png 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://campaign.staging.moneydolly.com/_next/static/media/moneydolly.3f029fd3.png
Requested by: Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 07d1e8b19b0a435adbb3836d81e6b2a74c0d133e4dd5979bd69e9bcdbdd74a62

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:45 GMT
x-amz-version-id: .q2WS_lAnhdZAbNZV3SnbXIzfQvyFzIP
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jun 2024 16:39:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "525843489f2ab9f94e853c724613032b"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 55902
x-amz-cf-id: svXEXK7UslXufFw2_L6KfeMIz3KfZ3AAsOXcXZSqs52oSs1q7_D7Tg==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
265 B 142ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-9TCEMLCKZ5&gtm=45je45t0v884377325z8840746807za200zb840746807&_p=1717432903023&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=313430649.1717432904&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1717432903&sct=1&seg=0&dl=https%3A%2F%2Fcampaign.staging.moneydolly.com%2Flogin&dt=Login%20-%20MoneyDolly&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2486
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9TCEMLCKZ5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 03 Jun 2024 16:41:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://campaign.staging.moneydolly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
232 B 51ms
50ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1721693728&t=pageview&_s=1&dl=https%3A%2F%2Fcampaign.staging.moneydolly.com%2Flogin&ul=de-de&de=UTF-8&dt=Login%20-%20MoneyDolly&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1783774161&gjid=239131653&cid=313430649.1717432904&tid=UA-192922999-1&_gid=1853887199.1717432904&_r=1&_slc=1&gtm=45He45t0n81T87QL38v840746807za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1449617686

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

48e6aa59dd5c331cee24bda04f21427738bdb53336c07c90f756c7fc6dc34257

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Jun 2024 16:41:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://campaign.staging.moneydolly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 276135137346869 Show response
connect.facebook.net/signals/config/ 66 KB
14 KB 111ms
110ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/276135137346869?v=2.9.156&r=stable&domain=campaign.staging.moneydolly.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c0f2b734e26dee261833fc8d3c8695a81b9ab993d5e1ec07bd7aac98e63ebfe4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 03 Jun 2024 16:41:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=65, mss=1297, tbw=63401, tp=-1, tpl=-1, uplat=70, ullat=0
pragma: public
x-fb-debug: i93c23TMsQK5zsxFl5mtdwFOd4G8PeqOfj5CDrIhZ//FS/SLEAn9RL3ccGKK8xazRNgKEyj1iVPyeCCmD43sow==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 318 KB
106 KB 69ms
68ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9TCEMLCKZ5&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

032622a55a9672e08eb3ca51bf3c2a6f3f6a7b26fbffcdcc9027f4ce553694d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108685
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 03 Jun 2024 16:41:43 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 145ms
41ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=276135137346869&ev=PageView&dl=https%3A%2F%2Fcampaign.staging.moneydolly.com%2Flogin&rl=&if=false&ts=1717432903985&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1717432903982.1414175852&cs_est=true&ler=empty&cdl=API_unavailable&it=1717432903824&coo=false&tm=1&rqm=GET

Requested by

Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1297, tbw=2826, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Jun 2024 16:41:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 294ms
191ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=276135137346869&ev=PageView&dl=https%3A%2F%2Fcampaign.staging.moneydolly.com%2Flogin&rl=&if=false&ts=1717432903985&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1717432903982.1414175852&cs_est=true&ler=empty&cdl=API_unavailable&it=1717432903824&coo=false&tm=1&rqm=FGET

Requested by

Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xcd36601d598aa2d6","source_keys":["1","2"]},{"key_piece":"0x6b71a2717b6c43b5","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 03 Jun 2024 16:41:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=14, mss=1297, tbw=3144, tp=-1, tpl=-1, uplat=148, ullat=0
pragma: no-cache
x-fb-debug: W+pT+uxyplZatScLm3mSdIkhvxLmr0VDvt4lWQ06lWWRuLih7CygzvHOj/ohvfA6rSnLdbs29IVenrAGdKOATA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 26CA 0
0 143ms
39ms Document
text/html 18.66.102.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-79.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://campaign.staging.moneydolly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3489
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 03 Jun 2024 15:43:36 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Thu, 30 May 2024 20:04:59 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-id: NeG3BM77ZEhABiS80EJJ3lCC9Yd6Wisa5KNJZLEIv73X2Q_ys75bmA==
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 ouimrxjf Show response
widget.intercom.io/widget/ 7 KB
3 KB 576ms
463ms Script
application/javascript 13.224.189.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/ouimrxjf
Requested by: Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/_next/static/chunks/pages/_app-56ece17c29edabb5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-74.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 818b15814b8ba5895a1e882ae38a245fa6509ee47d6efff9b185a0d3cf8620ef

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: FbhP3oeQl9B308GrjsB9RMYa56l0YYoN
content-encoding: gzip
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
date: Mon, 03 Jun 2024 16:39:41 GMT
x-amz-cf-pop: FRA2-C1
age: 123
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2670
last-modified: Fri, 31 May 2024 11:01:57 GMT
server: AmazonS3
etag: "b3a428ce25dfe6e42afbb44419b37fed"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, s-maxage=300, public
accept-ranges: bytes
x-amz-cf-id: H1suSwIPJdDutlP9Bvd8whTroqIaDF59qx-q1fpZ_9WbRH5O15jQEg==

GET
H2 200 frame-modern.535d6e8b.js Show response
js.intercomcdn.com/ Frame 376E 460 KB
138 KB 164ms
46ms Script
application/javascript 18.245.46.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.535d6e8b.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ouimrxjf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-10.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bb47f19613d341d00d0f3379cf0f89f3e04462ea0265ae21fba2f1aae55176fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 6660Cqdc6azqBi_zf_1_MlpSi5MvW6q2
content-encoding: gzip
via: 1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
date: Mon, 03 Jun 2024 15:01:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
age: 5987
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 140947
last-modified: Fri, 31 May 2024 10:58:39 GMT
server: AmazonS3
etag: "c2610c2cf1b9cabb0631343d576ea046"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: WMGWwmb7akd3HdGPR9I-VELYsywmJcUPrPWAJ1lIo9QfDO5tUfUmeA==

GET
H2 200 vendor-modern.1a13b382.js Show response
js.intercomcdn.com/ Frame 376E 492 KB
153 KB 319ms
204ms Script
application/javascript 18.245.46.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.1a13b382.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ouimrxjf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-10.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0994a3d3661344684acec971fc82154a4605c4b2bbd4a95a6c065140dff7811f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 7TzMVquNufeLPqAioEI3AnR_4COuk_VE
content-encoding: gzip
via: 1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
date: Mon, 03 Jun 2024 15:47:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
age: 3234
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 155543
last-modified: Wed, 29 May 2024 17:03:40 GMT
server: AmazonS3
etag: "82b135e7f918556124285c160cf4be1e"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: lefiJ63rpAjW9IWMKdJeYZm8m-pEHO_tyr6c0Q8Sb2HwFHwJUu-7-Q==

POST
H/1.1 200
OK metrics Show response
us.app.unleash-hosted.com/ushh0008/api/frontend/client/ 2 B
675 B 134ms
134ms Fetch
text/plain 100.24.217.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us.app.unleash-hosted.com/ushh0008/api/frontend/client/metrics

Requested by

Host: campaign.staging.moneydolly.com
URL: https://campaign.staging.moneydolly.com/_next/static/chunks/pages/_app-56ece17c29edabb5.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

100.24.217.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-24-217-50.compute-1.amazonaws.com

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: []:development.c7c32f855e8afcf0783932003c7da84bb5c4513be300fec14da1f8dc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://campaign.staging.moneydolly.com/
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: frame-ancestors 'none'
Date: Mon, 03 Jun 2024 16:41:45 GMT
X-Content-Type-Options: nosniff
Ratelimit-Reset: 60
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Ratelimit-Limit: 1000
Content-Length: 2
Referrer-Policy: no-referrer
Ratelimit-Policy: 1000;w=60
Etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
X-Download-Options: noopen
Vary: Origin, Accept-Encoding
X-Frame-Options: DENY
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Access-Control-Allow-Credentials: true
Ratelimit-Remaining: 999

OPTIONS
H/1.1 204
No Content metrics
us.app.unleash-hosted.com/ushh0008/api/frontend/client/ Frame 0
0 122ms
122ms Preflight 100.24.217.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://us.app.unleash-hosted.com/ushh0008/api/frontend/client/metrics
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 100.24.217.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-217-50.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://campaign.staging.moneydolly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Access-Control-Max-Age: 86400
Date: Mon, 03 Jun 2024 16:41:45 GMT
Vary: Origin, Access-Control-Request-Headers

GET
H2 200 favicon.ico
campaign.staging.moneydolly.com/images/ 15 KB
15 KB 501ms
496ms Other
image/vnd.microsoft.icon 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.staging.moneydolly.com/images/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ae6d695d481cbdc8be7038df4ad106825eee012aabc9aaabe49dd1c34af2f9c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://campaign.staging.moneydolly.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 16:41:46 GMT
x-amz-version-id: HbEu_dS0o1iVFuKImmKb0UZUt3dvdcu9
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jun 2024 16:39:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "c5708a75c2c12bb02a3c8c4e6d9b566f"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
content-length: 15406
x-amz-cf-id: 2QOGZx2F3usDmolMo9yUl8zcM70Xj6z-2-TueNgvBqK9NsnLLDltUw==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 376E 5 KB
2 KB 746ms
457ms XHR
application/json 54.87.164.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.535d6e8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.87.164.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-164-124.compute-1.amazonaws.com

Software

nginx /

Resource Hash

afe3b264b31ac05199aaf3505e56fa98b73a25fc63c849d69a20d11bcc11d0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 03 Jun 2024 16:41:46 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-09a36a6c62f211f17
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0037ad8pbn4qg8kc0s30
x-runtime: 0.335528
server: nginx
etag: W/"afe3b264b31ac05199aaf3505e56fa98"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://campaign.staging.moneydolly.com
x-intercom-version: 9358e8bb44eae1df5cf632fd571efa94ce1f678e
access-control-expose-headers: x-request-id
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

POST collect
region1.google-analytics.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-9TCEMLCKZ5&gtm=45je45t0v884377325za200zb840746807&_p=1717432903023&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=313430649.1717432904&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&_s=2&sid=1717432903&sct=1&seg=0&dl=https%3A%2F%2Fcampaign.staging.moneydolly.com%2Flogin&dt=Login%20-%20MoneyDolly&en=scroll&epn.percent_scrolled=90&_et=17&tfd=7508

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.moneydolly.com/	1970-01-20 23:13:28	Name: _gcl_au Value: 1.1.1360763127.1717432903
.moneydolly.com/	1970-01-21 06:39:52	Name: _ga_9TCEMLCKZ5 Value: GS1.1.1717432903.1.0.1717432903.0.0.0
.moneydolly.com/	1970-01-21 06:39:52	Name: _ga Value: GA1.2.313430649.1717432904
.moneydolly.com/	1970-01-20 21:05:19	Name: _gid Value: GA1.2.1853887199.1717432904
.moneydolly.com/	1970-01-20 21:03:52	Name: _gat_UA-192922999-1 Value: 1
.moneydolly.com/	1970-01-20 23:13:28	Name: _fbp Value: fb.1.1717432903982.1414175852
m.stripe.com/	1970-01-21 06:39:52	Name: m Value: 92302e70-50c6-427d-9689-8e1798ac3e1139835e
.campaign.staging.moneydolly.com/	1970-01-21 05:49:28	Name: __stripe_mid Value: 86b76a2d-8349-4671-89f4-ff737464f76b5ca05d
.campaign.staging.moneydolly.com/	1970-01-20 21:03:54	Name: __stripe_sid Value: 46679441-70c3-4ab9-9bfd-8eb51833d03137edfe
.moneydolly.com/	1970-01-21 03:32:42	Name: intercom-id-ouimrxjf Value: 2655a076-4da5-4527-84b6-af58eeee23a6
.moneydolly.com/	1970-01-20 21:13:57	Name: intercom-session-ouimrxjf Value:
.moneydolly.com/	1970-01-21 03:32:42	Name: intercom-device-id-ouimrxjf Value: a4dc27cb-e43e-4e31-b43b-ba03b03ea5f5

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://campaign.staging.moneydolly.com/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://campaign.staging.moneydolly.com/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://campaign.staging.moneydolly.com/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
campaign.staging.moneydolly.com
connect.facebook.net
fonts.gstatic.com
js.intercomcdn.com
js.stripe.com
region1.google-analytics.com
us.app.unleash-hosted.com
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
region1.google-analytics.com
100.24.217.50
13.224.189.74
142.250.185.104
143.204.98.3
18.245.46.10
18.66.102.116
18.66.102.79
2001:4860:4802:32::36
2001:4860:4802:38::178
2a00:1450:4001:80f::2008
2a00:1450:4001:82f::2003
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
54.87.164.124
032622a55a9672e08eb3ca51bf3c2a6f3f6a7b26fbffcdcc9027f4ce553694d6
07d1e8b19b0a435adbb3836d81e6b2a74c0d133e4dd5979bd69e9bcdbdd74a62
080029b6f1a96a32bc7a70b4ef2fc8f505479dddb8300f3abf433a67a46abf8c
08667d38f39695f8e493c3a5492956fc525b0fbf08b671e00100e3c1163161d9
0994a3d3661344684acec971fc82154a4605c4b2bbd4a95a6c065140dff7811f
0d9c825299acfbbb77d823352bbd0e890b6a58d82cfd50a2cf99c8f11a6134df
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
24280a43ba200b22e55fc6ff4b16a7ae4412550210d96053a08f3c080622b4d1
3332442d6ef368fa612ba95ee7bc63d2563d7f54247e5ed70505811896e4c936
40ad904a58aa258f55478d61d620aca3bf16cc973107214f9322a10ae509adfa
48e6aa59dd5c331cee24bda04f21427738bdb53336c07c90f756c7fc6dc34257
4a0b133a8e96ac81c39a335c4f77f4f6d4af6aa1d113181f82c988c1e06edf2c
4ae6d695d481cbdc8be7038df4ad106825eee012aabc9aaabe49dd1c34af2f9c
55d2b2d3b128f4e17e721c1156d8bfa1c40264353a7e500dbd549f241636f289
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6abe9999728efb5f2f7ac3b47f43e268b34c26897055848eba050475f04c4ba1
6c6240b782cea091fb1bea744ce15b13501b5f1750721a892a3c4d74cd5be0db
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
718e90c8c781e8df62ea19f2a2df264e72d57793dc9c9a945635738fd989af73
7232420202eba128c469bcf0886f06fd235b9d31b577027e34e312d142bd706f
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
818b15814b8ba5895a1e882ae38a245fa6509ee47d6efff9b185a0d3cf8620ef
82dd90922f348e8a948008c0bab8396c567366b2f283cf493d205fd5a53f5793
8b006c39ab409b5a5ff484f9a9d8810f3bb992e8d8717d9bdf978767f7048d4b
8d3251f4935896ec37ada153d20d0109828ad08523127f136415355b3fca2dcf
9a56546d35c6db00d1e01fdef2c643ced9ef9e21b7a55bd169e0c635db8901e4
9a67c791841e3e122c4961cbe8bac2ffbf8ccac274d6475ac4bf8597eede4379
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
afe3b264b31ac05199aaf3505e56fa98b73a25fc63c849d69a20d11bcc11d0af
b1110458ff08476a618d0b00ebf2210b23263781813d2d1d66c7f84d27524c42
b588388326a9d3d30442904afd354fbb2f1feeb88ffca342e1c2f0391a692910
bb47f19613d341d00d0f3379cf0f89f3e04462ea0265ae21fba2f1aae55176fa
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
c0f2b734e26dee261833fc8d3c8695a81b9ab993d5e1ec07bd7aac98e63ebfe4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1794e5901f642d09807cd3a25a741da919e0aa6aecbef9e9797d8d1ac27298d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4c510590af29a5cc5ed07431aafb6bafe3f77f8aa4aa5540f4ce6b9142b324d
fca98b4f71a97995bacbe4c60271d14754aa454fa4ec3384fc848444b9c1cce8
fe0a12d3e2961b871cfec745c94f1311ab0b350c33bb195ca311aa02d63c3bff

campaign.staging.moneydolly.com Open in urlscan Pro 143.204.98.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

46 Requests

98 %HTTPS

43 %IPv6

10 Domains

12 Subdomains

15 IPs

2 Countries

1548 kBTransfer

4783 kBSize

12 Cookies

0 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

campaign.staging.moneydolly.com Open in urlscan Pro
143.204.98.3 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

98 %
HTTPS

43 %
IPv6

10
Domains

12
Subdomains

15
IPs

2
Countries

1548 kB
Transfer

4783 kB
Size

12
Cookies

46 HTTP transactions
1 data transactions